1 to 25 of 29 SOC 2 Jobs in the South East

a bridge between Security, Engineering, and Product teams to align on secure architecture and SDLC practices. Participate in incident response, forensic analysis, and post-incident remediation. Support compliance initiatives (SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR) through technical guidance and documentation. Define and track KPIs to measure and improve security maturity across the organization. Required Qualifications 5+ … security practices. Hands-on experience with DevSecOps tools (GitHub Actions, Jenkins, GitLab CI, Terraform, etc.). Compliance & Governance Working knowledge of privacy and security regulations (GDPR, CCPA, HIPAA, PCI, SOC 2, ISO 27001). Experience supporting audits, risk assessments, and policy development. Preferred Qualifications Professional certifications (e.g., OSCP, CSSLP, CISSP, Security+). Contributions to open-source security projects More ❯

recommendations for enhancing the organisation’s security posture. Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews, documentation checks, and evidence of compliance (e.g., ISO, SOC 2, pen test results). Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contract processes. Prepare and deliver reports on information security More ❯

recommendations for enhancing the organisation’s security posture. Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews, documentation checks, and evidence of compliance (e.g., ISO, SOC 2, pen test results). Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contract processes. Prepare and deliver reports on information security More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

AI Act, FCA cybersecurity principles, and oversight of critical systems Worked directly with cybersecurity and compliance teams in regulated deployments Implemented or maintained controls under ISO 27001, NIST, or SOC2 frameworks Technical Skills & Technologies: Languages & Frameworks Python (FastAPI), LangChain, Google AI SDK, Azure Open AI SDK Cloud & AI Platforms GCP: Vertex AI, Gemini API, Cloud Run, GCS, IAM, Secret Manager More ❯

sector, based in London, on a permanent basis paying up to £70,000 plus great benefits. This role offers hybrid working with an expectation to be in the office 2–3 days per week. You’ll be joining a technical team focused on strengthening cloud security and ensuring compliance across Microsoft Azure environments. This role will involve hands-on … essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working More ❯

Responsibilities Third-Party Risk Management: Lead and own the third-party vendor risk assessment process across a portfolio of 100-120 vendors. Review and validate vendor security documentation (e.g., SOC 2, ISO 27001), evaluate control effectiveness, and coordinate remediation efforts for identified gaps. Ensure relevant business stakeholders are informed of potential risks. Governance, Risk & Compliance (GRC): Actively contribute More ❯

Review and approve security designs for new services, platform upgrades, and major integrations Risk Management : Drive identification and remediation of platform-specific security risks while ensuring regulatory compliance (GDPR, SOC2, ISO27001) Team Leadership : Mentor and manage a team of security architects and engineers, fostering cross-functional collaboration Stakeholder Engagement : Present complex security insights to senior leadership and influence technology investment More ❯

and scaling strategies. Train and mentor junior team members and client staff on Splunk usage and management. Assist with security monitoring, incident detection, and compliance initiatives (eg, PCI, HIPAA, SOC2). Required Skills and Experience: Minimum 10 years of total IT experience with 7+ years dedicated to Splunk . Splunk Consultant-level certification (eg, Splunk Certified Consultant I/II More ❯

directly with cybersecurity and compliance teams in regulated environments Designed and managed AI lab environments using IaC, containerisation, and secure networking practices Complying with frameworks like ISO 27001, NIST, SOC 2, or EU AI Act Job Offer 6 month contract (initially) Competitive daily rate of £700-£900, inside IR35. Office based in London (Liverpool Street) - 2/ More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team. This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What … you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team. This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What … you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort More ❯

Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform £70–80k base + 10% bonus Hybrid in London Training budget for certifications + conference attendance Strong emphasis on professional autonomy and ethical leadership A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of … U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team. This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability. What … you’ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort More ❯

SLAs) are met or exceeded. Manage relationships with key vendors and contractors. Compliance & Audits: Ensure the facility operates in strict adherence to industry standards and regulations (e.g., ISO 27001, SOC 2, etc.). Prepare for and lead internal and external audits. Health & Safety: Be the on-site safety champion, enforcing strict health and safety protocols and conducting regular … efficiency, reduce costs, and enhance the overall performance of the facility. Candidate Requirements Proven Experience: A minimum of 5 years of experience in data centre operations, with at least 2-3 years in a lead, management or supervisory role. Technical Expertise: Strong understanding of data centre infrastructure, including high-voltage power distribution, UPS systems, generators, CRAC/CRAH units More ❯

