1 to 25 of 29 SOC 2 Jobs in Central London

growth. Key Responsibilities Own and manage governance, risk, and compliance initiatives for our SaaS platforms. Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks. Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection. Collaborate with product, engineering, and IT teams to … Compliance, or related field. 2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies). Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar). Ability to interpret regulations and translate them into practical, business-friendly processes. Excellent written and verbal communication skills (German or English; both More ❯

provide actionable feedback to internal teams to enhance documentation and control readiness. Perform security due diligence and ongoing monitoring of Web3/blockchain vendors, including assessing control maturity, reviewing SOC reports, and identifying residual risks. Facilitate external audit activities, coordinating walkthroughs, evidence collection, and response tracking. Identify and analyze gaps in current and new processes, developing and tracking remediation … Hardware Security Modules (HSMs), and Key Management Systems (KMS). Solid understanding of cloud and network security architecture and configurations. Demonstrated experience supporting external audits and assessments, such as SOC 1, SOC 2, ISO 27001, or PCI DSS. Hands-on experience with major cloud platforms (AWS, GCP, Azure) and infrastructure-as-code practices. Proficiency in preparing client More ❯

or partner engagements when needed. Security, Compliance & Reliability: Lead the adoption of secure coding standards , vulnerability management, and security-by-design practices. Ensure compliance with relevant frameworks (ISO 27001, SOC 2, GDPR). Drive observability, monitoring, and incident response strategies to ensure reliability and uptime. Work closely with InfoSec and Data teams to embed security at every stage More ❯

asset inventories and ensure patching and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration & Knowledge Sharing Work with IT More ❯

. Proficiency in scripting (Bash, Python, or PowerShell). Experience with monitoring and observability tools (Prometheus, Grafana, ELK, or equivalent). Understanding of compliance/security frameworks (e.g., GDPR, SOC2, PCI DSS). Soft Skills Strong problem-solving and troubleshooting mindset. Excellent communication and collaboration skills across distributed teams. Ability to work independently in a fast-paced environment. Detail-oriented More ❯

Azure Security Center/Microsoft Defender for Cloud, encryption using Azure Key Vault, network security with NSGs and Azure Firewall, Azure Policy for governance, and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience conducting security assessments using Microsoft Secure Score, implementing security hardening, and responding to security incidents. Backup & Disaster Recovery - Experience implementing and managing Backup for More ❯

simplifying regulatory challenges, designing pragmatic governance models, and influencing security strategy at scale this could be your next move. Key Responsibilities Translate international standards (NIST CSF, ISO 27001, GDPR, SOC 2, PCI DSS, CSA CCM) into actionable policies and controls. Design and implement unified compliance frameworks across cloud, hybrid, and enterprise systems. Lead internal and external audits, certification More ❯

Analytics, Application Insights, and dashboards (KQL and Datadog experience desirable). Ensure compliance and security through Microsoft Defender for Cloud, Azure Policy, Key Vault, and accepted frameworks (ISO 27001, SOC 2, GDPR). Conduct backup and disaster recovery operations using Azure Backup, Site Recovery, and geo-redundant storage for business continuity. Collaborate effectively across DevOps, infrastructure, security, and More ❯

/cyber security projects and challenges, preferably over a number of industry domains Strong understanding of leading cybersecurity frameworks and standards such as ISO27001, NIST, Cyber Essentials+, CAF, CIS, SOC 2, etc. Up-to-date knowledge of cyber/information security, concepts, risk, controls, and industry trends Experience of working on e.g., security governance models and frameworks, policies More ❯

e.g. CISSP, CISM, ISO27001 Lead Auditor/Implementer, Cloud Security Practitioner ). Strong working knowledge of key frameworks and standards including ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC2 , and Data Protection requirements ( DPA/GDPR ). Outstanding communication and relationship-building skills — able to influence, challenge constructively, and engage with both technical teams and senior leadership. More ❯

logging tools. Lead incident detection and response, including root-cause analysis and remediation tracking. Maintain Humanoid’s information security risk register and control library. Drive readiness for ISO 27001, SOC 2, and GDPR compliance. Deliver staff security-awareness and phishing-simulation programmes. Partner with Engineering to align product and corporate security practices. Networking & Connectivity Manage office and lab … efficiencies through the deployment of AI solutions Knowledge of ITIL or other IT service management frameworks, particularly incident/change management. Exposure to compliance frameworks such as ISO 27001, SOC2, or NIST. Prior experience scaling IT teams from small core functions into mature multi-discipline organisations. What We Offer Competitive salary plus participation in our Stock Option Plan. Paid vacations. More ❯

Company description: Founded and headquartered in Switzerland, Avaloq is continuously expanding its global footprint with around 2,500 colleagues in 12 countries, and more than 170 clients in 35 countries. We are an industry-leading provider of wealth management technology and services for financial institutions around the world, including private banks and wealth managers, investment managers, as well as … and risk assessment solutions It would be a real bonus if you have: Master's degree in Computer Science, Information Security, or a related field Experience or understanding of SOC 2 and DORA regulation What we offer: We realize that managing work life balance is a challenge we all face in our daily lives and in order to More ❯

GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst/Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in More ❯

technical expertise in core cloud services (e.g. EC2, S3, RDS, Lambda, API Gateway, VPC, Route 53, IAM, CloudFormation, or Terraform). Familiarity with security and compliance frameworks (e.g. CIS, SOC 2, HIPAA). Proven success in leading cloud migration projects using tools such as AWS Server Migration Service or AWS Database Migration Service. Hands-on experience with DevOps More ❯

pipelines (GitLab or equivalent), automating builds, tests, and deployments. Implement and maintain Kubernetes clusters (AKS), Docker images, and related infrastructure components. Ensure systems meet security, performance, and compliance standards (SOC2, encryption at rest/in transit). Collaborate with software engineers to align infrastructure delivery with development requirements. Diagnose and resolve infrastructure issues, applying fixes and process improvements. Contribute to More ❯

Cloud Presales Specialist/AI Presales Consultant/SaaS Integrations/APIs/Security/Compliance/AWS/Azure/GCP/NLP/ML/ISO27001/SOC2/GDPR More ❯

Experience in cybersecurity, risk management, GRC (governance, risk & compliance) or supply-chain risk management. Familiarity with third-party/vendor risk management platforms and frameworks (e.g., NIST, ISO 27001, SOC2, supply-chain risk standards). Understanding of machine-learning/AI concepts (e.g., risk-scoring models, graph analytics, anomaly detection). Experience working with enterprise B2B customers, especially security teams More ❯

and vulnerability management practices. Strong knowledge of API security, OAuth, JWT, and API Gateway policies. Experience in security audits, monitoring, and incident remediation. Familiarity with compliance frameworks (e.g., ISO, SOC 2, GDPR) is a plus. Hands-on experience with Terraform and Ansible for infrastructure automation. Proven experience with AWS cloud architecture and deploying microservices on ECS/ECR More ❯

Harden distributed systems (Kafka, Redis, CockroachDB) for global banking workloads Lead our AI-powered SRE approach: observability, remediation, and auto-response Enforce zero-trust, multi-tenant security and compliance (SOC2, ISO 27001) Define IaC foundations (Terraform, GitOps, Helm) What We're Looking For: Expert with Kubernetes and Distributed Systems Experience building production infrastructure at scale (multi-region, high-availability) Extensive More ❯

GitHub Actions, monitoring/alerts. Datastores : Postgres (SQL, migrations), Redis (caching/queues). Quality & security : code reviews, type safety, lint/format, secrets mgmt, least-privilege IAM, basic SOC2 hygiene. Communicates clearly with product sense; ships value weekly. About Clarity Anecdote is an innovative, AI-first startup revolutionizing how companies analyze customer feedback. Our AI-powered platform consolidates feedback More ❯

to translate regulatory requirements into practical product and technical implementation . Nice to Have Experience in comparison, fintech or other high-traffic consumer platforms. Exposure to ISO 27001/SOC 2 environments. Experience collaborating with security, DevOps or product engineering teams. Why join: Greenfield build : You’re defining the privacy foundation — not inheriting one. Ability to meaningfully influence More ❯

diligence and fundraising materials. Security, Risk & Compliance Review current security posture and define a regulatory-compliant roadmap across UK/US/CH. Prepare for institutional-grade certifications (e.g. SOC 2, ISO 27001) and audits. About you Senior engineering leader (VP/CTO-level) with experience in crypto, digital assets or fintech. Proven track record building and scaling More ❯

contribute to cutting-edge technology solutions while supporting their IT operations. About you * Degree in Computer Science, Engineering, or a related technical field from a top university (First or 2:1). * Strong knowledge of Windows and macOS environments. * Familiarity with Microsoft 365 or Google Workspace. * Basic understanding of networking (TCP/IP, DNS, DHCP, VPN). * Excellent communication … Knowledge of Active Directory, Azure AD, or Intune. * Basic scripting skills (PowerShell, Bash, Python). * Experience with ticketing systems (Jira, Zendesk, Freshservice). * Awareness of security best practices (ISO27001, SOC2). What Can you expect to be doing? * Act as the first point of contact for IT support queries via email, chat, or ticketing system. * Diagnose and resolve hardware, software … list for this position. Keywords Windows, macOS, Office 365, Google Workspace, Active Directory, Azure AD, Intune, TCP/IP, DNS, DHCP, VPN, PowerShell, Bash, Python, Jira, Zendesk, Freshservice, ISO27001, SOC2, IT Support, Helpdesk, Troubleshooting, Hardware, Software, Networking, Ticketing Systems. More ❯

Governance, Risk & Compliance Analyst Hybrid – London (2 days in office) £50,000 - £55,000 basic salary Benefits include: private health, income protection, life assurance, pension contributions We’re seeking a Governance, Risk & Compliance (GRC) Analyst to join a global leader in cloud-based customer engagement solutions. You’ll report to the GRC Director and play a key role in … Support projects and vendor onboarding to ensure compliance requirements Report on compliance metrics and RFP/security questionnaire responses What We’re Looking For: Knowledge of ISO27001, PCI DSS, SOC2, NIST, CIS benchmarks Understanding of GDPR/Data Protection legislation Familiarity with AWS/Azure cloud environments Experience with Unix/Linux and Windows systems Certifications such as CISA or More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