1 to 25 of 80 SOC 2 Jobs in London

contract negotiation and general commercial legal work . You will play a key role in helping the business stay compliant with relevant laws and standards, including oversight of our SOC 2 compliance processes, while also helping to drive practical legal solutions across the business. Key Responsibilities: Compliance & Risk Management Lead or support internal compliance programs, with a focus … on data privacy, corporate governance, and regulatory frameworks. Oversee SOC 2 Type II maintenance and readiness efforts. Conduct internal training sessions on legal and compliance topics. Legal & Commercial Support Advise on data protection and privacy issues (e.g. GDPR, CCPA) and support implementation of related policies and procedures. Draft, review, and negotiate a wide range of commercial contracts (e.g. … incl. collaborating on matters requiring specialist support, managing costs, etc). About You: Experience & Qualifications Strong working knowledge of global data privacy laws and compliance standards (e.g. GDPR, CCPA, SOC 2). Demonstrated experience reviewing and negotiating commercial agreements. Skills & Traits You enjoy data privacy, compliance and operational legal work and are happy to "roll up your sleeves More ❯

risks, regulatory exposure, and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews … Deep understanding of cloud security (especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer More ❯

responses to customer security audits and assurance inquiries. Monitor regulatory changes and contribute to compliance initiatives such as DORA , NIS2 , and other applicable standards and frameworks (e.g., ISO 27001, SOC 2, GDPR). Assist in the development, maintenance, and improvement of internal GRC processes, policies, and documentation. Collaborate with cross-functional teams (Security, Legal, IT, Product, etc.) to … related field. Experience supporting sales processes, including responding to RFx security assessments. Solid understanding of cybersecurity principles, information security best practices, and regulatory requirements (DORA, NIS2, GDPR, ISO 27001, SOC 2, etc.). Excellent written and verbal communication skills; able to translate technical concepts for non-technical audiences. Strong organizational skills with the ability to manage multiple priorities More ❯

them to specific business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security.From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

cross-functional procurement team (including vendor and sourcing specialists). Vendor & Partnership Management Manage complex vendor relationships across hardware, software, cloud, security, and telecom. Oversee vendor compliance with SLA, SOC 2, and other applicable frameworks. Maintain partnership requirements (e.g., Microsoft, Dell, Cisco), including certifications and revenue thresholds. Procurement Operations Oversee all procurement lifecycle activities: assessment, process, negotiation, order … Dell, Lenovo). Knowledge of MSP procurement workflows including CPQ, product bundling, licensing renewals, and hardware lifecycle management. Strong negotiation skills across software, SaaS, and hardware agreements. Familiarity with SOC 2, and other relevant standards. Advanced Excel and experience with procurement platforms (e.g., ConnectWise Sell, Coupa, etc.). Preferred Experience launching Procurement as a Service or similar resale More ❯

track if this doesn't align with what you want to do. Hybrid working - our approach is to be in the office or on client site a minimum of 2 days per week. Work on a broad variety of projects and tech stacks for clients across seven sectors - no project is ever the same Join other experts within our … modeling, security testing) and determining residual risk after applying compensating security controls Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems Experience working with teams in a structured software development lifecycle process Excellent interpersonal skills, both written and … the role. Quick call with one of our Tech Recruiters - to discuss your application, the role and PA Round 1: Either a competency or technical interview (60 mins) Round 2: Either a competency or technical interview, whichever you didn't do at first round (60 mins) Final round : Meeting with a PA leader - a mini case study and discussion More ❯

Develop comprehensive monitoring solutions using Prometheus, Grafana, ELK stack, or similar tools to improve system reliability. Security & Compliance: Apply best practices for cloud security, IAM policies, and compliance frameworks (SOC2, ISO 27001, etc.). Incident Response & Performance Optimization: Troubleshoot issues, perform root cause analysis, and implement fixes to optimize performance. Infrastructure as Code (IaC): Utilize Terraform, Ansible, or similar tools More ❯

Access, Entra ID, and Identity Governance setups Implement Data Loss Prevention (DLP) and sensitivity labels Work with Azure Key Vault and manage encryption and certificate strategies Collaborate with our SOC and managed Sentinel provider on incident handling Compliance & Governance Help ensure compliance with ISO 27001, SOC 2, GDPR, and NIS2 Support configuration and monitoring in Microsoft Compliance More ❯

