176 to 198 of 198 SOC 2 Jobs in the UK

maintaining, and maturing the already established audit lifecycles for the following frameworks: PCI DSS v4.0, ISO 27001:2022, ISO 9001:2015, ISO 14001:2015, Cyber Essentials, Cyber Essentials Plus, SOC2 Type 1 – 3 & HIPAA Working in close collaboration with other team members, with peers, and across the business to ensure that mandatory and audit defined GRC requirements are effectively managed … Be a subject matter expert level knowledge of all the Information Security frameworks (as listed within the You Will be Responsible For section), e.g. PCI DSS, ISO 27001:2022, SOC2 etc. Possess a good, and demonstrable, understanding of EU/UK GDPR and the Data Protection Act 2018 etc. Have led and managed audit programmes from inception to completion for … PCI DSS and ISO 27001:2022. Experience in managing SOC2 audit requirements is highly desirable Any experience of working with CSA CCM v4.0 and associated cloud security frameworks is highly desirable. Have excellent knowledge of the principles of risk management, associated processes, and their relevance to maintaining a GRC programme. Are a strong and proactive collaborator with a positive professional More ❯

regional regulatory requirements. Own security GRC automation tooling (Vanta) and work across the business to maintain security compliance posture. Successfully lead internal and external security audits - ISO 27001/SOC2 Type II/PCI DSS. Champion a company wide culture of security awareness and operational resilience by playing a key role in defining, maintaining, and managing security incident response and … research effectively to find the missing details. ISO 27001 et al - You have built and maintained an ISO 27001 certified ISMS before and led other important security audit assessments (SOC2, PCI, etc.). You may have also gained ISO 27001 Lead Auditor or alike certifications (a plus). Collaborator Extraordinaire - Strong communications skills with the ability to explain technical and … frameworks Flexibility surrounding other commitments; within your team we will work around child care or other appointments you have. We just ask for advance notice! For those London Based 2-3 days per week in office Working in a diverse and inclusive environment where we ensure that our people thrive Navro does not accept unsolicited resumes from search firms More ❯

ability to prepare client assurance packages (RFP/RFI/DDQ responses) and coordinate evidence collection Familiarity with blockchain or digital-asset custody environments (preferred) Proven history of supporting SOC 1/2, ISO 27001, PCI DSS, or similar external assessments Proficient in AWS, Azure, or GCP and in infrastructure-as-code tooling Self-motivated, with strong written More ❯

Cyber Security Analyst Milton Keynes – hybrid (2 days and then 3 days in the office rotating weekly) Up to £60,000, 10% annual bonus and excellent benefits. Our client is an impressive, innovative, multiple award-winning, leading IT Managed Service Provider; they believe great people build great companies and invest heavily in staff development, cultivating a culture of innovation … a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation efforts Maintain and … role. Hands-on experience with the Microsoft Security Stack and other leading security tools. Familiarity with network and application firewalls. Working knowledge of security frameworks such as ISO27001, NIST, SOC2, and Cyber Essentials Plus. Experience with Privileged Access Management tools (e.g., CyberArk, Entra, SailPoint). Ability to quickly learn and adapt to new security tools and technologies. More ❯

Cyber Security Analyst Milton Keynes – hybrid (2 days and then 3 days in the office rotating weekly) Up to £60,000, 10% annual bonus and excellent benefits. Our client is an impressive, innovative, multiple award-winning, leading IT Managed Service Provider; they believe great people build great companies and invest heavily in staff development, cultivating a culture of innovation … a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation efforts Maintain and … role. Hands-on experience with the Microsoft Security Stack and other leading security tools. Familiarity with network and application firewalls. Working knowledge of security frameworks such as ISO27001, NIST, SOC2, and Cyber Essentials Plus. Experience with Privileged Access Management tools (e.g., CyberArk, Entra, SailPoint). Ability to quickly learn and adapt to new security tools and technologies. More ❯

Cyber Security Analyst Milton Keynes – hybrid (2 days and then 3 days in the office rotating weekly) Up to £60,000, 10% annual bonus and excellent benefits. Our client is an impressive, innovative, multiple award-winning, leading IT Managed Service Provider; they believe great people build great companies and invest heavily in staff development, cultivating a culture of innovation … a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation efforts Maintain and … role. Hands-on experience with the Microsoft Security Stack and other leading security tools. Familiarity with network and application firewalls. Working knowledge of security frameworks such as ISO27001, NIST, SOC2, and Cyber Essentials Plus. Experience with Privileged Access Management tools (e.g., CyberArk, Entra, SailPoint). Ability to quickly learn and adapt to new security tools and technologies. More ❯

a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation efforts Maintain and … role. Hands-on experience with the Microsoft Security Stack and other leading security tools. Familiarity with network and application firewalls. Working knowledge of security frameworks such as ISO27001, NIST, SOC2, and Cyber Essentials Plus. Experience with Privileged Access Management tools (e.g., CyberArk, Entra, SailPoint). Ability to quickly learn and adapt to new security tools and technologies. Please be aware More ❯

