1 to 25 of 141 Permanent PCI DSS Jobs in the UK

Security Compliance Manager - Payments, PCI DSS, SOC2 - £100,000 A rapidly growing payments technology company that has established itself as a major player in the UK market, is seeking a Security Compliance Manager to drive their critical compliance initiatives and strengthen their security posture as they continue their expansion across multiple markets. This is a great opportunity for … an experienced Security Compliance Manager to take ownership of comprehensive compliance programs within a dynamic payments environment. You'll be the go-to expert for PCI certifications, leading compliance strategy, and building robust security control frameworks that enable business growth while maintaining customer trust. Working within the Product Security team, you'll collaborate closely with engineering and product development … to embed security compliance from the ground up. The Security Compliance Manager's responsibilities: Leading and managing all PCI compliance initiatives including PCI DSS, PCI PIN, PCI P2PE certifications, with responsibility for achieving new certifications such as PCI MPoC and PCI SSF. Serving as the primary liaison with Qualified Security Assessors (QSAs) and More ❯

a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … Profile 29s privacy policy can be found at: profile-29 .com/privacy) Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code (IaC) using … Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability assessments, and security scanning to proactively identify and remediate risks. PCI DSS Compliance: Conduct security audits, risk assessments, and ensure regulatory compliance. DNS Security: Implement and monitor DNS security solutions to prevent cyber threats. Incident Response: Formulating and documenting … to work in the UK unrestricted for at least the next 5 years. Profile 29 recruitment keywords: DevSecOps DevOps Azure cloud security Microsoft Defender Microsoft Sentinel WAF IPS DNS pcidss pci dss pci-dss soar loughton Debden essex London More ❯

Principal Information Security Consultant — PCI-DSS Service Line Are you a cybersecurity leader passionate about building impactful solutions from the ground up? We’re seeking a Principal Information Security Consultant to spearhead the development of a new service line focused on helping clients navigate PCI-DSS compliance challenges in today’s digital ecosystem. This established practice … UK team is focused on achieving meaningful outcomes, empowering organizations to protect valuable data, and sustain trust with stakeholders. Key Duties and Responsibilities Architect and deliver a market-leading PCI-DSS advisory service, including go-to-market strategy and solution offerings. Engage with clients to assess their payment ecosystem, map out PCI-DSS obligations, and design … tailored roadmaps for ongoing compliance and risk mitigation. Develop innovative methodologies and frameworks that simplify the complexities of PCI-DSS and enable efficient, sustainable compliance. Lead and mentor a team of consultants, shaping their technical growth and project delivery standards. Keep abreast of evolving payment security standards, regulatory developments, and emerging threats, advising both clients and internal teams More ❯

IT Security Consultant - AWS - PCI DSS - Manchester IT security consultant with a PCI DSS & AWS cloud background is required to join our global client's new UK cybersecurity team. This role is predominantly end-client facing, advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and … and examinations. Skills & Experience Required: 3+ years of experience working in Cyber Security within an AWS cloud environment Any experience with CrowdStrike would be a bonus Good experience with PCI DSS Vulnerability management & Compliance Lead on Audits Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & DevOps Integration (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Configure and maintain authentication solutions (SSO, SAML, Entra Connect). Develop and manage … CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure More ❯

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & DevOps Integration (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Configure and maintain authentication solutions (SSO, SAML, Entra Connect). Develop and manage … CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure More ❯

Job Description, Quality Compliance Executive, ISO 9001, 14001, 22301, 27001, PCI-DSS Are you passionate about quality systems, compliance, and risk management? Our client, a market leader in their sector, is seeking a dynamic Quality Compliance Executive to support the continuous improvement of operational processes and ensure full regulatory and certification compliance across the business. Key Responsibilities, Quality … of ongoing improvement and accountability across all teams. ISO & Certification Management Act as the operational lead for maintaining ISO and other key certifications (e.g. ISO 9001, 14001, 22301, 27001, PCI-DSS). Liaise with external certification bodies, coordinate annual audit calendars, and prepare internal teams accordingly. Maintain and manage Group-wide Risk Registers, escalating compliance risks as needed. More ❯

