1 to 25 of 166 SOC 2 Jobs in the UK

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The SOC 2 Manager, Audit & Certification will be perform the following: Lead SOC 2 audits and related projects for Deloitte Technology Liaise with … SOC 2 external auditors to scope and facilitate SOC 2 audits gathering and presenting evidence as required to support DT's SOC 2 audits. Understand technology controls, testing of controls, and supporting evidence to meet SOC 2 Trust Service Criteria. Understand technology … the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure meet the SOC 2 Trust Service Criteria. Manage audit findings; identify and track remediation activities to meet target dates for closure, and track/report progress. More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The SOC 2 Manager, Audit & Certification will be perform the following: Lead SOC 2 audits and related projects for Deloitte Technology Liaise with … SOC 2 external auditors to scope and facilitate SOC 2 audits gathering and presenting evidence as required to support DT's SOC 2 audits. Understand technology controls, testing of controls, and supporting evidence to meet SOC 2 Trust Service Criteria. Understand technology … the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure meet the SOC 2 Trust Service Criteria. Manage audit findings; identify and track remediation activities to meet target dates for closure, and track/report progress. More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The SOC 2 Manager, Audit & Certification will be perform the following: Lead SOC 2 audits and related projects for Deloitte Technology Liaise with … SOC 2 external auditors to scope and facilitate SOC 2 audits gathering and presenting evidence as required to support DT's SOC 2 audits. Understand technology controls, testing of controls, and supporting evidence to meet SOC 2 Trust Service Criteria. Understand technology … the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure meet the SOC 2 Trust Service Criteria. Manage audit findings; identify and track remediation activities to meet target dates for closure, and track/report progress. More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The SOC 2 Manager, Audit & Certification will be perform the following: Lead SOC 2 audits and related projects for Deloitte Technology Liaise with … SOC 2 external auditors to scope and facilitate SOC 2 audits gathering and presenting evidence as required to support DT's SOC 2 audits. Understand technology controls, testing of controls, and supporting evidence to meet SOC 2 Trust Service Criteria. Understand technology … the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure meet the SOC 2 Trust Service Criteria. Manage audit findings; identify and track remediation activities to meet target dates for closure, and track/report progress. More ❯

lead every decision wemake and action we take, guiding us to deliver impact how and where it mattersmost . Connect to your opportunity The SOC 2 Manager, Audit & Certification will be perform the following: Lead SOC 2 audits and related projects for Deloitte Technology Liaise with … SOC 2 external auditors to scope and facilitate SOC 2 audits gathering and presenting evidence as required to support DT's SOC 2 audits. Understand technology controls, testing of controls, and supporting evidence to meet SOC 2 Trust Service Criteria. Understand technology … the confidentiality, integrity, and availability of the information technology environment for on premises as well as cloud hosted IT applications and infrastructure meet the SOC 2 Trust Service Criteria. Manage audit findings; identify and track remediation activities to meet target dates for closure, and track/report progress. More ❯

About the Role We are seeking an experienced SOC 2/IT GRC Specialist Contractor to support and guide our SOC 2 Type II accreditation program. This is a critical role in a fast-moving, regulated environment, requiring hands-on experience with SOC 2 … our Information Security, Engineering, IT, QA, and Compliance teams, the successful candidate will assess current controls, implement necessary enhancements, and lead the organization through SOC 2 readiness and audit. Key Responsibilities Lead and execute SOC 2 Type II readiness activities from planning through audit support. Perform … a gap analysis against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality). Collaborate with control owners to define, implement, and document controls in alignment with SOC 2 and GxP expectations. Author, review, and enhance IT and security policies, SOPs, and governance documentation. Support GxP-aligned More ❯