a hands-on, operationally focused role that blends technical security responsibilities with governance, risk, and compliance (GRC) elements. As Cyber Security Analyst, you will: Lead cyber incident investigations with SOC and client teams Triage and analyse alerts across email, cloud, and hybrid systems Perform threat hunting and develop detection use cases Manage vulnerability assessments and remediation efforts Maintain and … role. Hands-on experience with the Microsoft Security Stack and other leading security tools. Familiarity with network and application firewalls. Working knowledge of security frameworks such as ISO27001, NIST, SOC2, and Cyber Essentials Plus. Experience with Privileged Access Management tools (e.g., CyberArk, Entra, SailPoint). Ability to quickly learn and adapt to new security tools and technologies. Please be aware More ❯

Senior Security Analyst Hybrid Buckinghamshire/Bedfordshire (2 days on-site per week) Excellent salary + bonus + benefits + funded training & certifications Our client, a leading global Managed Service Provider, is seeking a Senior Cyber Security Analyst to join and strengthen their growing security practice. This hands-on role sits at the forefront of defending enterprise-scale environments … internal teams. Optimise the Microsoft Security Stack: Sentinel, Defender (for Endpoint/Identity), Purview, and XDR. Support Zero Trust adoption, GRC initiatives, and audit/compliance reporting (ISO27001, NIST, SOC2, CE+). Centralise and improve visibility of security events by unifying logs across cloud, on-prem, applications, and endpoints. Integrate new log sources and systems into SIEM platforms, ensuring consistent … onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new technologies quickly. Why Join? Work at the cutting edge of security in a global MSP with enterprise clients and More ❯

Senior Security Analyst Hybrid – Buckinghamshire/Bedfordshire (2 days on-site per week) Excellent salary + bonus + benefits + funded training & certifications Our client, a leading global Managed Service Provider, is seeking a Senior Cyber Security Analyst to join and strengthen their growing security practice. This hands-on role sits at the forefront of defending enterprise-scale environments … internal teams. Optimise the Microsoft Security Stack: Sentinel, Defender (for Endpoint/Identity), Purview, and XDR. Support Zero Trust adoption, GRC initiatives, and audit/compliance reporting (ISO27001, NIST, SOC2, CE+). Centralise and improve visibility of security events by unifying logs across cloud, on-prem, applications, and endpoints. Integrate new log sources and systems into SIEM platforms, ensuring consistent … onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new technologies quickly. Why Join? Work at the cutting edge of security in a global MSP with enterprise clients and More ❯

Senior Security Analyst Hybrid – Buckinghamshire/Bedfordshire (2 days on-site per week) Excellent salary + bonus + benefits + funded training & certifications Our client, a leading global Managed Service Provider, is seeking a Senior Cyber Security Analyst to join and strengthen their growing security practice. This hands-on role sits at the forefront of defending enterprise-scale environments … internal teams. Optimise the Microsoft Security Stack: Sentinel, Defender (for Endpoint/Identity), Purview, and XDR. Support Zero Trust adoption, GRC initiatives, and audit/compliance reporting (ISO27001, NIST, SOC2, CE+). Centralise and improve visibility of security events by unifying logs across cloud, on-prem, applications, and endpoints. Integrate new log sources and systems into SIEM platforms, ensuring consistent … onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new technologies quickly. Why Join? Work at the cutting edge of security in a global MSP with enterprise clients and More ❯

edge tools like Terraform, GitHub Actions, and Kubernetes to create efficient, scalable systems. Ensuring the platform meets rigorous security standards, with compliance certifications including ISO 27001, PCI-DSS, and SOC 2. Working with high-availability systems using Azure SQL and MongoDB. What We Are Looking For Experience with core technology stack, especially C#. A passion for creating scalable, reliable … to share knowledge effectively. What Youll Get in Return They believe in investing in their people and creating an environment where you can thrive professionally and personally. Hybrid working (2 days in a brilliant office with free food, games, latest tech, lots of break out space) 38 days leave inclusive of bank holidays + extra discretionary days off through More ❯

edge tools like Terraform, GitHub Actions, and Kubernetes to create efficient, scalable systems. Ensuring the platform meets rigorous security standards, with compliance certifications including ISO 27001, PCI-DSS, and SOC 2. Working with high-availability systems using Azure SQL and MongoDB. What We Are Looking For Experience with core technology stack, especially C#. A passion for creating scalable, reliable … share knowledge effectively. What You’ll Get in Return They believe in investing in their people and creating an environment where you can thrive professionally and personally. Hybrid working (2 days in a brilliant office with free food, games, latest tech, lots of break out space) 38 days leave inclusive of bank holidays + extra discretionary days off through More ❯

