1 to 25 of 48 SOC 2 Jobs in the UK

Cybersecurity Engineer (ISO27001 & SOC 2 Lead) Location: London (3 days per week onsite) Must have Right to Work: Cannot provide sponsorship Overview A newly created role to take ownership of ISO27001 and SOC 2 certification, ongoing compliance, and the organisation's overall security posture. This position … transitioned or is transitioning into cybersecurity and wants to operate as the central technical security owner. Key Responsibilities Security Governance & Compliance (ISO27001 & SOC 2) Own and maintain ISO27001 and SOC 2 certification processes. Lead evidence collection, control implementation, compliance documentation, and readiness for external audits. Maintain ...

while helping to strengthen overall security posture. Key Responsibilities Certification & Compliance Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/… commercial teams Deliver training and promote best practices across the organisation What We're Looking For Experience Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST) Strong understanding of Security Operations (SOC) environments Experience supporting audits, RFPs, and customer assurance activities Knowledge ...

addition maintaining the organisations compliance with ISO 9001:2025 (Already certified). Looking forward into the future these requirements are also on the horizon: SOC 2 Type 2: For targeting US-based clients DPIA (Data Protection Impact Assessment) AI-Specific Compliance (The 2026 Frontier) ISO/… people side of making compliance work in practice. Youll likely bring: Proven experience implementing at least one of: Cyber Essentials, ISO 27001:2022 or SOC 2 Strong organisational skills and the ability to break complex frameworks into clear, actionable steps Confidence working with technical teams and a comfort ...

security posture, reliability culture, and operational excellence. Key Responsibilities Architect, implement, and scale cloud infrastructure to support rapid growth Prepare systems and processes for SOC 2/ISO 27001 audit readiness Build and maintain CI/CD pipelines across backend, frontend, and data services Develop and manage logging … Platform Engineering Strong track record owning infrastructure end‐to‐end Experience in high‐growth or high‐load environments Familiarity with compliance frameworks (SOC 2, ISO 27001, GDPR) History of driving reliability, security, and cost efficiency Someone who thrives in fast-moving, evolving environments and enjoys solving hard problems ...

with a willingness to broaden your expertise.Understanding of hybrid and on-premise security concepts.Awareness of key frameworks such as ISO 27001, NIST, SOC 2, and CIS Controls.Cloud Security Technologies & PlatformsExperience with some of the following is helpful (not all required):Microsoft Defender for Cloud, AWS Security Hub, GuardDuty … KeywordsCloud Security, Cyber Security, Pre-Sales Consultant, Azure Security, AWS Security, GCP Security, CSPM, CIEM, IAM, Zero Trust, SIEM, XDR, Kubernetes Security, DevSecOps, ISO27001, SOC 2, Security Consultant. ...

Infrastructure as Code – Build and maintain Terraform across projects, networks, IAM, and services Enforce security and compliance – Implement controls aligned with healthcare requirements (HIPAA, SOC 2, ISO 27001); configure IAM, service accounts, workload identity, network security, and audit logging; support audits and remediation activities Manage internet-facing architecture …/identity-based access models Experience with containerised and serverless workloads (Cloud Run, GKE, Docker) Practical experience implementing security controls in cloud environments (SOC 2, ISO 27001, HIPAA, or similar) Experience operating web-facing, security-sensitive systems Comfortable working closely with ML, data, and product teams to translate ...

program. - Conduct internal audits, third-party risk assessments, and due diligence reviews. - Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. - Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. - Identify gaps in security controls and recommend … and audit. - Strong understanding of international regulatory frameworks and standards. - Hands-on experience with: - ISO27001 audits and implementation - GDPR compliance - NIST cybersecurity framework - SOX, SOC 2, HIPAA, CCPA, LGPD - Ability to interpret complex regulatory requirements and translate them into actionable controls. - Excellent communication and stakeholder engagement skills. - Strong ...

program. - Conduct internal audits, third-party risk assessments, and due diligence reviews. - Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. - Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. - Identify gaps in security controls and recommend … and audit. - Strong understanding of international regulatory frameworks and standards. - Hands-on experience with: - ISO27001 audits and implementation - GDPR compliance - NIST cybersecurity framework - SOX, SOC 2, HIPAA, CCPA, LGPD - Ability to interpret complex regulatory requirements and translate them into actionable controls. - Excellent communication and stakeholder engagement skills. - Strong ...

emerging threats, risk and security. Governance and Compliance - maintain frameworks and ensure compliance with a range of standards including - GDPR, PCI DSS, PCI 3DS, SOC 2, NIST, etc. Risk Management - responsible for risk audits and managing 3rd party and supply chain risk. Secure Development - ensure security is integrated … senior Information Security roles. A relevant professional certification (CISS or CISM) Detailed understanding of GDPR Strong knowledge of compliance frameworks (PCI DSS, PCI 3DS, SOC 2) Experience of secure software development practices and cloud security. Strong analytical and problem solving skills. This is an excellent opportunity ...