Engineer to join our growing engineering team. As a company, we are ISO 27001-certified and need to maintain this certification while preparing for SOC 2 compliance. Security responsibilities currently sit across different teams, but as compliance requirements increase, a dedicated security engineer is needed to support ongoing … improve Duel's overall security posture. The focus of this role is to help maintain our compliance responsibilities through Secureframe, support ISO 27001 and SOC 2 audits, manage security vulnerabilities, and work within engineering to introduce security best practices into development, infrastructure, and operations. We're Looking for … Assist in managing ISO 27001 renewals by maintaining compliance documentation and ensuring key security practices are followed. Help support the company's transition towards SOC 2 certification by tracking requirements and implementing necessary security measures. Work within Secureframe to maintain compliance records, ensuring a structured and organised approach More ❯

and preparing for audits while also providing consultation on PCI requirements to Engineering, SecOps, and Architecture teams. Additionally, the role will support ISO 27001, SOC 2 Type 2, and other certification audits, assist with security assurance activities such as design reviews and client security questions, and collaborate … of improvement. Stay up to date with PCI DSS standard updates and ensure timely adaptation of new requirements. Manage and support ISO 27001 and SOC 2 Type 2 certification processes, ensuring evidence gathering, control validation, and audit preparation. Assist in responding to client security questionnaires and third … understanding of PCI DSS requirements, controls, and assessment processes. Hands-on experience with security controls, cloud environments, and security architecture. Experience with ISO 27001, SOC 2 Type 2, or other security frameworks. Proven ability to work effectively with senior leadership, auditors, external partners, and cross-functional teams. More ❯

streamline transactions and enhance customer relationships. As they continue their growth, they are engaging with larger customers who are wary of security, particularly around SOC 2 and data protection. As a result, they are looking for a highly skilled and experienced Information Security Analyst/Manager to help … lead them through an end-to-end SOC 2 implementation. You will need to define the SOC 2 compliance, identifying necessary controls and collaborating with engineers and admins to implement and control effectively. Required Experience: Experience implementing SOC 2 at Scale. (Must-Have) Background More ❯

product roadmap priorities based on client feedback. Respond to technical sections of RFPs, RFIs, and security questionnaires, ensuring alignment with regulatory standards (e.g., ISO27001, SOC 2, GDPR). Act as a trusted advisor to clients and internal teams, bridging the gap between commercial goals and technical feasibility. Stay … managers, or exchanges. Proven experience supporting long sales cycles and navigating enterprise procurement processes. Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, MiFID II, GDPR, or cloud governance in regulated industries. Skills & Competencies: Excellent communication and presentation skills, with the ability to simplify complex More ❯

product roadmap priorities based on client feedback. Respond to technical sections of RFPs, RFIs, and security questionnaires, ensuring alignment with regulatory standards (e.g., ISO27001, SOC 2, GDPR). Act as a trusted advisor to clients and internal teams, bridging the gap between commercial goals and technical feasibility. Stay … managers, or exchanges. Proven experience supporting long sales cycles and navigating enterprise procurement processes. Familiarity with industry standards and frameworks such as ISO 27001, SOC 2, MiFID II, GDPR, or cloud governance in regulated industries. Skills & Competencies: Excellent communication and presentation skills, with the ability to simplify complex More ❯

with security teams to ensure that the platform complies with industry regulations and standards, including data protection, privacy, and security best practices (e.g., GDPR, SOC 2, etc.). Cost Management: Optimize platform operations and infrastructure for cost-efficiency, particularly in cloud environments. Implement monitoring and alerting to keep … systems. Experience implementing SLAs, SLOs, and SLIs is a plus. In-depth understanding of platform security, data privacy, and regulatory compliance requirements (e.g., GDPR, SOC 2, PCI-DSS). Experience managing infrastructure costs, optimizing cloud usage, and driving operational efficiencies. Proven ability to analyze complex problems, identify solutions More ❯

into CI/CD pipelines. Lead deployment of zero-trust architectures, security automation, and monitoring solutions. Support security incident detection, investigation, and response with SOC and Red Team. Threat & Vulnerability Management Conduct regular security assessments, vulnerability scans, and penetration tests, prioritizing remediation efforts. Develop automated solutions for common security … and alerts, refining detection and response procedures. Risk & Compliance Support Collaborate with GRC and compliance teams to implement controls aligned with ISO 27001, NIST, SOC 2, and GDPR. Assist in security reviews for vendors, M&A due diligence, and cloud risk assessments. Ensure adherence to regulatory standards and … Proficiency in scripting (Python, PowerShell) and infrastructure-as-code (Terraform, Ansible). Deep understanding of vulnerability management, penetration testing, and security hardening. Knowledge of SOC processes, incident response, and forensics. Strong grasp of zero-trust architectures, identity security, and secure DevOps practices. Ability to work collaboratively across IT, DevOps More ❯