we are hiring for Technical Data Architect location: Central London Type : Permanent Hybrid role (2-3 days from client location) We are seeking a highly skilled TechnicalData Architect- with expertise in Databricks, PySpark, and modern data engineering practices. The ideal candidate will lead the design, development, and optimization of scalable data pipelines, while ensuring data accuracy, consistency, and performance … data bricks and DBT workload and Delta Lake Familiarity with CI/CD pipelines, DevOps practices, and Git-based workflows. Knowledge of data security, encryption, and compliance frameworks (GDPR, SOC2, ISO ).good to have Excellent problem-solving skills, leadership ability, and communication skills. ________________________________________ Preferred Qualifications Certifications in Databricks, Azure good to have Experience with DBT , APIs, or ( BI integrations (Qlik More ❯

enterprise risk management, information governance, compliance, and risk assessment. Excellent communication skills - both written and verbal are required - with the ability to influence and educate. Knowledge of Cyber Essentials & SOC2 or other relevant standards would also be beneficial. What you'll get in return Salary is negotiable according to experience - they are considering salaries in excess of £50,000 within … reason! Hybrid working will move to 3 days a week in the office and 2 from home, after the initial settling-in period. 25 days holiday plus your birthday off! Free parking plus a range of company benefits What you need to do now If you're interested in this role, click 'apply now' to forward an up-to More ❯

Role: AWS Solutions Architect Location: London (Hybrid 2 days a week) Salary: Up to £95,000 + £5700 Car + Bonus Drive the Cloud Revolution with Us We’re one of the world’s leading providers of Cloud Solutions, helping global organizations transform the way they operate through the power of AWS. Join our AWS Architecture team, where innovation … such as EC2, S3, Lambda, RDS, API Gateway, IAM, CloudFormation/Terraform, and more. Proven experience in cloud migration, DevOps tooling (Git, Jenkins, Docker, Kubernetes), and security frameworks (CIS, SOC2, HIPAA). Strong ability to lead, communicate, and deliver results in a fast-paced, global environment. Set yourself apart with: Multi-cloud experience (AWS, Azure, Google Cloud). Familiarity with More ❯

Role: AWS Solutions Architect Location: London (Hybrid 2 days a week) Salary: Up to £95,000 + £5700 Car + Bonus Drive the Cloud Revolution with Us We’re one of the world’s leading providers of Cloud Solutions, helping global organizations transform the way they operate through the power of AWS. Join our AWS Architecture team, where innovation … such as EC2, S3, Lambda, RDS, API Gateway, IAM, CloudFormation/Terraform, and more. Proven experience in cloud migration, DevOps tooling (Git, Jenkins, Docker, Kubernetes), and security frameworks (CIS, SOC2, HIPAA). Strong ability to lead, communicate, and deliver results in a fast-paced, global environment. Set yourself apart with: Multi-cloud experience (AWS, Azure, Google Cloud). Familiarity with More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯

initiatives include: Conduct a full security assessment and define a phased roadmap for remediation and long-term controls Implement and enforce policies, processes, and standards, ensuring compliance with ISO27001, SOC2, and contractual obligations Build monitoring and incident-response capabilities (SOC/MDR) for proactive detection and rapid response Establish operational security practices, including safe handling of production data and … SaaS, ideally PE-backed, across multiple regions including North America Hands-on technical expertise in cloud and infrastructure security, incident management, penetration testing, and remediation Deep knowledge of ISO27001, SOC2, and data residency requirements, with experience embedding and maintaining compliance Skilled at modernising security culture, implementing scalable processes, and embedding accountability across distributed teams Comfortable in technical discussions, able to More ❯

Senior Security Analyst Hybrid Buckinghamshire/Bedfordshire (2 days on-site per week) Excellent salary + bonus + benefits + funded training & certifications Our client, a leading global Managed Service Provider, is seeking a Senior Cyber Security Analyst to join and strengthen their growing security practice. This hands-on role sits at the forefront of defending enterprise-scale environments … customer environments. Optimise the Microsoft Security Stack: Sentinel, Defender (for Endpoint/Identity), Purview, and XDR. Support Zero Trust adoption, GRC initiatives, and audit/compliance reporting (ISO27001, NIST, SOC2, CE+). Centralise and improve visibility of security events by unifying logs across cloud, on-prem, applications, and endpoints. Integrate new log sources and systems into SIEM platforms, ensuring consistent … MSP environments. Industry certifications such as Security+ , ISC2 CC , Cisco, or equivalent. Progress toward Microsoft security certifications: 3+ years of technical cyber security experience , preferably in an MSP, Enterprise SOC, or consultancy. Hands-on experience with Microsoft Sentinel, Defender, Purview, and XDR . Broad SIEM capability: ideally Microsoft Sentinel or Splunk and able to go beyond dashboards to build More ❯