1 to 25 of 81 SOC 2 Jobs in the UK

RFIs, RFPs, and audit requests with accurate certification evidence and security documentation. Build customer-facing assurance packs that demonstrate Bell's security posture and SOC credibility. Regulatory & Industry Alignment: Monitor developments in global cybersecurity regulations and frameworks (e.g. NIST CSF, UK NCSC guidance, EU NIS2, GDPR). Continuous Improvement … ability to develop and maintain compliance documentation and audit evidence. Excellent communication skills to explain complex security assurance topics to customers, senior leaders, and SOC teams. Analytical and detail-oriented, with the ability to identify gaps and design improvements. Stakeholder engagement and influencing skills, particularly with technical and commercial ...

RFIs, RFPs, and audit requests with accurate certification evidence and security documentation. Build customer-facing assurance packs that demonstrate Bell’s security posture and SOC credibility. 4. Regulatory & Industry Alignment: Monitor developments in global cybersecurity regulations and frameworks (e.g. NIST CSF, UK NCSC guidance, EU NIS2, GDPR). 5. … ability to develop and maintain compliance documentation and audit evidence. Excellent communication skills to explain complex security assurance topics to customers, senior leaders, and SOC teams. Analytical and detail-oriented, with the ability to identify gaps and design improvements. Stakeholder engagement and influencing skills, particularly with technical and commercial ...

Cyber Security Assurance Manager Location: Portsmouth, UK Hybrid: 2 days onsite per week Salary: Up to £65,000 Employment Type: Permanent Job Summary: Our client, a leading IT services and consulting firm, is seeking a Cyber Security Assurance Manager to ensure their SOC meets and maintains top security … standards. As part of the GRC function, you’ll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and CREST SOC accreditation. Key Responsibilities: Act as primary contact for customer assurance activities, supporting RFIs, RFPs, and client ...

Permanent – Hybrid – Portsmouth Opportunity: Permanent Salary: Up to £65,000 per annum Hybrid: 3 days per week onsite Location: Portsmouth, UK Essential skills: NIST, SOC, CREST, 27001 About the Role and Client Join a leading IT Services and Consulting firm as a Cyber Security Assurance Manager to ensure their … standards. As part of the GRC function, you’ll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and CREST SOC accreditation. Key Responsibilities Lead the delivery and ongoing maintenance of key SOC-related certifications including ...

distinct phases: Phase 1: The Fixer (Months 1-6) Rapidly assess, identify gaps, and implement critical foundations—from security posture to operational resilience. Phase 2: The Builder (Months 6-18) Establish scalable structures and lead the product roadmap. Drive best practice development standards, build security credentials (SOC 2 … shoulder with Chris, you'll tackle four key areas: Product Security & Compliance – Audit Triangle, implement end-to-end security improvements, and establish pathways to SOC 2 compliance for our highly regulated clients Product Roadmap & Strategy – Create a conversational roadmap that balances new features with technical debt whilst guiding ...

and accountability across the business. Key Responsibilities Regulatory Compliance Monitor and interpret data protection and IT-related regulations (e.g., GDPR, CCPA, HIPAA, ISO 27001, SOC 2) to ensure organisational compliance. Develop and maintain compliance frameworks, standards, and policies aligned with regulatory obligations and industry best practices. … CISM, CISA, CISSP, CIPM, or equivalent preferred. Strong knowledge of global data protection laws (e.g., GDPR, CCPA) and IT compliance frameworks (e.g., ISO 27001, SOC 2, NIST). Proven experience in IT compliance, risk management, or data governance roles. Excellent understanding of IT infrastructure, cyber security principles, and ...

where developmental feedback is received Critical Competencies – Technical Fit Good understanding of at least one audit framework; PCI DSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, Microsoft 365 Certification, etc Ability to deliver, without supervision/support, at least one Cyber Practice GRC service Aptitude for understanding … technologies specific to the Cyber Security industry Desirable Competencies Exposure to multiple industry audit/compliance frameworks; PCI DSS, ISO 27001, Cyber Essentials, NIST, SOC 2, NIS2, etc Exposure to Amazon AWS, Microsoft Azure or Google GCPs cloud platforms Data Privacy Experience, e.g. GDPR, DPA2018 ...

like to have an initial teams/zoom with those selected. Keywords: Security Engineer, Cyber Security Engineer, Information Security Engineer, Palo Alto, SOC, SOC 2, ISO27001, CIS, SAST, DAST, VPN, Vulnerability, Pen Testing, InfoSec, CyberSec ...

given risk assessment framework (Third Party Risk Management/Vendor Assessment). Assists and/or takes the lead in managing/overseeing annual SOC2 & ISO27001 audits. Contributes in annual InfoSec Policies review/edits/updates and provides considered input. Review proposed client engagement terms and conditions and apply … direction. Demonstrates the ability to take on an assignment, project, or problem and lead, define, and implement a solution to completion. Requirements: Knowledge of SOC2 and ISO 27001 control frameworks. Knowledge of risk frameworks and risk management processes. Ability to work effectively in a team environment and across all organizational ...

given risk assessment framework (Third Party Risk Management/Vendor Assessment). Assists and/or takes the lead in managing/overseeing annual SOC2 & ISO27001 audits. Contributes in annual InfoSec Policies review/edits/updates and provides considered input. Review proposed client engagement terms and conditions and apply … direction. Demonstrates the ability to take on an assignment, project, or problem and lead, define, and implement a solution to completion. Requirements: Knowledge of SOC2 and ISO 27001 control frameworks. Knowledge of risk frameworks and risk management processes. Ability to work effectively in a team environment and across all organizational ...

and configuration baselines are followed. Security Governance & Compliance Contribute to maintaining security standards and aligning with frameworks such as ISO 27001, NIST, CIS, or SOC 2. Support audits, evidence collection, and compliance reporting (e.g., GDPR, PCI-DSS). Develop and maintain documentation for policies, procedures, architecture, and runbooks. Collaboration ...

