1 to 25 of 83 Permanent PCI DSS Jobs in the UK

AD), Windows Server environments, and authentication solutions. Plan for scalability, redundancy, and high availability to support future growth. IT Security & Compliance: Ensure compliance with security and regulatory standards, including PCI DSS, Cyber Essentials+, DORA, and ISO 27001. Implement and enforce security best practices across infrastructure automation and cloud environments. Maintain accurate compliance documentation, including PCI DSS scope records and security policies. Secure high-value and high-risk data, such as cardholder (PCI) and personally identifiable information (PII). Cloud & Automation (these tools and skills will be taught): Implement and manage Infrastructure as Code (IaC) for cloud and on-premises environments. Learn how to automate configuration management, infrastructure provisioning, and application deployment. Configure and maintain … essential. Desirable (but not required) experience: Some interest in learning and using automation tools such as Azure DevOps, Terraform, Node-Red, Packer. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. Scripting and automation skills (PowerShell, Python, Bash, or similar). Ability to design, implement, and maintain CI/CD pipelines for More ❯

Administrator to strengthen our IT team. About the Role You’ll manage and optimise Linux systems (Red Hat/CentOS), support Windows environments, and ensure infrastructure security and compliance (PCI DSS). This role involves working across hybrid cloud setups, particularly AWS, and collaborating with cross-functional teams to maintain scalable, high-performance systems. Key Responsibilities Install, configure … IP) Manage user access and permissions Apply security patches and updates Support AWS infrastructure (EC2, S3, IAM, VPC) Implement backup and disaster recovery Maintain documentation and asset inventories Ensure PCI DSS compliance and assist with incident response Collaborate with development, security, and operations teams Drive automation and process improvements Qualifications & Experience Degree in Computer Science, IT, or equivalent … experience 3–5 years of Linux administration (Red Hat/CentOS) Windows environment experience Networking knowledge (CCNA level or equivalent) AWS familiarity Understanding of PCI DSS and secure practices Scripting and automation skills (Bash, Python, Ansible) Strong troubleshooting and documentation abilities Preferred Skills RHCSA or higher certification CCNA certification Experience with monitoring and config management tools Familiarity with More ❯

as a partner to the business and provide oversight, assurance and governance to ensure controls are effectively implemented. Security Frameworks : Understanding of security frameworks such as ISO:27001 and PCI-DSS. Strong Communication Skills : Ability to communicate effectively to colleagues at all levels, both verbally and in writing, and translate complex technical information to non-technical audiences while building … strong relationships with key stakeholders. What's involved: Implement and maintain established control frameworks such as ISO27001 and PCI-DSS and other relevant security frameworks, including the creation of policies, standards, and other documentation. Lead the governance, oversight, and assurance on technical security controls and technical design on both new and existing solutions in FCG's network and … frameworks, including experience and proficiency in cloud security. Experience and expertise in Azure environment security, vulnerability management, and associated processes. Detailed knowledge of Information Security frameworks and standards, particularly PCI-DSS, ISO27001, and other cyber frameworks. Experience of managing Information Security in an Agile Change Environment. Proven track record of undertaking control assurance reviews against best practice standards More ❯

security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews and updates to ensure controls remain effective against evolving threats Essential skills: Minimum 2 year's experience in information … controls catalogue in a financial services environment (highly desirable) Proven experience in delivering security projects within a federated organisation Desirable skills: Knowledge of NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, DORA Understanding of risk methodologies and data analysis for reporting Strong documentation skills (control matrices, process flows, SOPs) Excellent communication skills for both technical and non-technical More ❯

aligning engineering execution with business goals, ensuring scalability, security, reliability, and maintainability. Your contribution Key Responsibilities 1. Technical Leadership • Architect secure, high-availability systems with compliance in mind (e.g., PCI DSS, SOC 2, ISO 27001). • Ensure robust encryption, audit trails, and access control mechanisms. • Guide backend design for high-volume transactional systems (e.g., ledgers, payments, identity verification … and quality under business pressures. • Strong communication with both technical and non-technical stakeholders, especially in regulated contexts. • Conflict resolution and emotional intelligence. Domain • Experience with financial regulations (e.g., PCI-DSS, GDPR, PSD2). • Familiarity with fintech standards and third-party integrations (e.g. Decision Engines, ID&V, Swift, ISO 20022). Success Metrics • System Trustworthiness: Uptime, performance, technical More ❯

