13 of 13 Contract SOC 2 Jobs in England

licence reviews, container/image policies, and supply-chain controls. Evaluate logging, monitoring, and observability practices. Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT where applicable). Produce a comprehensive gap analysis, risk register (with severity and likelihood ratings), and prioritised remediation backlog. … promotion criteria). Deliverables (by end of audit) DevOps Audit Report (executive summary + detailed findings). Compliance mapping (ISO 27001 Annex A/SOC 2 trust principles) with gap list. Risk register including mitigations, effort, and impact estimates. Prioritised remediation backlog and proposed guardrails for Phase 2. ...

will lead the delivery of ISO 27001 certification within the next 12 months . The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation … risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid ...

Role - Database Security Consultant Location -3 days from Canary Wharf office and 2 days from home Contract - Inside IR35 Job Description Key Responsibilities: Security Onboarding & Product Integration: Collaborate closely with Product Team to integrate and onboard product to security controls. Work with CSO to agree compliance and onboarding requirements … experience in security engineering, security architecture, or security compliance roles. Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and compliance requirements (e.g., SOC 2, GDPR, HIPAA). Experience with various security controls, including access management (IAM), data encryption, network security, vulnerability management, and SIEM. Database Engineering ...

experience in security engineering, security architecture, or security compliance roles. Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and compliance requirements (e.g., SOC 2, GDPR, HIPAA). Experience with various security controls, including access management (IAM), data encryption, network security, vulnerability management, and SIEM. Database Engineering ...

and cloud IAM integration. Compliance and Regulatory Controls - Strong knowledge of security frameworks and standards (NIST Cybersecurity Framework, ISO 27001/27002, PCI-DSS, SOC 2) and experience designing and implementing solutions using commercial and open-source security tools for lifecycle management of enterprise security infrastructure. Understanding ...

places · Strong knowledge of Service acceptance criterias and key artefacts · Ability to ensure projects align with relevant frameworks including ISO 27001, NIST CSF, DORA, SOC 2, CIS Controls and regulatory requirements as applicable · Coordinate platform integration with existing infrastructure, applications, and cloud environments whilst ensuring security engineering and ...

both technical and non-technical stakeholders across the business Familiarity with standards such as PCI-DSS, NIST SP800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) inday-to-day security risk management activities, including: Accelerating risk analysis and documentation Supporting control ...

DERMS or other OT/IT grid management platforms Knowledge of GridOS ecosystem and DERMS integration Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2) Cloud/hybrid environments (Azure, AWS) Certifications: ITIL, Security+, or utility-specific systems training Scripting/automation: Python, Bash, PowerShell Key Responsibilities L2/ ...

Security Risk Specialist - 6-Month Contract - Inside IR35 - Hybrid London (2-3 Days Onsite) A leading technology-driven organisation is seeking an experienced Security Risk Specialist to support the ongoing development and operation of its security risk function. This role sits within a growing security team and will focus … varying technical levels, from engineers to senior non-technical leaders. Familiarity with frameworks and standards such as ISO 27001 , NIST CSF , NIST 800-53 , SOC 2 , PCI DSS , etc. Practical experience applying Large Language Models (LLMs) in security workflows, including: Speeding up risk analysis and documentation Supporting control ...

Ability to manage multiple audits, remediation streams, and stakeholder expectations simultaneously Preferred Qualifications Hands-on experience maintaining ISO/IEC 27001 certification Experience supporting SOC 2 Type II audits and ongoing compliance Familiarity with NIST Cybersecurity Framework (CSF) Experience managing audit findings through remediation and closure Experience with ...

engineering and non-technical roles Familiarity with security standards and frameworks such as PCI-DSS, NIST SP 800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) in day-to-day security risk management activities, including: Accelerating risk analysis and documentation Supporting ...

need to succeed : Extensive experience supporting information security controls assurance activities within a highly regulated environment, ideally financial services. Strong experience with NIST, ISO27001, SOC2, and/or ISF standard of good practise. Strong experience mapping standards to the NIST framework. Extensive experience writing control descriptions. Extensive understanding of control ...

Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract, Inside IR35 Duration: 12 Months Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent … and hands-on experience with vulnerability detection tools (e.g. Qualys, CrowdStrike, Tenable, Prisma) * Strong knowledge of IS compliance frameworks and standards (ISO2700x, NIST, GDPR, SOC2, PCI) * Practical understanding of cyber security technology best practice * Experience supporting EMEA or Global technology projects from an InfoSec risk perspective * Blue-chip/Big4 ...