Alert Logic, Qualys, M365 Security, and AWS Security Products. Understanding security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST. An understanding of network protocols & practices, firewalls, intrusion detection/prevention systems and WAFs. We value teamwork, collaboration & technical excellence – the company are heavily ...

Prometheus, Grafana, ELK, etc.). Strong communication skills and the ability to collaborate across engineering teams. Knowledge of compliance/security frameworks (PCI DSS, SOC2, ISO, GDPR). Experience with microservices and serverless environments. Familiarity with SQL/NoSQL databases. Proven ability to lead technical initiatives in complex environments. Location ...

Prometheus, Grafana, ELK, etc.). Strong communication skills and the ability to collaborate across engineering teams. Knowledge of compliance/security frameworks (PCI DSS, SOC2, ISO, GDPR). Experience with microservices and serverless environments. Familiarity with SQL/NoSQL databases. Proven ability to lead technical initiatives in complex environments. Location ...

monitor systems, networks, and logs then investigate security breaches, incidents and other cybersecurity events. You will also oversee compliance for regulatory requirements, such as SOC2, HIPAA, ISO 27001, GDPR and ensure systems adhere to these standards. You'll be part of a fast-paced, inclusive team that values creativity, curiosity ...

communicate confidently with senior stakeholders, simplify technical topics, and drive collaboration across teams. Success in this role requires strong knowledge of security architectures, SOC operations, and attacker techniques, plus experience with platforms like Microsoft Sentinel, AWS security, and tools such as CrowdStrike and Tenable. Excellent communication, commercial awareness, and … security architectures (SIEM/SOAR, EDR/XDR, identity, cloud, vulnerability management). • Understanding of attacker techniques (MITRE ATT&CK), detection engineering, and SOC KPIs. • Experience with professional services (penetration testing, DFIR, threat hunting). • Proficiency in Microsoft (Sentinel, Defender, Entra), AWS security, and tools like CrowdStrike, Darktrace, SentinelOne ...

Defender for Cloud, encryption using Azure Key Vault, network security with NSGs and Azure Firewall, Azure Policy for governance, and compliance frameworks (ISO 27001, SOC 2, GDPR). Experience conducting security assessments using Microsoft Secure Score, implementing security hardening, and responding to security incidents. Backup & Disaster Recovery - Experience ...

monitor systems, networks, and logs then investigate security breaches, incidents and other cybersecurity events. You will also oversee compliance for regulatory requirements, such as SOC2, HIPAA, ISO 27001, GDPR and ensure systems adhere to these standards. You'll be part of a fast-paced, inclusive team that values creativity, curiosity ...

and related compliance tools Entra ID (Azure AD), Conditional Access and Identity Governance Data Loss Prevention, sensitivity labels and insider risk management ISO 27001, SOC 2, GDPR and NIS2 frameworks PowerShell scripting and use of Microsoft Graph API Working across cloud, infrastructure and application teams Certifications required ...

and Datadog experience desirable). Ensure compliance and security through Microsoft Defender for Cloud, Azure Policy, Key Vault, and accepted frameworks (ISO 27001, SOC 2, GDPR). Conduct backup and disaster recovery operations using Azure Backup, Site Recovery, and geo-redundant storage for business continuity. Collaborate effectively across ...

and Datadog experience desirable). Ensure compliance and security through Microsoft Defender for Cloud, Azure Policy, Key Vault, and accepted frameworks (ISO 27001, SOC 2, GDPR). Conduct backup and disaster recovery operations using Azure Backup, Site Recovery, and geo-redundant storage for business continuity. Collaborate effectively across ...

stakeholders at all levels in a typical corporate environment. Desirable: Experience working within or implementing industry standard security and compliance standards, e.g. ISO 27001, SOC2, Cyber Essentials Plus Experience working with outsourced providers for engineering & technical resources as well as systems/services. Experience working in a regulated industry, e.g. ...

stakeholders at all levels in a typical corporate environment. Desirable: Experience working within or implementing industry standard security and compliance standards, e.g. ISO 27001, SOC2, Cyber Essentials Plus Experience working with outsourced providers for engineering & technical resources as well as systems/services. Experience working in a regulated industry, e.g. ...

and assist with customers’ RFIs and RFPs; Obtain at least CII certification to appreciate how the insurance industry works. Qualifications Essential: A minimum of 2 years in an infrastructure, SysOps or Security role; Active Directory management; AWS ecosystem, especially AppStream 2.0. NTFS permission & Group Policy configuration & management; Microsoft … Information Security specialism. Desirable: IaaS and PaaS environments; SQL; VMWare Cloud Director; SharePoint Windows IIS security & management; Security & GDPR compliance (ISO27001/ISO27032/SOC 2 ...

balances speed with sustainability. Passion for writing maintainable, scalable code. Knowledge of security and compliance best practices (e.g. HIPAA/GDPR, NHS DTAC, SOC 2). Bonus: experience in healthcare, medtech, or regulated environments. ...