1 to 25 of 54 SOC 2 Jobs in the UK

Cybersecurity Engineer (ISO27001 & SOC 2 Lead) Location: London (3 days per week onsite) Must have Right to Work: Cannot provide sponsorship Overview A newly created role to take ownership of ISO27001 and SOC 2 certification, ongoing compliance, and the organisation's overall security posture. This position … transitioned or is transitioning into cybersecurity and wants to operate as the central technical security owner. Key Responsibilities Security Governance & Compliance (ISO27001 & SOC 2) Own and maintain ISO27001 and SOC 2 certification processes. Lead evidence collection, control implementation, compliance documentation, and readiness for external audits. Maintain ...

policies, covering endpoint security, access management, and controls suited to a remote, globally distributed workforce Maintain and build upon our existing certifications (ISO 27001, SOC 2 Type II), and drive expansion of SOC 2 coverage across our full product portfolio Ensure compliance with GDPR and applicable … SaaS or technology environment Strong understanding of application security and secure software development Strong working knowledge of compliance frameworks including ISO 27001 and SOC 2, with hands‐on experience managing or achieving these certifications; solid understanding of GDPR compliance across multiple jurisdictions Strong communication skills with the ability ...

while helping to strengthen overall security posture. Key Responsibilities Certification & Compliance Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/… commercial teams Deliver training and promote best practices across the organisation What We're Looking For Experience Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST) Strong understanding of Security Operations (SOC) environments Experience supporting audits, RFPs, and customer assurance activities Knowledge ...

addition maintaining the organisations compliance with ISO 9001:2025 (Already certified). Looking forward into the future these requirements are also on the horizon: SOC 2 Type 2: For targeting US-based clients DPIA (Data Protection Impact Assessment) AI-Specific Compliance (The 2026 Frontier) ISO/… people side of making compliance work in practice. Youll likely bring: Proven experience implementing at least one of: Cyber Essentials, ISO 27001:2022 or SOC 2 Strong organisational skills and the ability to break complex frameworks into clear, actionable steps Confidence working with technical teams and a comfort ...

security posture, reliability culture, and operational excellence. Key Responsibilities Architect, implement, and scale cloud infrastructure to support rapid growth Prepare systems and processes for SOC 2/ISO 27001 audit readiness Build and maintain CI/CD pipelines across backend, frontend, and data services Develop and manage logging … Platform Engineering Strong track record owning infrastructure end‐to‐end Experience in high‐growth or high‐load environments Familiarity with compliance frameworks (SOC 2, ISO 27001, GDPR) History of driving reliability, security, and cost efficiency Someone who thrives in fast-moving, evolving environments and enjoys solving hard problems ...

with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such as ISO 27001, NIST, SOC 2, and CIS Controls.Cloud Security Technologies & PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty … KeywordsCloud Security, Cyber Security, Pre-Sales Consultant, Azure Security, AWS Security, GCP Security, CSPM, CIEM, IAM, Zero Trust, SIEM, XDR, Kubernetes Security, DevSecOps, ISO27001, SOC 2, Security Consultant. ...

isolation, platform reliability, and disaster recovery posture. Own Talogy’s security engineering posture — including application security, secrets management, vulnerability management programmes, and compliance with SOC 2, GDPR, and relevant data protection frameworks. Drive platform and integration architecture decisions across Talogy’s fragmented, acquisition-heavy tooling estate, bringing coherence … Talogy’s multi-platform, acquisition-heavy environment. Direct experience with security engineering: application security frameworks (OWASP), secrets management, penetration testing programmes, and compliance regimes (SOC 2, GDPR, ISO 27001). Leadership & Organisational Experience: Significant experience in a senior engineering leadership role within an enterprise-scale cloud environment. Demonstrated ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

program. - Conduct internal audits, third-party risk assessments, and due diligence reviews. - Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. - Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. - Identify gaps in security controls and recommend … and audit. - Strong understanding of international regulatory frameworks and standards. - Hands-on experience with: - ISO27001 audits and implementation - GDPR compliance - NIST cybersecurity framework - SOX, SOC 2, HIPAA, CCPA, LGPD - Ability to interpret complex regulatory requirements and translate them into actionable controls. - Excellent communication and stakeholder engagement skills. - Strong ...

program. - Conduct internal audits, third-party risk assessments, and due diligence reviews. - Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. - Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. - Identify gaps in security controls and recommend … and audit. - Strong understanding of international regulatory frameworks and standards. - Hands-on experience with: - ISO27001 audits and implementation - GDPR compliance - NIST cybersecurity framework - SOX, SOC 2, HIPAA, CCPA, LGPD - Ability to interpret complex regulatory requirements and translate them into actionable controls. - Excellent communication and stakeholder engagement skills. - Strong ...

Zscaler, or equivalent; conditional access policy design and implementation DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation Red team, adversarial simulation, or penetration testing programme design - experience on both … Zscaler, or equivalent; conditional access policy design and implementation DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation Red team, adversarial simulation, or penetration testing programme design - experience on both ...

emerging threats, risk and security. Governance and Compliance - maintain frameworks and ensure compliance with a range of standards including - GDPR, PCI DSS, PCI 3DS, SOC 2, NIST, etc. Risk Management - responsible for risk audits and managing 3rd party and supply chain risk. Secure Development - ensure security is integrated … senior Information Security roles. A relevant professional certification (CISS or CISM) Detailed understanding of GDPR Strong knowledge of compliance frameworks (PCI DSS, PCI 3DS, SOC 2) Experience of secure software development practices and cloud security. Strong analytical and problem solving skills. This is an excellent opportunity ...

Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid … prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare ...

operating as an Interim CISO/Head of InfoSec/Cyber Security Lead within global SaaS or technology environments Deep expertise across ISO27001, NIST, SOC 2 and PCI-DSS, with experience aligning and embedding controls across multi-region businesses Strong experience delivering and optimising ISMS/security governance ...

Prometheus, Grafana, ELK Stack, or Datadog. Experience with security best practices, monitoring, and incident response. Familiarity with DevSecOps and compliance frameworks (ISO 27001, SOC 2, GDPR). Exposure to big data processing, ML pipelines, or simulation workflows. Bonus: Existing interest in data science and simulation workflows ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

assurance programmes. Proven experience designing, executing, and improving structured vendor due diligence processes. Strong understanding of vendor-held assurance artefacts such as ISO 27001, SOC 2, CSA STAR/CAIQ, and security questionnaires. Ability to communicate complex vendor-related cyber risks clearly to both business and technical audiences. ...

assurance programmes. Proven experience designing, executing, and improving structured vendor due diligence processes. Strong understanding of vendor-held assurance artefacts such as ISO 27001, SOC 2, CSA STAR/CAIQ, and security questionnaires. Ability to communicate complex vendor-related cyber risks clearly to both business and technical audiences. ...

adhering to best practices in data protection and cloud security, in line with Cyber Essentials Plus and ISO27001, and implement compliance measures (e.g., GDPR, SOC 2). Analyse performance metrics and make data-driven decisions to improve platform performance, stability, and cost-efficiency. Engage with stakeholders (internal and ...

cloud security and compliance Own platform‐level security decisions and risk mitigation Ensure secure‐by‐design infrastructure and access controls Support compliance initiatives (SOC 2, ISO:27001) Leadership & Team Development Lead and mentor the DevOps team including DevOps engineers, IT Support and an Information Security Officer Provide technical ...