1 to 25 of 51 SOC 2 Jobs in the UK excluding London

clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk exception process, and drive SOC 2 readiness initiatives. Partnering with IT, architecture, SRE, and procurement teams, you'll translate complex technical risks into actionable business decisions and provide senior leaders with clear, data … driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the enterprise risk register. ** Manage risk exceptions and ensure timely review, tracking, and remediation … of risks. ** Drive SOC 2 readiness activities and collaborate with auditors and internal stakeholders to ensure compliance. ** Develop and enforce cybersecurity governance policies, standards, and procedures aligned with industry frameworks. ** Work with IT, SRE, Architecture, and Procurement teams to identify, assess, and mitigate technology and third party risks. ** Provide clear, actionable reporting and metrics to senior leadership, translating More ❯

clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk exception process, and drive SOC 2 readiness initiatives. Partnering with IT, architecture, SRE, and procurement teams, you'll translate complex technical risks into actionable business decisions and provide senior leaders with clear, data … driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the enterprise risk register. ** Manage risk exceptions and ensure timely review, tracking, and remediation … of risks. ** Drive SOC 2 readiness activities and collaborate with auditors and internal stakeholders to ensure compliance. ** Develop and enforce cybersecurity governance policies, standards, and procedures aligned with industry frameworks. ** Work with IT, SRE, Architecture, and Procurement teams to identify, assess, and mitigate technology and third party risks. ** Provide clear, actionable reporting and metrics to senior leadership, translating More ❯

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer/Analyst to play a key part … in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant with standards such as ISO 27001, SOC 2 Type II, and GDPR, while building a culture of risk awareness and continuous improvement. Key Responsibilities Maintain and develop compliance policies, standards, and frameworks across the organisation. … Support internal and external audits for ISO 27001, SOC 2, and data-protection regulations. Conduct regular risk assessments and contribute to risk treatment plans. Monitor compliance KPIs, prepare monthly status reports, and present findings to senior stakeholders. Review vendor and third-party compliance, ensuring contractual and regulatory obligations are met. Deliver compliance awareness and training across teams. Provide More ❯

take ownership of day-to-day security operations, implement and refine controls, and play a hands-on role in ensuring compliance with recognised standards such as ISO 27001 and SOC 2 Type II. This is a visible and strategic position - ideal for someone who enjoys combining technical depth with governance, audit, and risk management responsibilities. Key Responsibilities Develop … Implement and manage controls across cloud and on-premises environments (Azure/AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR). Deliver regular security reporting and KPI tracking for senior leadership. Drive security awareness training and best practice across the wider … team. What You'll Bring 5+ years' experience in information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent More ❯

Salary: Up to £65,000 Employment Type: Permanent Job Summary: Our client, a leading IT services and consulting firm, is seeking a Cyber Security Assurance Manager to ensure their SOC meets and maintains … top security certifications and assurance standards. As part of the GRC function, you’ll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and CREST SOC accreditation. Key Responsibilities: Act as primary contact for customer assurance activities, supporting RFIs, RFPs, and client audit requests Deliver training and … awareness sessions on SOC assurance standards to internal teams Develop customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO/IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices More ❯

external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation/maintenance (UK certified; expanding to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion/coverage , daily monitoring, and follow-up. … GRC grounding plus solid technical understanding (AWS-heavy environment). Comfortable being hands-on where needed; people management nice-to-have, not essential. ISO 27001 (implementation/assurance) experience; SOC 2 exposure helpful. SIEM familiarity and the ability to work with engineers on coverage, tuning, and use-cases . Stakeholder-savvy; calm under pressure; excellent written/verbal More ❯