Zscaler, or equivalent; conditional access policy design and implementation DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation Red team, adversarial simulation, or penetration testing programme design - experience on both … Zscaler, or equivalent; conditional access policy design and implementation DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation Red team, adversarial simulation, or penetration testing programme design - experience on both ...

Architect secure, compliant Data Sharing patterns for external research partners, translating legal/contractual constraints into technical controls. Drive the data architecture roadmap toward SOC 2 and ISO 27001 readiness, focusing on auditability and access control for training data. About You You are an experienced Architect (e.g., TOGAF … with: Data governance frameworks Data tenancy and segregation models Data consistency and replication patterns Secure data sharing between organizations Beneficial Skills Prior involvement in SOC 2, ISO 27001 compliance programmes, particularly from a data architecture perspective. Exposure to scientific, chemical, or manufacturing data environments. Familiarity with modern data ...

Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid … prem, On Premise, Infrastructure, VMWare, HyperV, Virtualisation, Software testing, software development, Agile, ITIL, ITSM, SOC, Cyber Security, SOC2, ISO27001, Cyber Essentials Plus, GDPR, Cyber Essentials +, DR, Disaster Recovery, Backup, Veeam, Firewalls, Antivirus, IT Manager, Head of IT, Service Desk, Azure, Cloud, Hybrid, On prem, On Premise, Infrastructure, VMWare ...

operating as an Interim CISO/Head of InfoSec/Cyber Security Lead within global SaaS or technology environments Deep expertise across ISO27001, NIST, SOC 2 and PCI-DSS, with experience aligning and embedding controls across multi-region businesses Strong experience delivering and optimising ISMS/security governance ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

and cloud compliance best practices. Experience with scripting languages (e.g., Python, Bash, PowerShell). Understanding of security certifications or industry compliance (e.g., ISO 27001, SOC 2) is a plus. Experience with Kubernetes or OpenShift for container orchestration. Familiarity with CI/CD pipelines and automation tools (e.g., GitHub ...

ability to influence senior stakeholders Desirable: Experience leading or maturing ISO 27001 programmes Exposure to operational resilience or outsourced service provider requirements Familiarity with SOC 2 and cyber assurance testing Personal Attributes Strategic and analytical mindset Confident working with senior leadership Able to make pragmatic, risk-based decisions ...

automation tasks. Strong understanding of API security, IAM policies, network security, and secrets management. Bonus Points For: Experience in regulated fintech or compliance frameworks (SOC2, ISO 27001, PCI DSS, DORA). Certifications such as Google Cloud Professional Security Engineer, CKS, or CISSP. Why You’ll Love Working Here Competitive salary ...

across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. ...

similar) • Experience improving developer workflows, not just running tools • AWS (IAM, networking, compute, storage) Nice-to-Have • Experience with compliance-aware environments ((GDPR, SOC2, PCI DSS) · AWS, Kubernetes, or security certifications How You Think & Work • You care about developer experience and delivery speed • You question manual steps and automate them ...

degree with 8+ years). In-depth understanding of key frameworks such as NIST (800-37, 800-30, 800-53), ISO 27001/27005, SOC 2, PCI or MITRE ATT&CK. Solid understanding of cloud models, application security, vulnerability and patch management. Experience in regulated and/ ...

highly regulated technical environment. Frameworks: Expert-level knowledge of NIST CSF 2.0 , ISO 27001 , and NIST 800-53 . Familiarity with TPN (MPA) or SOC 2 is highly preferred. Technical Fluency: You do not need to be a coder, but you must understand core security concepts (e.g., SAML ...

security Infrastructure-as-code mindset and strong automation skills Comfortable working cross-functionally and owning shared platforms Nice to Have Experience with compliance frameworks (SOC 2, ISO 27001, etc.) Familiarity with SRE principles and reliability engineering Security certifications or deep interest in cloud security About ...