1 to 25 of 69 DemandTrendPermanent SOC 2 Jobs in London

with advanced technology solutions. We build products where data security is a top priority, and we are looking for a strong backend developer with experience in information security and SOC 2 compliance. As a qualified expert, You will Develop backend applications using Node.js + TypeScript Design secure system architectures Implement solutions that meet SOC 2 and … We're looking for you if you have 5+ years of commercial experience with Node.js and TypeScript Strong knowledge of PostgreSQL and MongoDB Experience in information security and compliance (SOC 2, ISO 27001, etc.) Understanding of DevSecOps principles Ability to make architectural decisions Commitment to long-term work in a stable team Bonus Points Experience conducting security audits More ❯

Job Title: Software Governance and Compliance Engineer Location: London/Remote Salary: £65,000-£75,000 Skills: SOC 2, Audits, Security, EU AI, Software Development, .NET Roc Search's client are looking for a Software Governance and Compliance Engineer which bridges the gap between Infosec/compliance and Software Development. The applicant's priority work will be helping … in London though this is remote first , reporting to the Head of Software Development Responsibilities include: Refining and developing the processes and policies that will underpin the company's SOC2 application, client contracts and SLA's; Ensuring the development team adhere to these processes and policies and that all required records are kept up to date to demonstrate compliance; Ensuring … of mind in all developments throughout the development lifecycle; Understanding EU AI legislation and ensuring Imparta compliance at all times; Playing a central role in ensuring the success of SOC 2, ISO 42001 and EU AI act audits; Being responsible for the day-to-day management of resilience and monitoring tools, hitting secure score targets, fixing bugs and More ❯

contract negotiation and general commercial legal work . You will play a key role in helping the business stay compliant with relevant laws and standards, including oversight of our SOC 2 compliance processes, while also helping to drive practical legal solutions across the business. Key Responsibilities: Compliance & Risk Management Lead or support internal compliance programs, with a focus … on data privacy, corporate governance, and regulatory frameworks. Oversee SOC 2 Type II maintenance and readiness efforts. Conduct internal training sessions on legal and compliance topics. Legal & Commercial Support Advise on data protection and privacy issues (e.g. GDPR, CCPA) and support implementation of related policies and procedures. Draft, review, and negotiate a wide range of commercial contracts (e.g. … incl. collaborating on matters requiring specialist support, managing costs, etc). About You: Experience & Qualifications Strong working knowledge of global data privacy laws and compliance standards (e.g. GDPR, CCPA, SOC 2). Demonstrated experience reviewing and negotiating commercial agreements. Skills & Traits You enjoy data privacy, compliance and operational legal work and are happy to "roll up your sleeves More ❯

You'll help us keep Synthesia secure and audit-ready by supporting our internal and external trust operation efforts. This includes working with standards like ISO 27001, ISO 42001, SOC 2 and CSA STAR, while also interfacing with customers where necessary. In short, everything that is necessary to earn and maintain customer trust in our security and privacy. … and others to keep us all aligned Getting involved in risk assessments and tracking mitigation efforts Keep us on track and aligned with various frameworks (ISO 27001, ISO 42001, SOC 2, etc.) Exploring other certifications and frameworks as the business evolves We'd love to hear from you if you: Are comfortable navigating technical concepts and asking insightful … growing startup or SaaS company Have supported or participated in an external audit before Work and incorporated AI into your work habits Have experience with frameworks like ISO 27001, SOC 2, or ISO 42001 Have used compliance tools like Vanta , Drata , or similar platforms Know what Okta, Wiz, and Github are Our culture At Synthesia we're passionate More ❯

risks, regulatory exposure, and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews … Deep understanding of cloud security (especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer More ❯

driven decisions to enhance customer outcomes. Develop a deep understanding of Vanta's platform and its applications, advising customers on how to optimize their use of our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP, Custom Frameworks), Trust Reports, and Risk Management solutions. Partner closely with your Scale CSA team to co-develop and execute plays that … inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

/DAST, IaC scanning, secure coding standards and threat-modeling into every stage of our CI/CD pipeline. Own compliance & audits. Run our Vanta instance end-to-end (SOC 2 Type II, ISO 27001, GDPR, etc.) and coordinate third-party pen tests, evidence gathering and policy reviews. Enable revenue. Partner with Sales & Customer Success to answer security … document best practices, and keep calm during incidents. Comfort with ambiguity. First dedicated security hire? Perfect-you'll set the bar. Nice-to-haves Prior lead-level ownership of SOC 2 Type II or ISO 27001 certifications. Demonstrated open-source security contributions, CTF wins, or conference talks. Experience with procurement or fintech data-flows, third-party risk, or More ❯

