1 to 25 of 35 Remote Permanent SOC 2 Jobs

supporting compliance programs, and promoting secure practices across engineering and business teams. You'll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you'll help embed security into the design of our … shaping how we scale IT and security together. What you'll do: Governance & Compliance Own and evolve Definely's Information Security Management System (ISMS). Lead ISO 27001 and SOC 2 Type II audits, ensuring controls remain effective. Manage customer due diligence requests and run Definely's SafeBase-powered Trust Center; streamline customer security questionnaires, DPAs, and RFP … stakeholders. What you'll bring: Hands-on experience in information security, ideally within a SaaS or product-led environment. Proven success leading or supporting ISO 27001 and/or SOC 2 Type I/II compliance programs. Deep understanding of secure SDLC practices, including threat modelling and design reviews for security impact. Experience securing AI/LLM features More ❯

them to specific business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

development of effective security measures. Support the development, implementation, and continuous improvement of the organization's security strategy, policies, and procedures. Support the maintenance of our ISO 27001 and SOC 2 Level 2 certifications. What you'll bring Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree or relevant certifications … you? Competitive salary and uncapped commission. 26 days of annual leave and Bank Holidays Top-notch Private Healthcare and Health Cash Plan Hybrid working model Initial home office budget 2-month work abroad policy Great training and yearly learning budget Employer pension scheme Enhanced maternity pay Social activities and team outings Referral bonus Employee Assistance Program Great hardware and More ❯

Access, Entra ID, and Identity Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance More ❯

Access, Entra ID, and Identity Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance More ❯

tools (EDR, vulnerability scanners, SCA, etc.) Own and manage internal authentication (SSO, MFA, identity lifecycle) Secure endpoints, laptops, and internal systems Lead security awareness and employee training programs Drive SOC 1/2 and other compliance frameworks Build internal security policies, playbooks, and operational processes Manage relationships with vendors, auditors, and pentesters We're Looking For Someone Who … or similar certification Strong knowledge of cloud security, secure software development, and common vulnerabilities Proven experience securing production environments and CI/CD systems Familiarity with security compliance frameworks (SOC 2, ISO 27001) Experience deploying and operationalising security tools Excellent communication skills and the ability to collaborate across teams A pragmatic, system-oriented mindset that balances risk and More ❯

and firewalls. Proficiency in modeling architectures using industry-standard tools like ArchiMate, Visio, or Miro Familiarity with cloud security principles, data protection, and compliance frameworks like GDPR, HIPAA, or SOC 2. Self-learner and ability to work independently Strong analytical and problem-solving skills for complex technical challenges Strong organizational skills. Excellent interpersonal, communication, and negotiation skills Preferred Experiences More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years’ experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

and alignment with long-term business objectives Security, Compliance, and Governance Ensure compliance, governance, and security through proper IAM role design, data encryption, and alignment with standards including GDPR, SOC 2, and ISO frameworks Implement data partitioning strategies, tenant isolation protocols, and cost-efficient scaling mechanisms for multi-tenant environments Design and support SaaS observability practices covering SLA More ❯

essential Microsoft Purview, Compliance Manager and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required: AZ-500 SC-100 (or working More ❯

by having Networking skills: Knowing your BGP from your VPC Solid security understanding: Help us engineer the secure-by-default infrastructure and deployment pipelines Familiarity with regulated workflows: ISO27001, SOC2, GDPR aren't just abbreviations, and don't fill you with dread Observability skills: Well familiar with Open Telemetry, Prometheus, Loki and Grafana CI/CD pipeline skills: You know More ❯

