1 to 25 of 158 Remote PCI DSS Jobs in London

vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem–solving, and communication skills. Desirable: Experience in the finance or More ❯

information security improvement program to ensure the risk profile matures in line with business objectives and the threat landscape, maintaining ongoing compliance with relevant accreditations (e.g. ISO27001, Cyber Essentials, PCI DSS). Overseeing the implementation, maintenance and assurance of security controls across the business in line with company objectives, information security strategy and security architectural principles. Supporting the More ❯

essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional More ❯

essentia l, if you also had one or more of Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF); Experience in security accreditation e.g. PCI-DSS, FedRAMP, SSDF (NIST SP800-218), FISMA/NIST SP800-53, ISO 27001, DORA Cyber security certification e.g. Certified Information System Security Professional (CISSP), Cloud Certified Security Professional More ❯

excellent service seven days a week. Duties & Responsibilities: · Develop, implement, and maintain information security policies, procedures, and standards aligned with industry best practices (NCSC recommendations, UK DPA, ISO 27001, PCI DSS, NIST etc.). · Lead and support risk assessments, vulnerability scans, and security audits. · Manage day-to-day security operations, including monitoring, incident detection, investigation, and response. · Manage More ❯

procedures in alignment with business objectives, while considering operational needs. Direct the management and continuous improvement of the Information Security Management System (ISMS). Oversee and manage Ravelin’s PCI DSS and PCI 3DS compliance program, ensuring requirements are fulfilled, maintained, and areas for enhancement are identified. Conduct routine risk assessments to determine and reduce information security … robust cyber incident response plan, including coordinating necessary responses to incidents and security investigations. Requirements Extensive practical experience implementing and maintaining an ISO 27001 compliant ISMS. Demonstrable experience with PCI DSS compliance, including preparing for and undergoing assessments. Familiarity with information security frameworks (e.g., NIST, CIS). Proficiency in risk management methodologies. Knowledge of common security technologies (e.g. More ❯

team with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly regulated global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC2 and other standards we adhere to. In addition, we have a large, federated customer base that we strive to embed improvements for. … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Understanding of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principals, best practices, OWASP/related standards. Knowledge of security frameworks & controls, hardening standards & security best practices. An understanding More ❯

Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Act as the subject matter expert on cybersecurity at the board and executive level. Communicate risk posture, security … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Strong grasp of both technical cybersecurity and governance frameworks, with the ability to balance business priorities and risk. Hands-on leadership style, with experience in More ❯

Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. More ❯

Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. More ❯

Risk Management: Identify and manage risks to information assets and IT systems. Lead enterprise risk assessments and mitigation planning. Compliance & Regulatory: Ensure adherence to global data protection regulations (GDPR, PCI-DSS, etc.), working closely with legal and data protection teams. Leadership & Stakeholder Engagement: Act as the subject matter expert on cybersecurity at the board and executive level. Communicate … experience building and scaling a GRC function in a complex environment. Deep knowledge of information security standards (ISO 27001, NIST, CIS), risk frameworks (COSO, FAIR), and regulatory obligations (GDPR, PCI-DSS, SOX). Proven track record of managing enterprise-level security programs, including incident response and business continuity. Excellent stakeholder management skills, with experience reporting at board level. More ❯

a focus on hands-on security engineering and operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and More ❯

a focus on hands-on security engineering and operations. In-depth knowledge of networking protocols, operating systems, and cloud technologies. Strong understanding of security principles, practices, and frameworks (e.g., PCI, NIST, ISO 27001). Experience with security tools such as SIEM, IDS/IPS, endpoint protection, and penetration testing tools. Experience with public cloud security, specifically AWS, Azure, and More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

Working remotely with occasional be in office in Essex. What You’ll Do Assess compliance with internal security policies and industry standards (e.g., ISO/IEC 27001/2, PCI-DSS). Conduct supplier risk assessments and third-party due diligence. Support vulnerability assessments, incident investigations, and operational resilience activities. Monitor the effectiveness of security controls to ensure … Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Financial services/FCA experience Desirable: Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of More ❯

Engineer with designing, innovating, deploying, and maintaining security measures to safeguard our information assets. We operate in a highly secure global SaaS organization that has multiple certifications such as PCI-DSS, ISO/IEC 27001, SOC & HIPAA & IRAP standards to adhere to, as well as a large, federated customer base that we strive to embed improvements for. You … on a variety of challenging projects, with multiple security tools. Have a proven track record of successes. Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of application security principles, best practices, OWASP/related standards. Some knowledge/experience in scoping/undertaking internal pen testing and More ❯

with Infrastructure-as-Code (e.g., Bicep, ARM templates, Terraform). Hands-on experience with SIEM tools, ideally Azure Sentinel. Understanding of regulatory and compliance frameworks (e.g., CIS Benchmarks, HIPAA, PCI-DSS). Excellent problem-solving skills, communication, and the ability to explain technical concepts to non-technical stakeholders. Desirable: Relevant certifications such as AZ-500, SC-100, or More ❯

Terraform, or XSOAR. Collaborate with infrastructure and DevOps teams to embed security into CI/CD pipelines, containers (GKE), and API services. Compliance & Risk Alignment Ensure operational alignment with PCI-DSS, ISO 27001, SOC 2, NIST, and GDPR requirements. Support internal and external audits with relevant security evidence and reports. Work closely with GRC teams to implement controls … response and recovery Security orchestration (SOAR), preferably Chronicle + XSOAR IAM, policy enforcement, logging, and access reviews in GCP Proven experience working in FinTech or financial services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). More ❯

while contributing to open-source tools so we can utilise them Experience in automating security controls and compliance checks against standards and frameworks which include SOC 2, ISO 27001, PCI DSS/3DS Thorough understanding of the incident response process (preparation, identification, containment, eradication, recovery, lessons learned) What skills are desirable: Hands on experience taking your company through … security and compliance frameworks like NIST, SOC2, ISO27001, PCI-DSS Experience with Infrastructure as Code and infrastructure provisioning tools (Cloudformation, Terraform) Expertise in Kubernetes, securing clusters and meshes (Cilium is preferable), networking best practices and RBAC implementation (CKA, CKS qualifications are a plus) Container security knowledge including container image provenance (e.g. Sigstore, Notary) with an in-depth knowledge More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯

degree, preferably in Computer Science, Cyber Security or Cyber Security Professional Qualifications/Certifications Desirable: General understanding of IT Security principles, standards and regulations (e.g. ISO 27001, NIST, CIS, PCI DSS and GDPR) CISM/CISSP Patch Management Applications, EDR/XDR systems. Antivirus, NAC - Forescout Vulnerability Scanning Tool e. Tenable One, Qualisys Knowledge of vulnerability scoring systems More ❯