SLAs) are met or exceeded. Manage relationships with key vendors and contractors. Compliance & Audits: Ensure the facility operates in strict adherence to industry standards and regulations (e.g., ISO 27001, SOC 2, etc.). Prepare for and lead internal and external audits. Health & Safety: Be the on-site safety champion, enforcing strict health and safety protocols and conducting regular … efficiency, reduce costs, and enhance the overall performance of the facility. Candidate Requirements Proven Experience: A minimum of 5 years of experience in data centre operations, with at least 2-3 years in a lead, management or supervisory role. Technical Expertise: Strong understanding of data centre infrastructure, including high-voltage power distribution, UPS systems, generators, CRAC/CRAH units More ❯

Swagger/OpenAPI documentation for Open APIs Familiarity with Azure services and automation tools like Power Automate or Zapier Exposure to IoT or Telematics platforms Awareness of ISO 27001, SOC 2, or GDPR compliance standards Benefits: Competitive base salary Hybrid working Private healthcare Exciting and unique projects Pension scheme If you are a Senior .NET Developer experienced in More ❯

DevSecOps pipeline design, security integration, and automation. Dev Experience but strong experience in Cloud Security. Prior experience leading or contributing to audit and certification readiness projects (ISO, Cyber Essentials, SOC2). Experience with AWS GuardDuty, AWS Config, and broader AWS security services. Solid development background with the ability to understand engineering challenges and build secure solutions. Expertise in Cloud Security More ❯

We’re hiring! Legal Counsel @ IRIS Software ✨ 📍 Location: Heathrow, UK - Hybrid (2-3 days per week) 📝 Type: Permanent 👩 ⚖️ Reports To: General Counsel 🚀 About IRIS We’re one of the UK’s fastest-growing technology companies, providing innovative accounting software and managed payroll services to accountants, bookkeepers, and businesses worldwide. 🌍 At IRIS, we help professionals automate compliance, streamline operations, and … protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS/fintech/tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional services clients. 🌟 Why IRIS? At IRIS, you’ll get: 💼 Exposure to a variety of More ❯

We’re hiring! Legal Counsel @ IRIS Software ✨ 📍 Location: Heathrow, UK - Hybrid (2-3 days per week) 📝 Type: Permanent 👩 ⚖️ Reports To: General Counsel 🚀 About IRIS We’re one of the UK’s fastest-growing technology companies, providing innovative accounting software and managed payroll services to accountants, bookkeepers, and businesses worldwide. 🌍 At IRIS, we help professionals automate compliance, streamline operations, and … protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS/fintech/tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional services clients. 🌟 Why IRIS? At IRIS, you’ll get: 💼 Exposure to a variety of More ❯

We’re hiring! Legal Counsel @ IRIS Software ✨ 📍 Location: Heathrow, UK - Hybrid (2-3 days per week) 📝 Type: Permanent 👩 ⚖️ Reports To: General Counsel 🚀 About IRIS We’re one of the UK’s fastest-growing technology companies, providing innovative accounting software and managed payroll services to accountants, bookkeepers, and businesses worldwide. 🌍 At IRIS, we help professionals automate compliance, streamline operations, and … protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS/fintech/tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional services clients. 🌟 Why IRIS? At IRIS, you’ll get: 💼 Exposure to a variety of More ❯

growth AI infrastructure business. This is a senior role with the opportunity to shape a global compliance function from the ground up. Key Responsibilities Security & certifications: Maintain ISO 27001, SOC 2 and similar to meet enterprise expectations. Export controls & sanctions: Ensure GPU allocation complies with UK/EU/US restrictions. Data protection: GDPR and cross-border transfers More ❯

growth AI infrastructure business. This is a senior role with the opportunity to shape a global compliance function from the ground up. Key Responsibilities Security & certifications: Maintain ISO 27001, SOC 2 and similar to meet enterprise expectations. Export controls & sanctions: Ensure GPU allocation complies with UK/EU/US restrictions. Data protection: GDPR and cross-border transfers More ❯

growth AI infrastructure business. This is a senior role with the opportunity to shape a global compliance function from the ground up. Key Responsibilities Security & certifications: Maintain ISO 27001, SOC 2 and similar to meet enterprise expectations. Export controls & sanctions: Ensure GPU allocation complies with UK/EU/US restrictions. Data protection: GDPR and cross-border transfers More ❯

resilience. Most features of our platform are available for free. ServQual Security focuses on Cyber Discovery, Security Transformation, and AI-Driven GRC, assisting clients with compliance standards like ISO27001, SOC2, GDPR, DPDP, NIS2, and DORA. Role Description This is a full-time hybrid role for an Application Security professional, located in the London Area, United Kingdom, with some work-from … and implementing security measures Strong communication skills Excellent problem-solving abilities and attention to detail Ability to work in a hybrid environment Knowledge of regulatory and compliance standards (ISO27001, SOC2, GDPR, DPDP, NIS2, DORA) is a plus Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field Relevant certifications such as CISSP, CISM, or CEH are advantageous More ❯