1 to 25 of 87 Permanent SOC 2 Jobs in the UK

designing and implementing cutting‐edge security and compliance programs. As a fast‐growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture … build trust, navigate complex accounts, and deliver an outstanding client experience — while also bringing deep expertise in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. The successful candidate will be able to come up to speed quickly, integrate into the organization, and take ...

chaos to strategic partnerships Compliance & Security Transform compliance from a checkbox exercise into a sales accelerator that wins enterprise deals Own and execute our SOC 2 certification end‐to‐end with efficient, automated evidence gathering Turn RFI and security questionnaire responses into a competitive advantage—fast, thorough, repeatable … people) Able to manage and procure upwards of 50+ vendors, owning a budget in the 7 digits Track record implementing and maintaining compliance frameworks (SOC 2, ISO 27001, GDPR) Experience with enterprise sales support in a B2B SaaS company—you’ve answered RFIs and security questionnaires Proven ability ...

policies, covering endpoint security, access management, and controls suited to a remote, globally distributed workforce Maintain and build upon our existing certifications (ISO 27001, SOC 2 Type II), and drive expansion of SOC 2 coverage across our full product portfolio Ensure compliance with GDPR and applicable … SaaS or technology environment Strong understanding of application security and secure software development Strong working knowledge of compliance frameworks including ISO 27001 and SOC 2, with hands‐on experience managing or achieving these certifications; solid understanding of GDPR compliance across multiple jurisdictions Strong communication skills with the ability ...

secure practices across engineering and business teams. You’ll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security … Type II audits, ensuring controls remain effective. Drive readiness for ISO/IEC 42001 AI certification Apply prior experience successfully obtaining ISO and SOC certifications Manage customer due diligence requests and run Definely’s SafeBase-powered Trust Center; streamline customer security questionnaires, DPAs, and RFP security sections. Product & Engineering ...

support. You will also play an important role in strengthening our security and compliance posture, supporting controls aligned with frameworks such as Cyber Essentials, SOC 2, and ISO 27001, and helping ensure our infrastructure and delivery practices are appropriate for a regulated healthtech SaaS business. As part … controls Support a proportionate, risk-based security posture across cloud infrastructure and delivery pipelines. Contribute to infrastructure and operational controls aligned to Cyber Essentials, SOC 2, and ISO 27001 expectations. Support secure identity and access management across Azure, Entra ID, and Microsoft 365. Help improve secrets management, patching ...

already HIPAA and ISO27001 certified, we’re heading into a PCI DSS audit shortly, and later this year we’ll have GDPR and SOC 2 Type II coming up. The role is based in our dog‐friendly office in London: The Bower, 207‐122, Old Street, London EC1V … 9NR. What you’ll own Audits and certifications Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year Serve as the main point of contact for external auditors—scoping, evidence, walkthroughs, findings Maintain HIPAA and ISO 27001 compliance between recertifications Compliance operations ...

group-level data capability is live with a published catalog and cross-divisional SLAs. Regulatory & Cost Control: Engineering consistently hits all MiCA, DORA, and SOC 2 milestones while managing cloud and vendor spend against clear business-unit baselines. Key Responsibilities Engineering Delivery & Cadence: Run day-to-day global … group data pipelines and governance. Cybersecurity Execution & Compliance: Own the on-the-ground execution of The Company’s security and regulatory commitments (MiCA, DORA, SOC 2). Foster a "controls-by-design" engineering culture while respecting regulated divisional information walls. Talent, Budget & Scale: Manage the global engineering budget ...

with the system administration team to remediate identified issues. Compliance Management You'll maintain our compliance posture across relevant frameworks such as ISO 27001, SOC 2, NIS2, Cyber Essentials and GDPR. You'll develop and maintain IT policies, procedures, and controls that align with regulatory requirements and best … Strong understanding of IT infrastructure including Windows and Linux server environments, Active Directory, networking, and databases. • Knowledge of compliance frameworks such as ISO 27001, SOC 2, NIST, Cyber Essentials, or PCI-DSS. • Experience with security tools including SIEM, vulnerability scanners, endpoint protection, and firewalls. Experience with the Microsoft ...

and operational runbooks Manage secrets, key custody, access controls, and infrastructure governance Deliver backup, disaster recovery, and business continuity strategies Drive compliance readiness for SOC 2, ISO 27001, and regulatory audits Partner with software engineering teams to ensure applications are secure, observable, and production-ready Lead infrastructure migration … taking systems from early‐stage development through to secure production deployment Strong background in cloud infrastructure, automation, and operational security Experience supporting or leading SOC 2 Type II and/or ISO 27001 programmes Strong documentation and communication skills with the ability to create clear technical and compliance ...

native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC 2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and … infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC 2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management ...

Salary: Dependent on Experience Location: Flexible: Reigate or Manchester area Job type: Full time Working Pattern: 2 days per week onsite |4.5 day working week (Half day Fridays) About Infinity We are building the next generation of call intelligence and AI-driven insight platforms. Over the next three years … behaviours with confidence Partner with Security, Compliance & Assurance on AI governance obligations, including emerging requirements under ISO 27001/42001, NIS2, and future SOC 2 scope – ensuring AI platform practices meet and anticipate regulatory expectations Make model selection and build‐vs‐buy decisions based on evidence: performance benchmarks ...

external platform access Managing relationships with third-party security providers and ensuring recommendations are delivered effectively Supporting compliance initiatives across standards including ISO 27001, SOC 2 and NIST Acting as an escalation point for significant security incidents when required Driving security awareness and embedding best practice across … operational teams Hands-on scripting or automation experience using Python, Bash or similar tools Experience supporting audits, certifications and compliance frameworks including ISO 27001, SOC 2 and NIST Knowledge of security methodologies such as MITRE ATT&CK Excellent communication and stakeholder management skills Experience operating within high-growth ...