required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯

required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯

required to join our client's UK cybersecurity team. This in house role is predominantly advising on security best practices, vulnerability management and security standard compliance (e.g. NIST, ISO, PCI DSS etc), and leading audits and examinations. So you should have good knowledge of security tooling and processes, compliance and security management (endpoint protection, cloud, SIEM etc). … Cyber Security within an cloud environment (AWS, Azure of GCP) Any experience with CrowdStrike/Endpoint Protection would be a bonus Good experience with security complience (e.g. NIST, ISO, PCI DSS etc) Strong Security standard knowledge and experience, consulting on a range of security policies and standards such as GDPR, ISO, PCI, NIST Confidence when speaking with … in a vibrant office with some of most forward-thinking technical people Key Responsibilities: Analysing and developing security requirements, as well as carrying out vulnerability management & compliance work in PCI DSS type projects Ensure consistency across IT Security risk management activities. Advise Engineers on information related to new vulnerabilities and threats and their remediation, to improve vulnerability management. More ❯

procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin's PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯

fostering a collaborative, inclusive culture rooted in technical excellence, accountability, and continuous improvement. Own the architecture, development, and operational health of mission-critical systems, including sensitive payment infrastructure and PCI DSS-compliant CDE components. Drive integration with a wide ecosystem of third-party providers , including EV charging networks, fuel stations, toll operators, parking aggregators, and acquirers, enabling seamless … performance, and scalability through robust observability, incident response processes, performance testing, and fault-tolerant architecture. Partner with Security, Compliance, and Infrastructure teams to meet regulatory and certification standards (e.g., PCI DSS, TISAX, ISO 27001), and embed security into development workflows. Collaborate cross-functionally with Product, Partner Operations, and Business Development to translate user and partner needs into scalable … a user-centric and data-driven mindset. Experience in designing and operating transactional systems, including session management and payment systems. Demonstrated success in delivering systems in regulated environments (e.g. PCI DSS, TISAX, ISO 27001), including compliance alignment and audit readiness. Advanced knowledge of cloud-native engineering (preferably AWS), microservice architecture, container orchestration, and scalable infrastructure. Fluent in agile More ❯

CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer technologies for secure … solutions (Veeam or similar). Experience with monitoring tools (SolarWinds SentryOne, Zabbix, etc.). Excellent problem-solving, communication, and documentation skills. Some familiarity with financial services regulations and compliance (PCI DSS, GDPR, DORA) would be useful but not essential. Desirable/bonus (but not essential) skills and experience: Some interest in learning and using automation tools such as More ❯

team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding More ❯

GDPR, ISO 27001, and Cyber Essentials, and a willingness to navigate evolving guidance such as Network and Information Systems Regulations 2018 (NIC) or Payment Card Industry Data Security Standards (PCI DSS) Strong communication and documentation skills, with the ability to collaborate effectively with cross-functional teams, including Engineering, Product, and Legal. A self-starter mindset, who is proactive … and growth. Desirable Qualifications and/or knowledge (any of the following): Certifications or practical experience as/in CISMP, CompTIA Security+, ISO 27001 Lead Implementer, CISM, CISSP, or PCI DSS QSA. Awareness of key regulations, including UK GDPR, Data Protection Act 2018, and the NIS Regulations An understanding of security risk management, governance, and policy implementation Awareness More ❯

support developers in secure coding practices to reduce vulnerabilities proactively. Governance, Compliance & Training Ensure that application security architecture and practices comply with relevant regulatory and industry standards such as PCI-DSS, SOC 2, ISO 27001, and GDPR. Lead efforts to prepare for and support external and internal audits by providing comprehensive documentation, risk assessments, and remediation evidence. Develop … and workload identity management. Proficient in at least one programming or Scripting language such as Python, Java, JavaScript, or Go. Solid understanding of FinTech compliance requirements and standards including PCI-DSS, SOC 2, GDPR, and ISO 27001. Excellent communication and collaboration skills, capable of working with diverse teams and stakeholders. Nice to Have Industry certifications such as Certified More ❯

Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years total, with 5+ in senior … CASB, DLP, endpoint protection, cloud security, firewalls, etc. Prior hands-on experience in security engineering or architecture is highly desirable Exceptional knowledge of global compliance frameworks (NIST, ISO 27001, PCI-DSS, GDPR) Excellent stakeholder management and leadership skills Relevant certifications (CISSP, CISM, CISA or similar) Incredible Benefits: £10,000 per month income tax free! Relocation support package, including More ❯

Lead response to major incidents, and provide guidance to executive leadership Define KPIs, SLAs and manage the security operations budget Stay current on global cyber threats, compliance requirements (including PCI-DSS), and evolving tech trends Key Responsibilities of the Senior Security Operations Manager: Extensive experience in cyber security leadership roles (10–15 years total, with 5+ in senior … CASB, DLP, endpoint protection, cloud security, firewalls, etc. Prior hands-on experience in security engineering or architecture is highly desirable Exceptional knowledge of global compliance frameworks (NIST, ISO 27001, PCI-DSS, GDPR) Excellent stakeholder management and leadership skills Relevant certifications (CISSP, CISM, CISA or similar) Incredible Benefits: £10,000 per month income tax free! Relocation support package, including More ❯

forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials/CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are audit-ready Monitoring, Reporting & Visibility: Produce internal and … working knowledge of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts More ❯

forensic data from platforms like CrowdStrike and RoboShadow Conduct root cause analysis and manage remediation Compliance, Risk & Certification Support: Guide clients through Cyber Essentials/CE+, ISO 27001, and PCI DSS frameworks Perform regular risk assessments, policy audits, and technical documentation Ensure evidence gathering, hardening practices, and governance alignments are audit-ready Monitoring, Reporting & Visibility: Produce internal and … working knowledge of: CrowdStrike Falcon - policy config, triage, alerting RoboShadow or similar - vulnerability workflows Microsoft Defender, Conditional Access, MFA, Secure Score Familiarity with frameworks: Cyber Essentials Plus, ISO 27001, PCI DSS Incident response experience with real-world investigations Understanding of identity security, patch management, and user awareness training Excellent written and verbal communication - able to simplify complex concepts More ❯

cost optimization strategies for vendor services. Track vendor spend and ensure alignment with financial goals. Risk & Compliance Management Ensure vendors comply with regulatory, security, and data protection requirements (e.g., PCI DSS, GDPR, ISO 27001). Conduct regular vendor risk assessments and monitor any security or compliance concerns. Partner with Security and Compliance teams to ensure third-party risk … experience in contract negotiation, cost optimization, and risk assessment. Ability to lead Quarterly Business Reviews (QBRs) and drive service improvements. Understanding of regulatory requirements relevant to vendor management (e.g., PCI DSS, GDPR, ISO 27001). Excellent stakeholder management, communication, and negotiation skills. Strong analytical mindset with experience using data to assess vendor performance and impact. ?Education & Experience: Bachelors More ❯

ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. … we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player More ❯

Framework. Ensuring compliance with applicable legislation, regulatory requirements, and business obligations, as well as adherence to the most current frameworks and standards (e.g., Licence 4, ISO 27001, WLA:SCS, PCI-DSS, and DPA 2018). Coordinating and participating in internal and external security and privacy audits. This includes ensuring necessary evidence is available and that audit findings or … principles, including relevant concepts, standards, frameworks, and technologies Good knowledge of UK Data Protection legislation and its underlying principles Experience in managing security governance and compliance obligations (e.g., DPA, PCI-DSS, ISO 27001) The ability to work independently with minimal supervision, as well as effectively contribute to larger, more complex project teams Strong communication skills, with the ability More ❯

culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align with relevant security frameworks and standards (e.g., OWASP, NIST, ISO 27001, GDPR, PCI DSS). Support regulatory compliance efforts and maintain evidence to meet audit requirements. Collaboration and Communication : Function as the primary interface between security, development, and infrastructure teams, ensuring … reviews, and penetration testing. Proven ability to secure cloud-native architectures, containerization technologies, and Infrastructure as Code (IaC) environments. Familiarity with industry standards and frameworks such as OWASP, BSIMM, PCI DSS, ISO 27001, and GDPR. Security Integration experience: Demonstrated ability to seamlessly integrate secure development practices into SDLC/SSDLC workflows. Skilled in implementing technical security controls and More ❯