security strategy, policies, and procedures, aligning them with business objectives and risk tolerance. Oversee the maintenance and expansion of existing security certifications (ISO 27001, SOC 2) and drive initiatives for future certifications (e.g., ISO 22301, DORA). Direct regular security audits, risk assessments, and vulnerability analyses, ensuring that … and IT-regulations that apply to financial institutions or its outsourcing partners. In-depth knowledge of relevant regulatory requirements and industry standards (ISO 27001, SOC 2, GDPR, DORA, etc.). Experience with cloud security (AWS, Google etc.), application security, and DevSecOps practices is a significant plus. Proven experience More ❯

/CD pipelines. Lead the deployment of zero-trust architectures, security automation, and monitoring solutions. Support security incident detection, investigation, and response alongside the SOC and Red Team. Threat & Vulnerability Management Perform regular security assessments, vulnerability scans, and penetration tests, prioritizing remediation efforts. Develop automated remediation for common security … fine-tuning detections and response playbooks. Risk & Compliance Support Work with GRC and compliance teams to implement security controls aligned with ISO 27001, NIST, SOC 2, and GDPR. Support security reviews for third-party vendors, M&A due diligence, and cloud risk assessments. Ensure compliance with regulatory frameworks … Familiarity with scripting (Python, PowerShell) and infrastructure-as-code (Terraform, Ansible). Deep understanding of vulnerability management, penetration testing, and security hardening. Knowledge of SOC processes, incident response, and forensics. Strong grasp of zero-trust architectures, identity security, and secure DevOps practices. Ability to work cross-functionally with IT More ❯

Risk Analyst - Nottingham City Contract type: Permanent Hours: Full-time, 35 hours Location: Head Office, Nottingham (Hybrid working, minimum 2 days per week) Application process: Please apply via the application button which will direct you to our careers site. If you require any adjustments to assist you in applying … to identify vulnerabilities, focusing on protecting customer data and financial systems. Regulatory Compliance: Ensure compliance with regulations and standards like GDPR, ISO 27001, CQuest, SOC 2, and FCA and PRA guidelines. Effectiveness Monitoring: Monitor and assess the effectiveness of security controls, policies, and procedures. Audit Support : Support audits … track security incidents and breaches, ensuring appropriate mitigation and response strategies. About you: - Information Security Frameworks: Familiarity with frameworks such as NIST, ISO 27001, SOC 2, and GDPR. Financial Sector Requirements: Knowledge of specific information security needs for financial institutions and building societies. Security Controls and Risk Management More ❯

creation, and permission management. Monitor and maintain IT security best practices (MFA, endpoint protection, device patching, etc.) aligned with compliance frameworks (Cyber Essentials, ISO27001, SOC 2). Support and contribute to the firm's compliance initiatives, including audits and certification processes. Assist in evaluating, implementing, and optimising new … to legal, private equity, or financial services environments. Experience supporting or administering AI-based applications or workflow tools. Familiarity with security frameworks (ISO 27001, SOC 2) and compliance requirements. Experience with scripting (PowerShell, Bash) or IT automation tools. Knowledge of additional SaaS platforms (Slack, HubSpot, etc.). EQUAL … know ahead of any interview, we will be happy to suggest or confidentially discuss reasonable adjustments. Recruitment Process: Step 1: Submit your CV Step 2: Introductory call with our Head of Talent Step 3: Interview with our IT Manager Step 4: Interview with our CTO Step 5: Interview with More ❯

the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance (e.g. ISO/IEC 27001 and SOC 2 certification). What you'll be doing Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program. … of risk management, information security and IT jobs. Knowledge of common regulatory and information security management frameworks, such as ISO/IEC 27001, NIST, SOC 2 and GDPR. Excellent written and verbal communication skills and high level of personal integrity. Innovative thinking and leadership with an ability to More ❯