will chair status review sessions, maintain accreditation tracking systems, and provide regular updates to senior partners. You will manage responsibilities (including implementation) related to ISO27001, Cyber Essentials/Plus, SOC2 accreditations. You will also support audit readiness, collaborate with governance and risk teams, and integrate compliance findings into policy documentation. This is a hybrid, Nottingham-based role reporting to the … Regional Head of Client Security Assurance Summary of Primary Responsibilities Manage ISO27001, Cyber Essentials/Plus, SOC2 accreditations Lead contract negotiations, re-wording, and redlining, with a preference for UK&I and EU regulatory experience Provide regular accreditation status updates to senior partners Participate in SOC 2-related discussions with teams Oversee governance-related trackers and calls, including … risk management teams Partner with policy and standards teams to integrate compliance findings into documentation Qualifications Experience with compliance, audit coordination, or information security Familiarity with ISO 27001/2, SOC, ISAE, PCI, NIST, CIS or similar benchmarks Experience with cloud platforms such as AWS, Azure, or GCP Experience with IT and security operations, including Windows/Linux More ❯

and company builders come from DeepMind, OpenAI, Google Brain, Meta, Character.AI, Anthropic and beyond. What You'll Do Develop and maintain company-wide information security policies and frameworks (US: SOC 2, NIST, GDPR; UK: ISO 27001, Cyber Essentials, GDPR) Oversee IT operations across our three offices (London, New York, San Francisco), ensuring systems, devices, and networks remain secure … experience, including leadership in high-growth or tech-driven environments Strong knowledge of network, cloud, and endpoint security (AWS/GCP/Azure) Familiarity with key compliance frameworks (US: SOC 2, NIST; UK: ISO 27001, Cyber Essentials) Experience implementing MDM, SSO, and IAM systems Excellent communication skills and the ability to translate technical risk into practical action Certifications More ❯

secure and reliable deployments. Provision, support & maintain required cloud services for development, test and QA. Implement cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure … relevant work experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯

the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update … information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. More ❯

regulatory compliance across the business. The Role: Own and evolve the company-wide security strategy across infrastructure, application, and corporate environments Lead our global compliance programs (e.g., ISO 27001, SOC 2) ensuring we meet regulatory and customer trust requirements. Build and maintain relationships with auditors, ensuring smooth audit processes Address AI-specific compliance requirements around data usage, model … Manager) Deep understanding of infrastructure security, application security, and cloud security Experience performing security operations or investigations involving large scale Kubernetes environments Track record of successfully managing compliance certifications (SOC 2, ISO 27001, etc.) Exceptional communication and collaboration skills An ability to lead projects with little guidance Experience contributing to a high growth startup environment Experience securing cloud More ❯

the Way in Cyber Security Assurance? Robert Half are seeking a dynamic, proactive, and experienced Cyber Security Assurance Manager to join a globally-scaled, fast-paced Security Operations Centre (SOC) environment. In this crucial role, you will ensure that the SOC maintains its commitment to best-in-class standards through internationally recognised security certifications and industry-wide assurance … member in Governance, Risk, and Compliance (GRC) , you will lead certification efforts, influence operational processes, and engage directly with customers and auditors to showcase security credentials that differentiate our SOC from the competition. If you're skilled in blending technical insight with customer-focused communication … while driving compliance excellence, this opportunity is for you! What We're Looking For: Qualifications and Experience: Proven experience delivering and managing cybersecurity certifications (e.g., ISO/IEC 27001, SOC2 Type II, Cyber Essentials Plus, CREST). A strong understanding of SOC operations and security assurance frameworks. Experience engaging with customers during audits and RFP/RFI processes, showcasing More ❯

Endpoint, AWS GuardDuty, WAF, SIEM solutions). Detect, investigate, and respond to security incidents, ensuring timely escalation and resolution. Governance, Risk Compliance Support compliance initiatives such as ISO 27001, SOC 2, and Cyber Essentials Plus by maintaining relevant controls and documentation. Assist with audit readiness and evidence gathering. Ensure data protection and encryption mechanisms meet GDPR and other More ❯

asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work with IT More ❯

. Knowledge of container security and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub Actions, Jenkins). Exposure to More ❯

