19 of 19 SOC 2 Jobs in London

licence reviews, container/image policies, and supply-chain controls. Evaluate logging, monitoring, and observability practices. Map findings to compliance frameworks (e.g., ISO 27001, SOC 2, or NHS DSPT where applicable). Produce a comprehensive gap analysis, risk register (with severity and likelihood ratings), and prioritised remediation backlog. … promotion criteria). Deliverables (by end of audit) DevOps Audit Report (executive summary + detailed findings). Compliance mapping (ISO 27001 Annex A/SOC 2 trust principles) with gap list. Risk register including mitigations, effort, and impact estimates. Prioritised remediation backlog and proposed guardrails for Phase 2. ...

will lead the delivery of ISO 27001 certification within the next 12 months . The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation … risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid ...

will lead the delivery of ISO 27001 certification within the next 12 months . The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation … risk, or compliance role Certifications for ISO 27001 (Lead Implementer/Auditor) , would be required Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS , and data protection standards Onboarding/vendor risk management experience Hands-on experience supporting or leading ISO 27001 certification activities Solid ...

assurance programmes. Proven experience designing, executing, and improving structured vendor due diligence processes. Strong understanding of vendor-held assurance artefacts such as ISO 27001, SOC 2, CSA STAR/CAIQ, and security questionnaires. Ability to communicate complex vendor-related cyber risks clearly to both business and technical audiences. ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

Role - Database Security Consultant Location -3 days from Canary Wharf office and 2 days from home Contract - Inside IR35 Job Description Key Responsibilities: Security Onboarding & Product Integration: Collaborate closely with Product Team to integrate and onboard product to security controls. Work with CSO to agree compliance and onboarding requirements … experience in security engineering, security architecture, or security compliance roles. Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and compliance requirements (e.g., SOC 2, GDPR, HIPAA). Experience with various security controls, including access management (IAM), data encryption, network security, vulnerability management, and SIEM. Database Engineering ...

experience in security engineering, security architecture, or security compliance roles. Strong understanding of security principles, frameworks (e.g., NIST, ISO 27001), and compliance requirements (e.g., SOC 2, GDPR, HIPAA). Experience with various security controls, including access management (IAM), data encryption, network security, vulnerability management, and SIEM. Database Engineering ...

places · Strong knowledge of Service acceptance criterias and key artefacts · Ability to ensure projects align with relevant frameworks including ISO 27001, NIST CSF, DORA, SOC 2, CIS Controls and regulatory requirements as applicable · Coordinate platform integration with existing infrastructure, applications, and cloud environments whilst ensuring security engineering and ...

both technical and non-technical stakeholders across the business Familiarity with standards such as PCI-DSS, NIST SP800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) inday-to-day security risk management activities, including: Accelerating risk analysis and documentation Supporting control ...

teams. Key Responsibilities Design and implement security strategies, policies and controls Lead vulnerability assessments, penetration testing and remediation Oversee regulatory and compliance frameworks including SOC2, ISO 27001 and GDPR Monitor systems and respond to incidents and security events Strengthen AWS and GCP cloud security environments Support customer and sales teams ...

Security Risk Specialist - 6-Month Contract - Inside IR35 - Hybrid London (2-3 Days Onsite) A leading technology-driven organisation is seeking an experienced Security Risk Specialist to support the ongoing development and operation of its security risk function. This role sits within a growing security team and will focus … varying technical levels, from engineers to senior non-technical leaders. Familiarity with frameworks and standards such as ISO 27001 , NIST CSF , NIST 800-53 , SOC 2 , PCI DSS , etc. Practical experience applying Large Language Models (LLMs) in security workflows, including: Speeding up risk analysis and documentation Supporting control ...

Ability to manage multiple audits, remediation streams, and stakeholder expectations simultaneously Preferred Qualifications Hands-on experience maintaining ISO/IEC 27001 certification Experience supporting SOC 2 Type II audits and ongoing compliance Familiarity with NIST Cybersecurity Framework (CSF) Experience managing audit findings through remediation and closure Experience with ...

engineering and non-technical roles Familiarity with security standards and frameworks such as PCI-DSS, NIST SP 800-53, NIST CSF, ISO 27001, and SOC 2 Practical experience using Large Language Models (LLMs) in day-to-day security risk management activities, including: Accelerating risk analysis and documentation Supporting ...

ideal for someone ready to step up and shape a growing security function. The Role Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2) Lead gap analysis and audit readiness Own the security risk register and drive mitigation Develop policies, standards, and procedures Support ...

technologies. Stay informed about emerging threats and trends, integrating this knowledge into the security testing processes Support the firms certification activities, such as ISO27001, SOC2, and Cyber Essentials Plus, by assisting with audits, documentation, and continuous improvement efforts. Engage with security industry groups and collaborate with external industry partners ...

Senior Security Analyst/Security Engineer to strengthen a Microsoft-centric security posture across detection, response, tooling, and infrastructure hardening. Not a one-lane SOC role. Not governance-heavy. This role blends incident response with security engineering and hardening and ideal for someone with 4–5 years’ experience … analytics, baselines and security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling assessments ...

other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell … other OT/IT grid management platforms. Knowledge of GridOS ecosystem and integration with DERMS. Exposure to cybersecurity standards (NERC CIP, ISO 27001, SOC2). Cloud/hybrid deployment experience (Azure, AWS). Certifications such as ITIL, Security+, or utility-specific systems training. Scripting/automation skills (Python, Bash, PowerShell ...

Security, Risk Analysis, Cyber Security, Information Security, International Cyber Security, 3rd Party Security Compliance, Risk Management, Risk Reporting, Audit & Compliance, Cloud Infrastructure, ISO2700x, NIST, SOC2, PCI, GDPR, Risk Assessments Type: Contract, Inside IR35 Duration: 12 Months Location: London, On-Site Working (1 day remote per week) Start: ASAP/Urgent … and hands-on experience with vulnerability detection tools (e.g. Qualys, CrowdStrike, Tenable, Prisma) * Strong knowledge of IS compliance frameworks and standards (ISO2700x, NIST, GDPR, SOC2, PCI) * Practical understanding of cyber security technology best practice * Experience supporting EMEA or Global technology projects from an InfoSec risk perspective * Blue-chip/Big4 ...

Financial Accountant – Growing SaaS Business (Private Equity Backed) Location: Central London (Hybrid – 2–3 days office)Salary: Circa £75k + benefits Job Type: Full-time, Permanent The role:An exciting opportunity has arisen for a Financial Accountant to join a high growth, PE-backed SaaS company headquartered in London … consumption tax reconciliations Support EU invoicing and VAT queries Work on R&D tax credits and transfer pricing Manage various finance admin tasks (e.g. SOC2 compliance, insurance, ONS surveys) Act as a point of contact for Private Equity stakeholder reporting About You: ACA/ACCA qualified, ideally qualified in practice ...