Subsidiaries to expand our capabilities and develop creative solutions to business challenges and opportunities to continually improve our services. Specifically, we're looking for InfoSec Analysts with at least 2 years of relevant experience to help us improve security across the Octopus Energy Group. If you're passionate about Information Security and driving a positive security culture, we encourage … t subject matter experts Experience producing or supporting the delivery of security awareness programs in different business environments Knowledge of industry and regulatory security standards, such as ISO 27001, SOC2, and GDPR A good candidate will have experience in at least some of the areas mentioned, we're not expecting any candidate to be an expert in all areas! What … will help: Security certifications (any of the famous abbreviations) Security qualifications (e.g. apprenticeships or degrees) Experience working in organisations that maintain ISO 27001 and/or SOC 1 and SOC 2 type II certifications A wider understanding of technology, especially AWS (or other CSPs) A background in a technical role or technical knowledge through education or training More ❯

AWS Certified Security - Specialty). Experience with other cloud platforms (e.g., Azure, GCP). Familiarity with serverless architectures and AWS Lambda. Expertise in compliance standards such as GDPR, HIPAA, SOC2, and ISO 27001. Experience with advanced security practices such as zero-trust architecture, encryption key management, and security incident response. Why Apply? Senior/Lead role with the ability to More ❯

Expertise in cloud architectures (Azure, AWS, or GCP), containerization (Docker/Kubernetes), and hybrid cloud models. Security & Compliance Awareness: Understanding of financial services security frameworks, data privacy regulations (GDPR, SOC 2, etc.), and risk management principles. Business & Technology Alignment: Ability to translate business needs into technology solutions, balancing innovation with operational stability. Stakeholder Management: Strong collaboration skills to More ❯

helping to triage and remediate findings. Security Champion Enablement: Collaborate with engineering teams to build security awareness and develop a network of Security Champions. Incident & Response Readiness: Support Smarsh SOC and security incident response, including root cause analysis and post-mortem reviews for your product(s). Security Compliance & Governance: Ensure alignment with regulatory requirements (SOC 2 … Terraform, CloudFormation) and cloud security posture management. Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security. Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. Experience driving developer enablement and security training initiatives. Excellent communication and collaboration skills to engage with engineering, product, and leadership teams. Preferred Qualifications Security certifications such as OSCP More ❯

with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have More ❯

Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated More ❯

Background in DevOps, SRE, or Infrastructure Engineering. Knowledge of monitoring/logging tools (e.g., CloudWatch, Datadog, Prometheus, ELK). Experience with enterprise security and compliance frameworks (e.g., ISO 27001, SOC 2, GDPR). Familiarity with cost modeling and optimization strategies in AWS. More ❯

or a related field. Proven track record in technology risk, third-party risk management, or IT audit. Strong understanding of regulatory frameworks and standards (e.g., ISO 27001, NIST, DORA, SOC 2). Evidence of ability to handle complex vendor relationships and risk assessments. Excellent analytical, organisational, and problem-solving skills. Strong written and verbal communication skills, with experience More ❯

to join the team on a permanent basis in their London office. Responsibilities: - Deliver a diverse range of IT consulting and assurance projects, including IT External Audit support (ISA315), SOC 1/SOC 2 engagements, IT Internal Audit, Regulatory Reviews and Operational Resilience evaluations. - Determine the IT audit scope and, accordingly, prepare and execute appropriate test procedures … IT Audits - Strong understanding of IT Risks and internal controls - Experience of testing IT General Controls (ITGC) and IT Application Controls (ITAC) - Experience in carrying out SOC1 and/SOC2, ISO 27001 attestations (desirable) - CISA certification (desirable) IT Auditor In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having More ❯

TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management, and supply-chain security; automate More ❯

secure, scalable cloud infrastructure for our digital health platform. Automate CI/CD pipelines and lead Infrastructure as Code (Terraform, CloudFormation). Implement DevSecOps best practices to meet HIPAA, SOC 2, and ISO 27001 requirements. Monitor system performance and availability using CloudWatch, Prometheus, Grafana, and related tooling. Collaborate with engineering, security, and product teams to drive end to More ❯

stakeholders, collaborators and clients, at different levels Preferred Qualifications Highly experience in analytical and problem-solving skills, including a basic understanding of data analysis techniques Good grasp of SOX, SOC2, NIST, PCI, ISO, and other security regulations Experience in the IAM domain in a cloud based infrastructure environment Program and project management skills About Meta Meta builds technologies that help More ❯

evaluation of risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to More ❯

observability and predictive analytics to proactively prevent outages. Security, Compliance & Risk Management: Drive zero-trust security frameworks, ensuring secure and resilient network access. Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate with cybersecurity teams to enhance network threat detection and mitigation. Implement automated security policy enforcement, reducing human intervention in risk mitigation. More ❯

with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have More ❯