is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

and business risk Embed Engineering Excellence: Champion a 'security as engineering' mindset, integrating vulnerability management into CI/CD pipelines and development workflows Drive Compliance: Ensure all processes meet PCI-DSS, 3DS, SOC2, and ISO requirements with robust audit trails and evidence collection Enable Teams: Create frameworks and playbooks that empower engineering teams to resolve vulnerabilities efficiently, particularly … you'll bring: Proven Track Record: 7+ years in security engineering with at least 3 years leading vulnerability management programmes in regulated environments Financial Services Experience: Deep understanding of PCI-DSS requirements, authenticated scanning, and financial services security standards Technical Depth: Hands-on experience with vulnerability scanning tools (Tenable preferred), SAST/DAST implementation, and security automation Engineering More ❯

and business risk Embed Engineering Excellence: Champion a "security as engineering" mindset, integrating vulnerability management into CI/CD pipelines and development workflows Drive Compliance: Ensure all processes meet PCI-DSS, 3DS, SOC2, and ISO requirements with robust audit trails and evidence collection Enable Teams: Create frameworks and playbooks that empower engineering teams to resolve vulnerabilities efficiently, particularly … you'll bring: Proven Track Record: 7+ years in security engineering with at least 3 years leading vulnerability management programmes in regulated environments Financial Services Experience: Deep understanding of PCI-DSS requirements, authenticated scanning, and financial services security standards Technical Depth: Hands-on experience with vulnerability scanning tools (Tenable preferred), SAST/DAST implementation, and security automation Engineering More ❯

on-prem platforms, and ensuring systems are resilient and secure-by-design. Key Duties: Champion Secure by Design principles across teams and platforms. Align architecture with NCSC, GovAssure, ISO27001, PCI-DSS, and GDPR standards. Guide and support technical teams in making risk-aware, security-focused decisions. Shape roadmaps, frameworks, and compliance plans that support innovation. Provide expert advice … to the GovAssure process and other audit/compliance activities. Requirements: Proven experience in security architecture and leadership. Strong understanding of compliance frameworks and cybersecurity standards (NCSC, ISO27001, GDPR, PCI-DSS). Experience in cloud, hybrid, and on-premise environments. Excellent communication, mentoring, and problem-solving skills. Ability to influence technical decisions and guide teams across multiple platforms. More ❯

on-prem platforms, and ensuring systems are resilient and secure-by-design. Key Duties: Champion Secure by Design principles across teams and platforms. Align architecture with NCSC, GovAssure, ISO27001, PCI-DSS, and GDPR standards. Guide and support technical teams in making risk-aware, security-focused decisions. Shape roadmaps, frameworks, and compliance plans that support innovation. Provide expert advice … to the GovAssure process and other audit/compliance activities. Requirements: Proven experience in security architecture and leadership. Strong understanding of compliance frameworks and cybersecurity standards (NCSC, ISO27001, GDPR, PCI-DSS). Experience in cloud, hybrid, and on-premise environments. Excellent communication, mentoring, and problem-solving skills. Ability to influence technical decisions and guide teams across multiple platforms. More ❯

optimise payment processes, ensuring transactions run smoothly and reliably. Share your expertise with the team through code reviews, documentation, and knowledge-sharing sessions. Implement industry-standard security practices, including PCI DSS considerations, fraud prevention, and rate limiting. Integrate with third-party payment gateways and APIs while ensuring compliance with local and international regulations. Partner with product managers to … issues for non-technical audiences. Collaborative mindset with openness to feedback and new ideas. Strong problem-solving skills with both critical and creative thinking. Familiarity with compliance frameworks (GDPR, PCI DSS, PSD2). Experience handling multiple currencies, sales tax, 3D Secure, tokenization, fraud prevention, and disputes/chargebacks. Bonus Points Experience with brewing PHP fixes while fending off More ❯

