1 to 25 of 66 SOC 2 Jobs in the UK

secure and reliable deployments. Provision, support & maintain required cloud services for development, test and QA. Implement cloud cost optimization strategies. Cybersecurity Ensure compliance with security standards (e.g., ISO 27001, SOC 2, GDPR) and internal policies and procedures for cloud and IT environments. Lead incident response, vulnerability management, and threat detection using SIEM tools, MDR and antivirus platforms. Secure … relevant work experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯

risks, regulatory exposure, and investment priorities to support long-term growth. Governance & Compliance Own company-wide security governance, including data protection, access control, and insider risk. Ensure compliance with SOC 2, ISO 27001, GDPR, and other relevant frameworks. Oversee security audits and third-party risk programs. Risk Management & Threat Intelligence Lead threat modelling, risk assessments, and security reviews … Deep understanding of cloud security (especially AWS), application security, and modern DevSecOps. Proven experience securing systems involving digital assets, cryptographic components, or distributed infrastructure. Strong grasp of regulatory frameworks: SOC 2, ISO 27001, GDPR, NIST, etc. Background in threat modeling, incident response, and risk management. Excellent leadership, communication, and stakeholder skills. Bachelor's or advanced degree in Computer More ❯

the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update … information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. More ❯

small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT … cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This More ❯

small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT … cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This More ❯

small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT … cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This More ❯

small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT … cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This More ❯

small but scalable team (3-5), aligning technology roadmaps with business goals, and managing vendor relationships and audit requirements. Key Areas of Responsibility Cybersecurity Ensure compliance with ISO 27001, SOC 2, GDPR, and other frameworks. Lead incident response, vulnerability management, and threat detection. Oversee disaster recovery and business continuity planning. Champion a DevSecOps culture across the organisation. IT … cloud infrastructure, or cybersecurity roles. Strong expertise with Azure, Oracle Cloud, and DevOps practices . Proven experience managing IT systems in SaaS or tech businesses. Familiarity with ISO 27001, SOC 2, NIST, and FedRAMP. Certifications such as CISSP, CISM, or advanced Azure credentials are a strong advantage. Excellent leadership, communication, and cross-functional collaboration skills. Why Apply? This More ❯

handling, and device security. Implement practical controls for identity and access management, encryption, endpoint protection, and incident response. Use your understanding of frameworks like Cyber Essentials, ISO 27001, or SOC 2 to guide scalable, pragmatic governance - even if full certification isn't required right away. Help prepare the business for potential future audit, assurance or client due diligence … headcount), ideally PE-backed or professional services-led. Strong practical knowledge of Microsoft 365, Azure AD, endpoint management, and identity/access controls. Familiarity with frameworks like ISO27001, SOC 2, or NIST - and the judgment to apply what's appropriate for scale. Experience working with (or managing) outsourced IT providers. Excellent communication and stakeholder skills - able to influence More ❯

them to specific business outcomes on their timelines. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Provide insightful technical answers and recommend the most efficient way for customers to … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

and expansion opportunities within your book of business Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust Management Platform Provide professional advice … by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous-not just a More ❯

Cybersecurity Engineer | £500 - £600 | Outside IR35 | 3 Months | Fully Remote We’re hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500–£600.The successful candidate will deliver the integration of CrowdStrike Falcon … with Vanta, and help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence to More ❯

Cybersecurity Engineer | £500 - £600 | Outside IR35 | 3 months | Fully Remote We're hiring a Cybersecurity Engineer to support a client on a 3-month contract focused on achieving SOC 2 and ISO 27001 compliance. This role is Outside IR35, fully remote, and offers a daily rate of £500-£600. The successful candidate will deliver the integration of CrowdStrike … Falcon with Vanta, and help implement the security controls, monitoring, and documentation required for audit readiness. Key Requirements Proven experience in cybersecurity engineering and compliance delivery Deep understanding of SOC 2 and ISO 27001 frameworks and audit processes Hands-on experience with integrating cybersecurity tools and platforms Experience integrating CrowdStrike Falcon and Vanta is a plus Strong adherence More ❯

development of effective security measures. Support the development, implementation, and continuous improvement of the organization's security strategy, policies, and procedures. Support the maintenance of our ISO 27001 and SOC 2 Level 2 certifications. What you'll bring Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree or relevant certifications … you? Competitive salary and uncapped commission. 26 days of annual leave and Bank Holidays Top-notch Private Healthcare and Health Cash Plan Hybrid working model Initial home office budget 2-month work abroad policy Great training and yearly learning budget Employer pension scheme Enhanced maternity pay Social activities and team outings Referral bonus Employee Assistance Program Great hardware and More ❯

Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated More ❯

technologies like Docker and Kubernetes Knowledge of security best practices for cloud environments (AWS, Azure, GCP) Understanding of security frameworks and compliance standards such as NIST CSF, ISO 27001, SOC 2 Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, agile environment Strong problem-solving skills and a passion for continuous improvement More ❯

tools (EDR, vulnerability scanners, SCA, etc.) Own and manage internal authentication (SSO, MFA, identity lifecycle) Secure endpoints, laptops, and internal systems Lead security awareness and employee training programs Drive SOC 1/2 and other compliance frameworks Build internal security policies, playbooks, and operational processes Manage relationships with vendors, auditors, and pentesters We're Looking For Someone Who … or similar certification Strong knowledge of cloud security, secure software development, and common vulnerabilities Proven experience securing production environments and CI/CD systems Familiarity with security compliance frameworks (SOC 2, ISO 27001) Experience deploying and operationalising security tools Excellent communication skills and the ability to collaborate across teams A pragmatic, system-oriented mindset that balances risk and More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence … the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background More ❯

of Natural Language Processing (NLP), model lifecycle management, and explainability techniques. - Ability to articulate how AI models integrate into enterprise workflows and compliance frameworks. Security & Compliance: - Strong grasp of SOC 2, ISO 27001, GDPR, and enterprise security best practices. - Understanding of identity and access management (IAM), encryption standards, and secure API design. Integrations & APIs: - Experience with RESTful APIs … whether it's troubleshooting a deployment, customizing a demo, or advising on architecture. * Thrives in a fast-paced, high-growth environment where adaptability and initiative are key. Education A 2:1 degree or higher in a technical, scientific, engineering, or mathematical discipline from a recognized university. What You'll Be Doing * Lead and Develop the Team: Recruit, mentor, and … list for this position. Useful Keywords Technical Presales Lead, Solutions Engineering, Pre-Sales Manager, Cloud Architecture, AWS, Azure, GCP, Kubernetes, ECS, Fargate, Terraform, AI/ML, NLP, Security Compliance, SOC2, ISO 27001, GDPR, SaaS, Enterprise Software, API Integrations, Player-Coach, Technical Leadership, Proof of Value, Enterprise Presales More ❯

Cyber Security Lead Oxfordshire - Hybrid - 2 days per week (Flexible) £50k - £60k plus Benefits Our Client are an award-winning leading IT company offering complete outsourced IT solutions to organisations across the UK and Europe. Based in Oxfordshire they provide a comprehensive range of support services, software and hardware solutions to major blue-chip clients and their technicians are … Act as the strategic security escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and … Secure Score, M365 compliance dashboards). Drive continuous posture improvement across client environments. Team Leadership & Growth Mentor and develop Security Analysts. Ensure team certifications remain up to date (minimum 2 per year per Analyst). Lead internal knowledge-sharing sessions to keep the team and wider MSP relevant against new threats and frameworks. Champion automation (RPA/AI) in More ❯

Systems Security Professional (CISSP) or equivalent IT Risk, Governance, Security Strategy certification. - Digital transformations experience to drive process improvements. - A good understanding of regulatory landscape (CSSF, DORA, EBA, NIS2, SOC 2) - Experience with cloud platforms risk management, cloud security, and compliance, including IAM, cloud incident response, and resilience testing. - Master's degree or equivalent. Amazon is an equal More ❯

execution with business goals, ensuring scalability, security, reliability, and maintainability. Your contribution Key Responsibilities 1. Technical Leadership • Architect secure, high-availability systems with compliance in mind (e.g., PCI DSS, SOC 2, ISO 27001). • Ensure robust encryption, audit trails, and access control mechanisms. • Guide backend design for high-volume transactional systems (e.g., ledgers, payments, identity verification). 2. More ❯