1 to 25 of 73 Remote SOC 2 Jobs

About the Role We are seeking an experienced SOC 2/IT GRC Specialist Contractor to support and guide our SOC 2 Type II accreditation program. This is a critical role in a fast-moving, regulated environment, requiring hands-on experience with SOC 2 … our Information Security, Engineering, IT, QA, and Compliance teams, the successful candidate will assess current controls, implement necessary enhancements, and lead the organization through SOC 2 readiness and audit. Key Responsibilities Lead and execute SOC 2 Type II readiness activities from planning through audit support. Perform … a gap analysis against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality). Collaborate with control owners to define, implement, and document controls in alignment with SOC 2 and GxP expectations. Author, review, and enhance IT and security policies, SOPs, and governance documentation. Support GxP-aligned More ❯

Engineer to join our growing engineering team. As a company, we are ISO 27001-certified and need to maintain this certification while preparing for SOC 2 compliance. Security responsibilities currently sit across different teams, but as compliance requirements increase, a dedicated security engineer is needed to support ongoing … improve Duel's overall security posture. The focus of this role is to help maintain our compliance responsibilities through Secureframe, support ISO 27001 and SOC 2 audits, manage security vulnerabilities, and work within engineering to introduce security best practices into development, infrastructure, and operations. We're Looking for … Assist in managing ISO 27001 renewals by maintaining compliance documentation and ensuring key security practices are followed. Help support the company's transition towards SOC 2 certification by tracking requirements and implementing necessary security measures. Work within Secureframe to maintain compliance records, ensuring a structured and organised approach More ❯

serving as a subject matter expert, project lead, and/or Lead Auditor in all matters related to Digital Attestation and Certification. This includes SOC 1 (ISAE 3402), SOC 2, ISAE 3000, and ISO 27001 certification. Your daily responsibilities will include maintaining close communication with clients and … managers, leading and coordinating a team of 2-5 staff members, and reviewing their work. Within this team, we foster a collaborative, supportive, and knowledge-sharing mindset. You will also be responsible for setting up project files, performing testing procedures, drafting reports, and ensuring internal documentation meets required standards. … Furthermore, we are looking for someone with a business or economics degree and at least two years of practical experience in IT attestation reports (SOC 1, SOC 2, and ISAE 3000) or certification. Any additional certification (ISO Lead Auditor, CISA, CISM, CIPP/E, CIPT, CIPM, CISSP More ❯

product roadmap priorities based on client feedback. Respond to technical sections of RFPs, RFIs, and security questionnaires, ensuring alignment with regulatory standards (e.g., ISO27001, SOC 2, GDPR). Act as a trusted advisor to clients and internal teams, bridging the gap between commercial goals and technical feasibility. Stay … managers, or exchanges. Proven experience supporting long sales cycles and navigating enterprise procurement processes. Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, MiFID II, GDPR, or cloud governance in regulated industries. Skills & Competencies: Excellent communication and presentation skills, with the ability to simplify complex More ❯

product roadmap priorities based on client feedback. Respond to technical sections of RFPs, RFIs, and security questionnaires, ensuring alignment with regulatory standards (e.g., ISO27001, SOC 2, GDPR). Act as a trusted advisor to clients and internal teams, bridging the gap between commercial goals and technical feasibility. Stay … managers, or exchanges. Proven experience supporting long sales cycles and navigating enterprise procurement processes. Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, MiFID II, GDPR, or cloud governance in regulated industries. Skills & Competencies: Excellent communication and presentation skills, with the ability to simplify complex More ❯

Risk Analyst - Nottingham CityContract type: PermanentHours: Full-time, 35 hours Location: Head Office, Nottingham (Hybrid working, minimum 2 days per week)Application process: Please apply via the application button which will direct you to our careers site. If you require any adjustments to assist you in applying, please contact … to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR, ISO 27001, CQuest, SOC 2, and FCA and PRA guidelines. Effectiveness Monitoring: Monitor and assess the effectiveness of security controls, policies, and procedures. Audit Support: Support audits … and track security incidents and breaches, ensuring appropriate mitigation and response strategies.About you: - Information Security Frameworks: Familiarity with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Financial Sector Requirements: Knowledge of specific information security needs for financial institutions and building societies. Security Controls and Risk Management More ❯

the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance (e.g. ISO/IEC 27001 and SOC 2 certification). What you'll be doing Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program. … of risk management, information security and IT jobs. Knowledge of common regulatory and information security management frameworks, such as ISO/IEC 27001, NIST, SOC 2 and GDPR. Excellent written and verbal communication skills and high level of personal integrity. Innovative thinking and leadership with an ability to More ❯

Lead the development and execution of the overall security strategy Own and manage risk across infrastructure, applications, and data Drive compliance efforts (ISO 27001, SOC 2, etc.) and support audit readiness Build security awareness across the company, including training and best practices Work closely with engineering to embed … scaling business Hands-on knowledge of cloud (AWS, GCP or Azure), application security, and security tooling Familiarity with compliance frameworks such as ISO 27001, SOC 2, and GDPR Excellent communication skills with the ability to influence both technical and non-technical stakeholders A strategic mindset, but comfortable working More ❯