Cyber Security Lead Oxfordshire - Hybrid - 2 days per week (Flexible) £50k - £60k plus Benefits Our Client are an award-winning leading IT company offering complete outsourced IT solutions to organisations across the UK and Europe. Based in Oxfordshire they provide a comprehensive range of support services, software and hardware solutions to major blue-chip clients and their technicians are … Act as the strategic security escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and … Secure Score, M365 compliance dashboards). Drive continuous posture improvement across client environments. Team Leadership & Growth Mentor and develop Security Analysts. Ensure team certifications remain up to date (minimum 2 per year per Analyst). Lead internal knowledge-sharing sessions to keep the team and wider MSP relevant against new threats and frameworks. Champion automation (RPA/AI) in More ❯

of suppliers. Management of key stakeholders at all levels in a typical corporate environment. Desirable: Experience working within or implementing industry standard security and compliance standards, e.g. ISO 27001, SOC2, Cyber Essentials Plus Experience working with outsourced providers for engineering & technical resources as well as systems/services. Experience working in a regulated industry, e.g. telecoms, financial services, utilities. Experience More ❯

identify and mitigate risks. Work closely with the security team to integrate best practices into new and existing features. Ensure compliance with security standards and regulations (e.g., ISO 27001, SOC 2). Implement monitoring solutions to detect and respond to real-time security incidents. Troubleshoot infrastructure and security issues, performing root cause analysis in production. Mentor junior engineers More ❯

Maintain robust CI/CD pipelines, collaborating closely with development teams to streamline deployment processes. Maintain and enhance our security posture, ensuring compliance with industry standards and frameworks (e.g., SOC-2, ISO 27001). Diagnose and resolve infrastructure outages and incidents, ensuring timely resolution and root cause analysis. Documentation & Best Practices: Ensure comprehensive documentation of infrastructure, systems, and processes More ❯

portals, or golden path templates. Serverless and event-driven architectures (Functions, Logic Apps, Event Grid). Experience in regulated industries (e.g., Financial Services) and with compliance standards (ISO 27001, SOC 2). Knowledge of FinOps principles and cost governance on Azure. Interview process Stage 1 (remote): competency and technical interview including discussion of prior platform/DevOps work … and scenario-based problem solving. Stage 2 (on-site/remote): practical exercise (e.g., pipeline/IaC/Kubernetes task) and a short design presentation to a panel. Working schedule This role is permanent, full time, 37.5 hours per week, Monday to Friday. We offer a hybrid flexible working pattern to enable you the option of working from home More ❯

Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting, solutions architecture, or technical coaching. Interest in technical sales and supporting go More ❯

testing, code reviews, and vulnerability remediation Drive secure DevOps culture through training, playbooks, and developer champions Strengthen cloud & container security (AWS, Azure, GCP, Kubernetes, Docker) What you'll bring: 2-4 years' experience in AppSec/DevSecOps Hands-on with tools like Checkmarx, Veracode, SonarQube, OWASP ZAP Strong coding skills (Java, Python, JavaScript, Go, .NET) Familiar with CI/… CD (Jenkins, GitHub Actions, Azure DevOps) and IaC (Terraform) Knowledge of OWASP Top 10, API security, and compliance (ISO 27001, SOC 2) Eligibility for SC clearance is mandatory (UK nationals only) Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates More ❯

e.g. Kubernetes, Terraform/Bicep, GitHub/GitLab CI/CD). Building, leading, and mentoring high-performing IT & Cloud teams. Experience with security and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience driving AI productivity and automation strategies This is an exciting leadership role within a fintech business who have a great reputation in the market More ❯

e.g. Kubernetes, Terraform/Bicep, GitHub/GitLab CI/CD). Building, leading, and mentoring high-performing IT & Cloud teams. Experience with security and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience driving AI productivity and automation strategies This is an exciting leadership role within a fintech business who have a great reputation in the market More ❯

e.g. Kubernetes, Terraform/Bicep, GitHub/GitLab CI/CD). Building, leading, and mentoring high-performing IT & Cloud teams. Experience with security and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience driving AI productivity and automation strategies This is an exciting leadership role within a fintech business who have a great reputation in the market More ❯