Aurora’s security controls are effective, proportionate and aligned to business, customer and regulatory requirements Lead security assurance and certification activities, including ISO 27001, SOC 2, and related audit readiness, while contributing to the continued evolution of Aurora’s wider security and compliance operating model Partner with Legal … structured, risk‐based way Significant experience managing external audits, customer assurance and recognised security standards/certifications such as ISO 27001 and SOC 2 Experience influencing senior stakeholders and communicating clearly at executive level, including the ability to translate technical risk into clear business decisions and trade‐offs ...

improve processes, thrive without rigid playbooks. Comfortable operating in scale-up environments where customer needs inform product direction. Security & Compliance Acumen: Understand security requirements, SOC 2/ISO 27001, data residency, audit logging, encryption. Trusted conduit between Sales and Technology - able to articulate product capabilities on security RFPs … task management, audit trails, reporting), how they integrate with risk management systems, and typical architecture patterns in Financial Services and Payments. Security Concepts: Understand SOC 2/ISO 27001, data residency and sovereignty, encryption at-rest/in-transit, audit logging, and role-based access control. Troubleshooting Mindset ...

across the software lifecycle Oversee architecture and delivery across modern microservices and cloud-native applicationsEnsure engineering compliance with recognised security and governance standards including SOC 1 , SOC 2 , and ISO frameworks Collaborate with stakeholders to define technical strategy and product direction Champion DevOps, CI/CD, and ...

Code: Bridging the gap between technical execution and regulatory requirements. You will build the automated systems that provide real-time evidence for frameworks like SOC 2, ISO 27001 & PCI ensuring we stay compliant without manual overhead. The Team You will be a key member of our growing Security … building the systems that check them for you. Security as Code: Design and maintain custom security tooling in Go to automate evidence collection for SOC2/ISO 27001 and remediation of security alerts. Infrastructure & IAM: Write and peer-review Terraform to manage identity and core infrastructure across AWS and ...

This is a hybrid position. Expectation of days in the office will be confirmed by your Hiring Manager. Qualifications Experience of Security Operations Center (SOC) work experience with a Bachelor's degree. Experience in Cybersecurity or computer network defense role. Experience in operating and utilizing Security Information and Event … and related security best practices. Knowledge of OWASP (Open Web Application Security Project) Top Ten Risk Factors. Understanding orExperience working in an ISO27001/2, PC-DSS or SOC 2 environment. Visa is an EEO Employer Qualified applicants will receive consideration for employment without regard to race ...

looking for top-tier talent to join us on our journey and enable our next phase of success. Senior DevOps Engineer Novatus HQ - 2 London Wall Place, EC2Y 5AU Job Overview: As a Senior DevOps Engineer , you will scope and deliver complex infrastructure projects end-to-end, building and … firewalls/security groups, VPN/private connectivity, load balancers, and practical troubleshooting. Experience operating cloud infrastructure in regulated environments (e.g. GDPR, ISO 27001, SOC 2). Experience designing observability, monitoring, logging, and alerting solutions for distributed systems. Strong software engineering ability beyond basic scripting. Ideally someone ...

primarily GCP, with some AWS exposure also useful Secret management - HashiCorp Vault, AWS Secrets Manager, or similar Knowledge of Fintech compliance requirements - PCI-DSS, SOC 2, ISO 27001 Scripting skills - Python, Bash, or similar Someone who can translate between security and engineering teams, and is respected by both ...

and Docker environments Data Loss Prevention (DLP) and SaaS security governance. Advanced detection engineering or SOAR playbook development. Experience supporting ISO 27001 or SOC 2 audits. Relevant certifications (e.g. CISSP, CISM, GIAC). Workplace & Benefits At Deliveroo we know that people are the heart of the business and ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

and incident response workflows Experience with scripting or automation using Python, PowerShell, or similar Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or CIS Strong problem-solving mindset with the ability to operate across multiple security domains Experience within regulated or financial environments is beneficial ...

depth strategies.**Knowledge of Standards:*** Strong knowledge of relevant security standards and frameworks such as NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2 and OWASP.**Communication Skills:*** Ability to articulate technical risks and architectural decisions to both technical and non-technical audiences.**Certifications:*** Architectural qualifications (e.g., SABSA, TOGAF ...

experience a plus) IaC security (Terraform, CloudFormation) - spotting misconfigs before they hit production Knowledge of compliance frameworks relevant to Fintech - PCI-DSS, ISO 27001, SOC 2 Cloud-native logging and monitoring - Google Cloud Logging, Chronicle, or similar Someone who's comfortable working across engineering teams, not just ...

experience a plus) IaC security (Terraform, CloudFormation) - spotting misconfigs before they hit production Knowledge of compliance frameworks relevant to Fintech - PCI-DSS, ISO 27001, SOC 2 Cloud-native logging and monitoring - Google Cloud Logging, Chronicle, or similar Someone who's comfortable working across engineering teams, not just ...