initiatives, including migration of legacy applications to cloud-native platforms and adoption of SaaS/PaaS solutions. Understanding of UK financial regulations, GDPR, and industry standards (ISO 27001, NIST, PCI DSS, etc). Experience running risk assessments, threat modelling, and security testing programmes. Ability to engage and influence senior stakeholders, balancing security with commercial and operational priorities. Strong More ❯

with security controls such as Firewalls, IDS, IPS, and NAC. Familiarity with cloud platforms: AWS, GCP, Azure, and Microsoft Office 365. Knowledge of information security standards including ISO 27001, PCI-DSS, GDPR. Strong grasp of IT domains including Linux, Windows, networking, containers, IAM, and monitoring. Understanding of ISO27001, ISO27005, NIST security controls, WAF, and network segmentation. Desirable Extras More ❯

network architectures (e.g., LAN, WAN, DMZ) and topologies, network protocols, routing, switching, and subnetting. Ensure network security measures are aligned with relevant compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS More ❯

artefacts including standards and blueprints. What You'll Bring Prior and proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications More ❯

outages or vulnerabilities. Manage access controls and audit trails for all cryptographic assets. Security & Compliance Ensure KCS operations comply with internal policies and external standards (e.g., NIST, ISO 27001, PCI-DSS). Support internal and external audits by maintaining accurate documentation and logs. Implement and enforce policies for secure key generation, storage, and destruction. Incident Response & Troubleshooting Act More ❯

design and implementation of security solutions Proficient in security modelling, frameworks, and tools (e.g., SparxEA, Archi) with deep knowledge of security principles, methodologies, and industry standards (NIST, ISO 27001, PCI-DSS, GDPR) Skilled in threat and risk modelling, governance, and aligning security controls with business strategy, regulation, and technical constraints Stakeholder engagement and communication skills, with experience in More ❯

Application Firewalls, Intrusion Detection/Prevention, Incident Response, and Security Information and Event Management (SIEM), Identify and Access Management (IAM) controls. Implementation experience with compliance frameworks such as NIST, PCI-DSS, ISO/IEC 27001, ISO/IEC 27017, FISC, etc Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status More ❯

risk management tools and techniques Experience of security governance and compliance, ideally gained in financial services organisations Demonstrable understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, PCI DSS Awareness and understanding of the Information Security threat landscape Deep understanding of Information Security solutions and controls Experience of Cloud security solutions and standards is highly advantageous More ❯

Lead roles JSP440, JSP604/453 & JSP490 Working with system secure design MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience More ❯

of incidents, root cause analysis, and coordination of response actions. Implement and administrate security operational controls across AWS, Azure, and on-prem environments, ensuring consistent alignment with ISO 27001, PCI-DSS, CIS and internal governance requirements. Deliver clear, actionable security reporting and dashboards for both technical and executive audiences, covering vulnerabilities, threats, control coverage, and incident trends. Maintain … apply layered security controls across infrastructure and cloud environments. Demonstrated ability to assess control effectiveness and identify compliance gaps against frameworks such as NIST, ISO 27001, CIS Benchmarks, and PCI DSS. Experienced in conducting security assessments and aligning solutions with ITSM, ITIL, and service improvement standards. Proven track record in supporting security incidents, implementing automation, and developing scripts to More ❯

team at the Intellectual Property Office. Playing a key part in an established team, the individual is responsible for ensuring the continued compliance with key security standards, such as PCI, ISO27001, secure by design, GovAssure etc. It is essential that this role ensures that security architecture alongside compliance are understood and therefore the role will include championing security by … but are not limited to: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT. Manage the security architecture More ❯

team at the Intellectual Property Office. Playing a key part in an established team, the individual is responsible for ensuring the continued compliance with key security standards, such as PCI, ISO27001, secure by design, GovAssure etc. It is essential that this role ensures that security architecture alongside compliance are understood and therefore the role will include championing security by … but are not limited to: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT. Manage the security architecture More ❯

response and investigations of incidents to identify severity and sources, including the monitoring of alerts and springing into action to remediate threats, ensuring that detailed documentation is maintained Undertaking PCI compliance auditing Collaborating with security partners to ensure a robust security posture and undertake due diligence during the onboarding process for non-system suppliers Managing the ongoing monitoring of More ❯

finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or SABSA. Why QBE? At My Best? At QBE, we want our people to feel rewarded and inspired to perform at More ❯