3 of 3 SOC 2 Jobs in Gloucestershire

re hiring an Information Security Engineer to join our growing engineering team. As a company, we are ISO 27001-certified and need to maintain this certification while preparing for SOC 2 compliance. Security responsibilities currently sit across different teams, but as compliance requirements increase, a dedicated security engineer is needed to support ongoing security initiatives, manage compliance tasks … and improve Duels overall security posture. The focus of this role is to help maintain our compliance responsibilities through Secureframe, support ISO 27001 and SOC 2 audits, manage security vulnerabilities, and work within engineering to introduce security best practices into development, infrastructure, and operations. We're Looking for Someone Who Will Assist in managing ISO 27001 renewals by … maintaining compliance documentation and ensuring key security practices are followed. Help support the company's transition towards SOC 2 certification by tracking requirements and implementing necessary security measures. Work within Secureframe to maintain compliance records, ensuring a structured and organised approach to security audits. Ownership of the external security audits and penetration testing cycles, addressing findings and assisting More ❯

management, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. ISO 27001, SOC 2, GDPR) Secure containerised environments, including Kubernetes and Docker Collaborate with developers to integrate secure deployment pipelines across the SDLC Support deployments in client environments, including on-prem … the role, and answer any questions you may have about us. We'll be assessing some basic skills for the role and finding out more about your background. Step 2: Meet with our team. You'll meet with key stakeholders to tell us more about your skills and experience for the role. What we offer We believe great work More ❯

evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32. Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability More ❯