/DAST, IaC scanning, secure coding standards and threat-modeling into every stage of our CI/CD pipeline. Own compliance & audits. Run our Vanta instance end-to-end (SOC 2 Type II, ISO 27001, GDPR, etc.) and coordinate third-party pen tests, evidence gathering and policy reviews. Enable revenue. Partner with Sales & Customer Success to answer security … document best practices, and keep calm during incidents. Comfort with ambiguity. First dedicated security hire? Perfect-you'll set the bar. Nice-to-haves Prior lead-level ownership of SOC 2 Type II or ISO 27001 certifications. Demonstrated open-source security contributions, CTF wins, or conference talks. Experience with procurement or fintech data-flows, third-party risk, or More ❯

them to specific business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

cross-functional procurement team (including vendor and sourcing specialists). Vendor & Partnership Management Manage complex vendor relationships across hardware, software, cloud, security, and telecom. Oversee vendor compliance with SLA, SOC 2, and other applicable frameworks. Maintain partnership requirements (e.g., Microsoft, Dell, Cisco), including certifications and revenue thresholds. Procurement Operations Oversee all procurement lifecycle activities: assessment, process, negotiation, order … Dell, Lenovo). Knowledge of MSP procurement workflows including CPQ, product bundling, licensing renewals, and hardware lifecycle management. Strong negotiation skills across software, SaaS, and hardware agreements. Familiarity with SOC 2, and other relevant standards. Advanced Excel and experience with procurement platforms (e.g., ConnectWise Sell, Coupa, etc.). Preferred Experience launching Procurement as a Service or similar resale More ❯

track if this doesn't align with what you want to do. Hybrid working - our approach is to be in the office or on client site a minimum of 2 days per week. Work on a broad variety of projects and tech stacks for clients across seven sectors - no project is ever the same Join other experts within our … modeling, security testing) and determining residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems Experience working with teams in a structured software development lifecycle process Excellent interpersonal skills, both written and … the role. Quick call with one of our Tech Recruiters - to discuss your application, the role and PA Round 1: Either a competency or technical interview (60 mins) Round 2: Either a competency or technical interview, whichever you didn't do at first round (60 mins) Final round : Meeting with a PA leader - a mini case study and discussion More ❯

Access, Entra ID, and Identity Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance More ❯

Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated More ❯

technologies like Docker and Kubernetes Knowledge of security best practices for cloud environments (AWS, Azure, GCP) Understanding of security frameworks and compliance standards such as NIST CSF, ISO 27001, SOC 2 Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, agile environment Strong problem-solving skills and a passion for continuous improvement More ❯

Develop comprehensive monitoring solutions using Prometheus, Grafana, ELK stack, or similar tools to improve system reliability. Security & Compliance: Apply best practices for cloud security, IAM policies, and compliance frameworks (SOC2, ISO 27001, etc.). Incident Response & Performance Optimization: Troubleshoot issues, perform root cause analysis, and implement fixes to optimize performance. Infrastructure as Code (IaC): Utilize Terraform, Ansible, or similar tools More ❯

tools (EDR, vulnerability scanners, SCA, etc.) Own and manage internal authentication (SSO, MFA, identity lifecycle) Secure endpoints, laptops, and internal systems Lead security awareness and employee training programs Drive SOC 1/2 and other compliance frameworks Build internal security policies, playbooks, and operational processes Manage relationships with vendors, auditors, and pentesters We're Looking For Someone Who … or similar certification Strong knowledge of cloud security, secure software development, and common vulnerabilities Proven experience securing production environments and CI/CD systems Familiarity with security compliance frameworks (SOC 2, ISO 27001) Experience deploying and operationalising security tools Excellent communication skills and the ability to collaborate across teams A pragmatic, system-oriented mindset that balances risk and More ❯

lead infrastructure strategy discussions Nice to have: Experience with Terragrunt and Ansible Familiar with secrets management using Vault, AWS KMS or similar Understanding service discovery, zero-downtime deployments, and SOC2-compliant environments Why Us? We provide 20 days of vacation leave per calendar year (plus official national holidays of a country you are based in). We provide full accounting More ❯

helping to triage and remediate findings. Security Champion Enablement: Collaborate with engineering teams to build security awareness and develop a network of Security Champions. Incident & Response Readiness: Support Smarsh SOC and security incident response, including root cause analysis and post-mortem reviews for your product(s). Security Compliance & Governance: Ensure alignment with regulatory requirements (SOC 2 … Terraform, CloudFormation) and cloud security posture management. Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security. Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. Experience driving developer enablement and security training initiatives. Excellent communication and collaboration skills to engage with engineering, product, and leadership teams. Preferred Qualifications Security certifications such as OSCP More ❯

ensuringglobal network performance optimization. Implementnetwork observability and predictive analyticstoproactively prevent outages. Security, Compliance & Risk Management: Drivezero-trust security frameworks, ensuringsecure and resilient network access. Ensure adherence toISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate withcybersecurity teamsto enhancenetwork threat detection and mitigation. Implementautomated security policy enforcement, reducing human intervention in risk mitigation. Financial & Vendor Management: Optimizenetwork More ❯

TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management, and supply-chain security; automate More ❯

including abuse prevention and fraud detection. Governance, Compliance & Best Practices Help define internal standards for security development practices, secrets management, and infrastructure hardening. Maintain compliance with relevant frameworks (e.g., SOC 2, ISO 27001, GDPR), and support any industry-specific due diligence. Cross-Functional Collaboration Partner with engineering, product, and infrastructure teams to embed security best practices into all More ❯

Ebury's values. Nice to have: Experience in the FinTech industry. Bachelor's degree in computer science or a related field. Familiarity with security and compliance requirements (e.g., HIPAA, SOC 2, GDPR, DORA) is a plus. Proficiency in Spanish or Portuguese is advantageous. Not feeling like you meet all the requirements? That's OK! No one fits a More ❯

secure, scalable cloud infrastructure for our digital health platform. Automate CI/CD pipelines and lead Infrastructure as Code (Terraform, CloudFormation). Implement DevSecOps best practices to meet HIPAA, SOC 2, and ISO 27001 requirements. Monitor system performance and availability using CloudWatch, Prometheus, Grafana, and related tooling. Collaborate with engineering, security, and product teams to drive end to More ❯