10 of 10 SOC 2 Jobs in the North of England

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR Location: Knutsford (Cheshire) | Office-based Salary: £35,000 - £45,000 DOE + benefits About the Role We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients. They're looking for a Risk & Compliance Officer/Analyst to play a key part … in maintaining and improving their information-security and compliance frameworks. Working closely with senior leadership, you'll help ensure the business remains compliant with standards such as ISO 27001, SOC 2 Type II, and GDPR, while building a culture of risk awareness and continuous improvement. Key Responsibilities Maintain and develop compliance policies, standards, and frameworks across the organisation. … Support internal and external audits for ISO 27001, SOC 2, and data-protection regulations. Conduct regular risk assessments and contribute to risk treatment plans. Monitor compliance KPIs, prepare monthly status reports, and present findings to senior stakeholders. Review vendor and third-party compliance, ensuring contractual and regulatory obligations are met. Deliver compliance awareness and training across teams. Provide More ❯

take ownership of day-to-day security operations, implement and refine controls, and play a hands-on role in ensuring compliance with recognised standards such as ISO 27001 and SOC 2 Type II. This is a visible and strategic position - ideal for someone who enjoys combining technical depth with governance, audit, and risk management responsibilities. Key Responsibilities Develop … Implement and manage controls across cloud and on-premises environments (Azure/AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR). Deliver regular security reporting and KPI tracking for senior leadership. Drive security awareness training and best practice across the wider … team. What You'll Bring 5+ years' experience in information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent More ❯

Manchester - 5 days per week Job Type: Full-Time, Permanent Salary: £45,000 to £55,000 Key Responsibilities: Lead and support compliance programs with a focus on PCI DSS, SOC 1, and SOC 2 requirements Conduct governance, risk, and control assessments across IT and business processes Partner with internal stakeholders and external auditors to ensure audit readiness … standards, and procedures Support third-party vendor risk assessments and contribute to enterprise-wide GRC initiatives What My Client is Looking For: Proven experience working with PCI DSS and SOC 1/SOC 2 frameworks in regulated environments Strong background in IT risk, audit coordination, and control testing Excellent stakeholder management skills, with the ability to influence More ❯

Operations Collaboration and Stakeholder Management Risk Management Compliance Operations Audit, incident response, and risk management ✅ Requirements: Junior or Grad Cyber or Information Security Analyst Keen interest in ISO 27001, SOC 2 Type 2, and cloud environments. 📜 You will receive certifications in the following: CISSP, CISM, ISO 27001 Lead Implementer, CISA, CRISC, CIPP/E. Physical Security (PSP More ❯

Operations Collaboration and Stakeholder Management Risk Management Compliance Operations Audit, incident response, and risk management ✅ Requirements: Junior or Grad Cyber or Information Security Analyst Keen interest in ISO 27001, SOC 2 Type 2, and cloud environments. 📜 You will receive certifications in the following: CISSP, CISM, ISO 27001 Lead Implementer, CISA, CRISC, CIPP/E. Physical Security (PSP More ❯

team Good numeracy and organisational skills, with attention to detail Critical competencies – technical fit Good understanding of at least one audit framework; PCI DSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, Microsoft 365 Certification, etc. Ability to deliver, without supervision/support, at least one Cyber Practice GRC service Aptitude for understanding, interpreting, and applying objective standards More ❯

am looking for an infrastructure engineer to join a 6 month contracting within the public sector.Inside IR35Till 13th March 2026Onsite aspect in Newcastle £466 per day Tech stack Minimum 2 years of professional experience in cloud security, specifically within AWS environments, demonstrating a track record of implementing and managing comprehensive security strategies. Experience leading projects with a focus on … at rest and in transit. Experience with AWS Key Management Service (KMS) and AWS Certificate Manager (ACM). Knowledge of compliance requirements that impact cloud security (e.g., GDPR, HIPAA, SOC 2) and experience in implementing controls to meet these requirements. Ability to design and execute incident response strategies within the AWS cloud, including the use of AWS CloudWatch More ❯

apply them to supplier oversight. The Successful Applicant Extensive experience in security risk management, particularly in third party and supplier contexts. Strong understanding of frameworks such as ISO27001, ISO27005, SOC2, and NIST. Holds certifications such as CISSP, CISM, or CRISC. Telecoms sector experience is a plus. Skilled in stakeholder engagement and translating technical risks into business language. What's on More ❯

standards and apply them to supplier oversight. Profile Extensive experience in security risk management, particularly in third-party and supplier contexts. Strong understanding of frameworks such as ISO27001, ISO27005, SOC2, and NIST. Holds certifications such as CISSP, CISM, or CRISC. Telecoms sector experience is a plus. Skilled in stakeholder engagement and translating technical risks into business language. Job Offer Discretionary More ❯

Strategy Define and implement the company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from … trust networks. Harden DevSecOps pipelines to ensure secure software delivery. Collaborate with engineering teams to integrate security by design into products. Compliance & Risk Management Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks. Lead risk assessments for third-party vendors and service providers. Work with legal and compliance teams on KYC/AML security for crypto More ❯