Lead the development and execution of the overall security strategy Own and manage risk across infrastructure, applications, and data Drive compliance efforts (ISO 27001, SOC 2, etc.) and support audit readiness Build security awareness across the company, including training and best practices Work closely with engineering to embed … scaling business Hands-on knowledge of cloud (AWS, GCP or Azure), application security, and security tooling Familiarity with compliance frameworks such as ISO 27001, SOC 2, and GDPR Excellent communication skills with the ability to influence both technical and non-technical stakeholders A strategic mindset, but comfortable working More ❯

Lead the development and execution of the overall security strategy Own and manage risk across infrastructure, applications, and data Drive compliance efforts (ISO 27001, SOC 2, etc.) and support audit readiness Build security awareness across the company, including training and best practices Work closely with engineering to embed … scaling business Hands-on knowledge of cloud (AWS, GCP or Azure), application security, and security tooling Familiarity with compliance frameworks such as ISO 27001, SOC 2, and GDPR Excellent communication skills with the ability to influence both technical and non-technical stakeholders A strategic mindset, but comfortable working More ❯

book of business. Become a product expert on Vanta and how our platform can be used to improve security posture through our compliance offerings (SOC 2, ISO 27001, GDPR, HIPAA, USDP, and Custom Frameworks), Trust Reports, and Risk Management solution. Guide implementation, configuration, and optimization of Vanta Trust … trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA, and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making More ❯

SENIOR SOC ANALYST Up to £80,000/Bonus + Excellent Staff Benefits Strong Career Growth Opportunities 2 Days Onsite/3 Days Remote No Shift Work (Normal 09:00-17:30pm) Working Hours An interesting opportunity has presented itself within one of the UKs largest Independent Software … Tools & Onboard New Functionality. You will also work with colleagues in the Governance & Compliance Functions to ensure appropriate usage of Data. As a Senior SOC Analyst you will use Leading, Enterprise-Led Tools & take Responsibility for Tuning & Maintaining Security Platforms to Deliver the Best Capability to other Information Security … Strong Verbal & Written Communication Skills Leadership, Coaching & Mentoring Skills. Strong Team Player Ideally Familiarity with Industry Standard Security Frameworks such as ISO 27001 or SOC2 Understanding of Common Network Protocols & Technologies such as TCP/IP, DNS & DHCP Searches: SOC Analyst/Lead SOC Analyst/Principle SOC More ❯

locations. Drive continuous IT system improvements and updates across the group. Lead and maintain Cyber Security accreditation's including Cyber Essentials , ISO 27001 , and SOC 2 . Implement, enforce, and maintain IT policies, standards, and processes company-wide. Monitor, administer, and maintain infrastructure and critical systems proactively. Transition … Windows Server , Active Directory , and LAN/WAN networking. Proven experience securing and maintaining Cyber Security accreditation's (Cyber Essentials mandatory; ISO 27001/SOC 2 preferred). Deep familiarity with Microsoft 365 , and ideally some exposure to an ERP Tenacious, resilient, and goal-oriented approach with excellent More ❯

expand globally, there’s significant scope to evolve this role into a leadership or specialist path. Real Autonomy : Drive the roadmap for frameworks like SOC 2 and FedRAMP. Lead audits. Own the processes — not just maintain them. High-Caliber Team : You’ll be joining a mission-led organisation … deep expertise in cybercrime disruption and a reputation for punching far above its weight. Core Responsibilities: Architect, manage, and continuously evolve compliance frameworks (e.g., SOC 2, Cyber Essentials, FedRAMP). Lead the end-to-end audit lifecycle — from evidence gathering to external walkthroughs. Work closely with legal to More ❯

expand globally, there’s significant scope to evolve this role into a leadership or specialist path. Real Autonomy : Drive the roadmap for frameworks like SOC 2 and FedRAMP. Lead audits. Own the processes — not just maintain them. High-Caliber Team : You’ll be joining a mission-led organisation … deep expertise in cybercrime disruption and a reputation for punching far above its weight. Core Responsibilities: Architect, manage, and continuously evolve compliance frameworks (e.g., SOC 2, Cyber Essentials, FedRAMP). Lead the end-to-end audit lifecycle — from evidence gathering to external walkthroughs. Work closely with legal to More ❯