1 to 25 of 48 Permanent SOC 2 Jobs in England

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

support. You will also play an important role in strengthening our security and compliance posture, supporting controls aligned with frameworks such as Cyber Essentials, SOC 2, and ISO 27001, and helping ensure our infrastructure and delivery practices are appropriate for a regulated healthtech SaaS business. As part … controls Support a proportionate, risk-based security posture across cloud infrastructure and delivery pipelines. Contribute to infrastructure and operational controls aligned to Cyber Essentials, SOC 2, and ISO 27001 expectations. Support secure identity and access management across Azure, Entra ID, and Microsoft 365. Help improve secrets management, patching ...

will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response for internal and client-facing systems. … real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ISO 27001 readiness. Administer compliance platforms like Drata. DevSecOps: Collaborate with Engineering and IT to integrate security ...

while helping to strengthen overall security posture. Key Responsibilities Certification & Compliance Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/… commercial teams Deliver training and promote best practices across the organisation What We're Looking For Experience Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST) Strong understanding of Security Operations (SOC) environments Experience supporting audits, RFPs, and customer assurance activities Knowledge ...

security posture, reliability culture, and operational excellence. Key Responsibilities Architect, implement, and scale cloud infrastructure to support rapid growth Prepare systems and processes for SOC 2/ISO 27001 audit readiness Build and maintain CI/CD pipelines across backend, frontend, and data services Develop and manage logging … Platform Engineering Strong track record owning infrastructure end‐to‐end Experience in high‐growth or high‐load environments Familiarity with compliance frameworks (SOC 2, ISO 27001, GDPR) History of driving reliability, security, and cost efficiency Someone who thrives in fast-moving, evolving environments and enjoys solving hard problems ...

Doing Design, build, and maintain scalable cloud infrastructure to support rapid product growth Own DevOps, observability, and reliability across the platform Prepare systems for SOC 2/ISO 27001 audit readiness Build and manage CI/CD pipelines across backend, frontend, and data services Implement logging, metrics, tracing … platform, infrastructure, or DevOps engineering Startup or high-growth environment experience strongly preferred Proven ownership of infrastructure end-to-end Experience with compliance frameworks (SOC 2, ISO 27001, GDPR) Track record of balancing scale, reliability, and cost efficiency What You Can Expect A challenging, fast-moving environment where ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

program.- Conduct internal audits, third-party risk assessments, and due diligence reviews.- Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD.- Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives.- Identify gaps in security controls and recommend … and audit.- Strong understanding of international regulatory frameworks and standards.- Hands-on experience with:- ISO27001 audits and implementation- GDPR compliance- NIST cybersecurity framework- SOX, SOC 2, HIPAA, CCPA, LGPD- Ability to interpret complex regulatory requirements and translate them into actionable controls.- Excellent communication and stakeholder engagement skills.- Strong ...

Aurora’s security controls are effective, proportionate and aligned to business, customer and regulatory requirements Lead security assurance and certification activities, including ISO 27001, SOC 2, and related audit readiness, while contributing to the continued evolution of Aurora’s wider security and compliance operating model Partner with Legal … structured, risk‐based way Significant experience managing external audits, customer assurance and recognised security standards/certifications such as ISO 27001 and SOC 2 Experience influencing senior stakeholders and communicating clearly at executive level, including the ability to translate technical risk into clear business decisions and trade‐offs ...

Terraform or CloudFormation.Preferred Background & Additional Capabilities* Knowledge of securing containerised environments and orchestration platforms.* Experience working within assurance-focused frameworks including ISO 27001, SOC 2, or NIST.* Familiarity with automated governance and policy-driven cloud controls.* Exposure to investigative, detection, or security operations workflows.Qualifications That Would Be Beneficial ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

Concourse, CircleCI) Familiarity with maintaining HIDS systems (Wazuh preferred). NICE TO HAVE Knowledge of security standards and governance frameworks (e.g., CIS Benchmarks, NIST, SOC2, ISO 27001, PCI DSS) and how to operationalize them. Hands-on experience with building and maintaining a SIEM comprised of open-source and hosted components ...

and bot management in a production e-commerce context. Familiarity with SIEM, SOAR or security automation tooling. Exposure to ISO 27001 implementation or SOC 2 readiness programmes. Experience with multi-cloud security across Azure and GCP. Background in e-commerce, retail or DTC brands. What Success Looks Like ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

adhering to best practices in data protection and cloud security, in line with Cyber Essentials Plus and ISO27001, and implement compliance measures (e.g., GDPR, SOC 2). Analyse performance metrics and make data-driven decisions to improve platform performance, stability, and cost-efficiency. Engage with stakeholders (internal and ...

cloud security and compliance Own platform‐level security decisions and risk mitigation Ensure secure‐by‐design infrastructure and access controls Support compliance initiatives (SOC 2, ISO:27001) Leadership & Team Development Lead and mentor the DevOps team including DevOps engineers, IT Support and an Information Security Officer Provide technical ...

secure-by-design practices, ensuring data protection, and conducting regular threat modelling and reviews. Standards Compliance : Ensure engineering practices and systems comply with ISO27001, SOC2, and other relevant standards. Budget & Reporting : Participate in budget planning and reviews relating to engineering requirements. Stakeholder Reporting : Report regularly to senior management on team … security into the SDLC. Testing & quality : strong background in automated testing (unit, integration, regression) and building for reliability. Essential Experience (Other) Scale-up journey : 2-3 years of experience in a senior role with a SaaS company @ $5-20m ARR, ideally as part of a scaling journey. Data ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

equivalent; conditional access policy design and implementation o DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure o ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation o Red team, adversarial simulation, or penetration testing programme design - experience ...

having been in the room when something went wrong Knowledge of common security frameworks and standards (e.g. NCSC Cyber Essentials, ISO 27001, NIST, SOC 2) Highly Desirable ISO 27001 Lead Implementer or Lead Auditor certification, or hands‐on experience leading an ISO 27001 certification programme Experience ...

rapid product growth. Own DevOps and platform engineering practices, enabling teams to deploy quickly and safely. Prepare and maintain audit-ready infrastructure aligned with SOC 2 and ISO 27001 expectations. Build and evolve CI/CD pipelines across backend, frontend, and data services. Implement observability across logging, metrics ...

eager to learn Desirable experience: Experience in data protection, with a good understanding of relevant data protection legislation (e.g., UK GDPR). ISO 27001, SOC 2, NIST CSF, CAF, HIPAA, DSPT Gap analysis, auditing, or penetration testing Process and procedure development Software or AI development/testing Client ...

London CityRole SummaryTheSecurity Awareness Lead is responsible for developing, delivering, andContinuously improving global security awareness and behaviour change programme across a multinational organisation of 2,000+ users. This roleEnsures employees, contractors, and partners understand their securityResponsibilities, make secure decisions, and actively contribute to a strongSecurity culture.The ideal candidate … regions and business units. Develop KPIs and metrics to track behavioural change, susceptibility, and programme effectiveness. Use data insights from Phishing, security incidents, and SOC analytics to drive targeted Interventions. 4. Stakeholder Engagement Collaborate closely with HR, Communications, IT, Data Protection, Legal, and Regional Business Leads. Influence senior stakeholders ...