Lead the development and execution of the overall security strategy Own and manage risk across infrastructure, applications, and data Drive compliance efforts (ISO 27001, SOC 2, etc.) and support audit readiness Build security awareness across the company, including training and best practices Work closely with engineering to embed … scaling business Hands-on knowledge of cloud (AWS, GCP or Azure), application security, and security tooling Familiarity with compliance frameworks such as ISO 27001, SOC 2, and GDPR Excellent communication skills with the ability to influence both technical and non-technical stakeholders A strategic mindset, but comfortable working More ❯

role will sit within an Attestations & Assurance team , focused on: Facilitating external client audits Supporting the delivery of ISAE 3000 assurance reports (similar to SOC 2) Enhancing operational resilience evidence across services Skills & Experience Required: Hands-on experience with ISAE 3000 and/or SOC 2 More ❯

role will sit within an Attestations & Assurance team , focused on: Facilitating external client audits Supporting the delivery of ISAE 3000 assurance reports (similar to SOC 2) Enhancing operational resilience evidence across services Skills & Experience Required: Hands-on experience with ISAE 3000 and/or SOC 2 More ❯

cyber security posture and culture since day zero, maintained by several existing teams. This is demonstrated in numerous ways, including watchTowr's ISO27001 and SOC 2 Type 2 certifications. As watchTowr enters another phase of significant growth, dedicated capability and leadership is required to now focus on … controls across numerous business areas, including application, infra, cloud, and data security. You will maintain watchTowr's alignment to numerous industry standards, including ISO27001 and SOC2 Type 2, while going steps further where relevant due to watchTowr's unique threat model. You will oversee security monitoring, threat analysis, threat More ❯

Security Engineer to strengthen our security posture by identifying vulnerabilities, integrating best practices into CI/CD pipelines , and ensuring compliance with PCI DSS, SOC 2, GDPR, and CCPA . You'll work closely with development teams to embed security into the Software Development Lifecycle (SDLC) from the … in cloud security (Azure preferred) and securing cloud-native applications. Familiarity with CI/CD security integration . Understanding of compliance and regulatory frameworks (SOC 2, GDPR, PCI DSS). Preferred Skills Experience with container security and Kubernetes . Knowledge of infrastructure security and security monitoring. Familiarity with More ❯

Administration Linux Administration Software engineering disciplines Proficiency developing for serverless frameworks such as Azure Functions or AWS Lambda Experience with compliance frameworks such as SOC 2 Type 2, ISO-27001, FedRAMP, or IRAP and privacy regulations such as GDPR and PIPEDA Roadmap for Success 90 Days: Onboarding More ❯

design, build and maintain solutions in collaboration with our System Architects and Systems Security Officer, ensuring we adhere to our existing ISO 27001 and SOC 2 Type 2 obligations. In performing this role your core duties and responsibilities will include, but will not be limited to: Line More ❯

improving Service Level Objectives, Service Level Indicators, and error budgets to enhance system reliability. Work towards increased compliance with applicable frameworks and regulations (DORA, SOC 2, ISO 27001, GDPR). Create documentation from the implemented solutions. Influence and mentor engineering teams on SRE principles, DevOps culture, and best More ❯

Experience working collaboratively with cross-functional teams in an agile environment. Enthusiasm for mentoring and upskilling junior team members. Ability to obtain a Tier 2/Moderate Risk government security clearance Desired qualifications/non-essential skills required: Experience with hybrid cloud or multi-cloud solutions (e.g., Azure, Google … Cloud). Background in data architecture, analytics, or machine learning on AWS. Knowledge of compliance frameworks and security best practices, including SOC 2, GDPR, etc. Prior experience in a consulting or customer-facing role. Familiarity with modern software development methodologies such as Agile and SAFe. Masters degree in More ❯

Specialty. Multi-Cloud Experience: Familiarity with Azure and GCP. Serverless Architectures: Experience with AWS Lambda and serverless design. Compliance Standards: Expertise in GDPR, HIPAA, SOC2, ISO 27001. Advanced Security Practices: Knowledge of zero-trust architecture and security incident response. Why Apply? Influence: Leadership role with the power to shape key More ❯

Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and … Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff Please only apply if you are able to work from their Debden More ❯

Engineer , you will play a pivotal role in safeguarding our systems, networks, and data while ensuring compliance with industry-leading security certifications such as SOC 2, HIPAA, and ISO 27001. Your expertise will directly contribute to maintaining trust with our customers and securing their critical information assets. This … teams to design, implement, and maintain security controls and configurations across various systems and platforms. Oversight of compliance for regulatory compliance requirements, such as SOC2, HIPAA, ISO 27001, GDPR etc., and ensure our systems adhere to these standards. Stay updated with the latest industry trends, emerging threats, and security technologies More ❯

Experience in developing business critical applications Experience in developing and operating large-scale cloud-based distributed applications Experience of the compliance environment such as SOC 2 and/or ISO 27001:2022 The ability to continuously improve infrastructure "whilst in flight" and not only support greenfield solutions Transportation More ❯

Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting , solutions architecture , or technical coaching . Interest More ❯

Recognized industry certifications (CISSP, CSSLP, CISM, etc.). Participation in recognized industry working groups focused on information security. Experience with governance and security certifications (SOC2, ISO27001, FIPS). Bsc/Msc degrees or equivalent formal education in cybersecurity or related fields. Tricentis Core Values Knowing what we need to achieve More ❯

and enforce cloud security best practices, including identity and access management (IAM), data encryption, network security, and compliance with industry regulations (e.g., GDPR, SEC, SOC2). What we look for Bachelor's degree or equivalent experience in Computer Science or related field Proven experience (3 years) as a cloud engineer More ❯

but also SVN, Jira, Confluence • Linux environment experience – Debian-based, Red-Hat based • Cybersecurity practises and frameworks – notably demonstrable experience with ISO27001, SOC1/2, CyberEssentials+ and/or the NCSC 14 Principles of Cyber Security Person Specification: • Team player; our client offers a team-centric culture/environment More ❯