Ebury's values. Nice to have: Experience in the FinTech industry. Bachelor's degree in computer science or a related field. Familiarity with security and compliance requirements (e.g., HIPAA, SOC 2, GDPR, DORA) is a plus. Proficiency in Spanish or Portuguese is advantageous. Not feeling like you meet all the requirements? That's OK! No one fits a More ❯

fast-moving SaaS or product-led business before. Bonus points if you've helped shape DevOps roadmaps, mentored others, or worked with cost optimisation, security, or compliance frameworks (ISO, SOC2, etc.). This is more than just another DevOps role - it's a chance to join a company at the perfect stage: profitable, scaling, tech-led, and genuinely empowering its More ❯

with the business to, supporting risk assessments, mitigation strategies, and reporting. Information Security: Lead the legal and compliance aspects of Prolific's information security programme, including ISO 27001 and SOC2 standards. Maintain Prolific's information security certifications. Closely collaborate with the tech team to ensure robust information and cyber security. Corporate Governance: Manage corporate governance, including board and shareholders approvals More ❯

with the business to, supporting risk assessments, mitigation strategies, and reporting. Information Security: Lead the legal and compliance aspects of Prolific's information security programme, including ISO 27001 and SOC2 standards. Maintain Prolific's information security certifications. Closely collaborate with the tech team to ensure robust information and cyber security. Corporate Governance: Manage corporate governance, including board and shareholders approvals More ❯

and operations. Beneficial * Experience with cloud security practices (IAM, container hardening, etc.). * Familiarity with tools like Trivy, Semgrep, Checkov, or OWASP ZAP. * Exposure to regulatory frameworks such as SOC2, ISO 27001, HIPAA, or GDPR. Adecco is acting as an Employment Agency. We are an equal opportunities employer. Keywords DevOps Engineer, Cloud Infrastructure, Kubernetes, Terraform, Helm, AWS, Azure, CI/… CD, GitHub Actions, Argo Workflows, Prometheus, Grafana, Sentry, Python, Java, Next.js, Infrastructure as Code, Monitoring, Logging, Security, SRE, Remote DevOps, UK Tech Jobs, STEM, ISO 27001, SOC2, HIPAA, GDPR, Git, Cloud Security, Automation, Observability, Event-driven Architecture More ❯

Swagger/OpenAPI documentation for Open APIs Familiarity with Azure services and automation tools like Power Automate or Zapier Exposure to IoT or Telematics platforms Awareness of ISO 27001, SOC 2, or GDPR compliance standards Benefits: Competitive base salary Hybrid working Private healthcare Exciting and unique projects Pension scheme If you are a Senior .NET Developer experienced in More ❯

access solutions and more. Install and manage AV and conference solutions for global collaboration. Create accessible, easy-to-use self-service IT documentation. Facilitate and conduct security audits (ISO27001, SOC2) annually and maintain ongoing compliance. Effectively communicate and liaise with both stakeholders and the wider business. Coach and mentor the IT Team while aligning IT with bigger business goals. What More ❯

We’re hiring! Legal Counsel @ IRIS Software ✨ 📍 Location: Heathrow, UK - Hybrid (2-3 days per week) 📝 Type: Permanent 👩 ⚖️ Reports To: General Counsel 🚀 About IRIS We’re one of the UK’s fastest-growing technology companies, providing innovative accounting software and managed payroll services to accountants, bookkeepers, and businesses worldwide. 🌍 At IRIS, we help professionals automate compliance, streamline operations, and … protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS/fintech/tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional services clients. 🌟 Why IRIS? At IRIS, you’ll get: 💼 Exposure to a variety of More ❯

We’re hiring! Legal Counsel @ IRIS Software ✨ 📍 Location: Heathrow, UK - Hybrid (2-3 days per week) 📝 Type: Permanent 👩 ⚖️ Reports To: General Counsel 🚀 About IRIS We’re one of the UK’s fastest-growing technology companies, providing innovative accounting software and managed payroll services to accountants, bookkeepers, and businesses worldwide. 🌍 At IRIS, we help professionals automate compliance, streamline operations, and … protection, commercial & contract law. ✔️ Pragmatic, proactive, and solutions-focused. ✔️ Excellent communicator & relationship-builder. 💡 Bonus points if you have: SaaS/fintech/tech sector experience. Knowledge of ISO 27001, SOC 2, payroll or financial services frameworks. Exposure to disputes, M&A, or advising professional services clients. 🌟 Why IRIS? At IRIS, you’ll get: 💼 Exposure to a variety of More ❯