1 to 25 of 46 SOC 2 Jobs in the UK

data loss. Develop automated workflows for vulnerability management, incident detection, and response. Align security measures with financial regulations such as PCI DSS, ISO 27001, SOC 2, and GDPR. Support Atom’s AI team with AI and Automation specific infrastructure security needs. Partner with DevOps and engineering teams … Docker environments. Advanced scripting and automation skills (Python, PowerShell, Bash, etc.) Demonstrated ability to navigate and implement compliance frameworks such as PCI DSS, GDPR, SOC 2, and ISO 27001. Familiarity with financial industry-specific security and privacy standards. Relevant Security certifications (e.g. CISSP, SSCP, CCSM, CISM, etc.) Relevant ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Enable product, data, and …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

licence reviews, container/image policies, and supply-chain controls. Evaluate logging, monitoring, and observability practices. Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT where applicable). Produce a comprehensive gap analysis, risk register (with severity and likelihood ratings), and prioritised remediation backlog. … promotion criteria). Deliverables (by end of audit) DevOps Audit Report (executive summary + detailed findings). Compliance mapping (ISO 27001 Annex A/SOC 2 trust principles) with gap list. Risk register including mitigations, effort, and impact estimates. Prioritised remediation backlog and proposed guardrails for Phase 2. ...

will lead the delivery of ISO 27001 certification within the next 12 months . The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation … risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid ...

will lead the delivery of ISO 27001 certification within the next 12 months . The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation … risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid ...

assurance programmes. Proven experience designing, executing, and improving structured vendor due diligence processes. Strong understanding of vendor-held assurance artefacts such as ISO 27001, SOC 2, CSA STAR/CAIQ, and security questionnaires. Ability to communicate complex vendor-related cyber risks clearly to both business and technical audiences. ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

Ping Identity) Exposure to Kubernetes (GKE, workload identity, RBAC) Experience with secrets management tools (Vault, Secret Manager) Familiarity with compliance frameworks such as SOC2, ISO 27001, or PCI Why Apply? Contract through to year-end with extension potential Hybrid working from Sheffield Inside IR35 engagement Opportunity to work on large ...

Defender for Cloud, encryption using Azure Key Vault, network security with NSGs and Azure Firewall, Azure Policy for governance, and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience conducting security assessments using Microsoft Secure Score, implementing security hardening, and responding to security incidents. Backup & Disaster Recovery - Experience ...

both technical and non-technical stakeholders across the business Familiarity with standards such as PCI-DSS, NIST SP800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) inday-to-day security risk management activities, including: Accelerating risk analysis and documentation Supporting control ...

with IaC tools like Bicep and Terraform. ✅ Security & Compliance : Your knowledge of GDPR-aligned frameworks and governance standards complements their emphasis on ISO 27001, SOC 2, and Azure Security best practices. ✅ Leadership & Mentoring : You’ve led projects and mentored teams, which matches their expectation for technical leadership. Where ...

security Infrastructure-as-code mindset and strong automation skills Comfortable working cross-functionally and owning shared platforms Nice to Have Experience with compliance frameworks (SOC 2, ISO 27001, etc.) Familiarity with SRE principles and reliability engineering Security certifications or deep interest in cloud security About ...

experience closing compliance gaps Proven track record in enterprise-wide IT initiatives (e.g., identity management, network segmentation, EDR deployments) Familiarity with ISO 27001 or SOC2 standards Certifications such as CISSP, CISM, PMP, PRINCE2 Practitioner, or Agile credentials highly desirable Strong understanding of IT service lifecycle and collaboration with architecture and ...

fullstack context): React, TypeScript, Vite, Next.js Bonus familiarity: Graph databases and GraphML for relationship modelling .NET for legacy integration or specific tooling Cyber Security SOC2/CE+/Regulatory experience What Success Looks Like (First 12 Months) Core backend services and infrastructure are more scalable, reliable and observable Clear architectural ...

and assist with customers’ RFIs and RFPs; Obtain at least CII certification to appreciate how the insurance industry works. Qualifications Essential: A minimum of 2 years in an infrastructure, SysOps or Security role; Active Directory management; AWS ecosystem, especially AppStream 2.0. NTFS permission & Group Policy configuration & management; Microsoft … Information Security specialism. Desirable: IaaS and PaaS environments; SQL; VMWare Cloud Director; SharePoint Windows IIS security & management. Security & GDPR compliance (ISO27001/ISO27032/SOC 2). ...

security maturity. Key responsibilities Compliance ownership & framework delivery Take full ownership of the compliance programme, maintaining PCI Level 1 and leading the delivery of SOC 2 and ISO 27001. Act as the operational owner of Sprinto, ensuring controls remain effective, evidence is maintained, and audits are continuously 'ready … Portal, translating technical security controls into clear, credible messaging for enterprise clients. Champion a 'compliance by design' mindset across engineering and operations. Experience & background 2-4 years' experience in information security, GRC, IT audit or a closely related role. Strong experience producing security documentation, policies and evidence that link ...

hybrid infrastructure. Support secure configuration, IAM, cloud environments, patch management, and application security testing. Ensure compliance with standards such as Cyber Essentials, ISO 27001, SOC 2, and GDPR. Play a key role during high-pressure incidents, managing both technical resolution and stakeholder communication. Participate ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...

DERMS or other OT/IT grid management platforms Knowledge of GridOS ecosystem and DERMS integration Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2) Cloud/hybrid environments (Azure, AWS) Certifications: ITIL, Security+, or utility-specific systems training Scripting/automation: Python, Bash, PowerShell Key Responsibilities L2/ ...

Security Risk Specialist - 6-Month Contract - Inside IR35 - Hybrid London (2-3 Days Onsite) A leading technology-driven organisation is seeking an experienced Security Risk Specialist to support the ongoing development and operation of its security risk function. This role sits within a growing security team and will focus … varying technical levels, from engineers to senior non-technical leaders. Familiarity with frameworks and standards such as ISO 27001 , NIST CSF , NIST 800-53 , SOC 2 , PCI DSS , etc. Practical experience applying Large Language Models (LLMs) in security workflows, including: Speeding up risk analysis and documentation Supporting control ...

Ability to manage multiple audits, remediation streams, and stakeholder expectations simultaneously Preferred Qualifications Hands-on experience maintaining ISO/IEC 27001 certification Experience supporting SOC 2 Type II audits and ongoing compliance Familiarity with NIST Cybersecurity Framework (CSF) Experience managing audit findings through remediation and closure Experience with ...

desk triage and out-of-hours support coverage. Partner with key stakeholders across Product, Engineering, and Compliance to support audit readiness (ISO 27001/SOC 2). What you'll need: 5+ years' experience in IT service management, ITSM, ITIL, including awareness of Devops/Strong understanding ...

systems in production Familiarity with prompt management, tool calling, evaluation, and AI safety patterns Healthcare or regulated-industry experience, including familiarity with HIPAA or SOC-2 compliance Experience with claims data, EHR-derived datasets, or real-world evidence Strong written and verbal communication skills with technical and non-technical ...