1 to 25 of 28 SOC 2 Jobs in the UK excluding London

Cyber Security Assurance Manager Portsmouth, UK (flexible working - 2 days a week on-site!) I'm working with a fast-growing UK cyber security provider delivering SOC and managed security services to enterprise and critical infrastructure customers. As they scale, they're investing in assurance and governance … strengthen customer trust and credibility. They're hiring a Cyber Security Assurance Manager to own certifications, audits, and customer assurance across their SOC environment. This is a high-impact, visible role working closely with SOC, GRC, and commercial leadership. Key focus areas * Leading ISO 27001, SOC 2 ...

addition maintaining the organisations compliance with ISO 9001:2025 (Already certified). Looking forward into the future these requirements are also on the horizon: SOC 2 Type 2: For targeting US-based clients DPIA (Data Protection Impact Assessment) AI-Specific Compliance (The 2026 Frontier) ISO/… people side of making compliance work in practice. Youll likely bring: Proven experience implementing at least one of: Cyber Essentials, ISO 27001:2022 or SOC 2 Strong organisational skills and the ability to break complex frameworks into clear, actionable steps Confidence working with technical teams and a comfort ...

emerging threats, risk and security. Governance and Compliance - maintain frameworks and ensure compliance with a range of standards including - GDPR, PCI DSS, PCI 3DS, SOC 2, NIST, etc. Risk Management - responsible for risk audits and managing 3rd party and supply chain risk. Secure Development - ensure security is integrated … senior Information Security roles. A relevant professional certification (CISS or CISM) Detailed understanding of GDPR Strong knowledge of compliance frameworks (PCI DSS, PCI 3DS, SOC 2) Experience of secure software development practices and cloud security. Strong analytical and problem solving skills. This is an excellent opportunity ...

with engineering teams to embed data protection into application architecture and CI/CD pipelines Support compliance initiatives including GDPR, HIPAA, PCI DSS, and SOC 2 Conduct data-focused risk assessments and threat modelling Monitor and respond to data-related security incidents and alerts Develop and maintain data ...

ability to influence senior stakeholders Desirable: Experience leading or maturing ISO 27001 programmes Exposure to operational resilience or outsourced service provider requirements Familiarity with SOC 2 and cyber assurance testing Personal Attributes Strategic and analytical mindset Confident working with senior leadership Able to make pragmatic, risk-based decisions ...

design. Support penetration tests and third‐party security assessments, ensuring outcomes translate into completed remediation. Assist with compliance/assurance activity (e.g., ISO27001, SOC2, GDPR) by producing logs, evidence and documentation. Act as a confident security advocate in roadmap decisions—able to push back, prioritise critical risk items, and bring … hardening and vulnerability management. Experience with vulnerability assessments/penetration testing and driving remediation to closure. Working knowledge of frameworks such as ISO 27001, SOC 2 and GDPR, with practical experience embedding controls operationally. Comfortable working in automated environments using Infrastructure‐as‐Code (Terraform) and CI/ ...

design. Support penetration tests and third‐party security assessments, ensuring outcomes translate into completed remediation. Assist with compliance/assurance activity (e.g., ISO27001, SOC2, GDPR) by producing logs, evidence and documentation. Act as a confident security advocate in roadmap decisions—able to push back, prioritise critical risk items, and bring … hardening and vulnerability management. Experience with vulnerability assessments/penetration testing and driving remediation to closure. Working knowledge of frameworks such as ISO 27001, SOC 2 and GDPR, with practical experience embedding controls operationally. Comfortable working in automated environments using Infrastructure‐as‐Code (Terraform) and CI/ ...

Experience with authentication methods such as OAuth 2.0, API keys, JWT IT background with experience supporting, integrating, or administering enterprise software systems Exposure to SOC 2, GDPR, or enterprise security requirements Experience with Infrastructure as Code (CDK, CloudFormation, or Terraform) Knowledge of CI/CD pipelines and deployment … backed by real clients, real revenue, and real partnerships What We Offer 25 days holiday + bank holidays Pension scheme with 10% employer contribution 2% interest rate reduction on home mortgages Professional development & life assistance programs Snacks sent to your door—you pick, we pay 50% off Apple products ...

and cloud IAM integration. Compliance and Regulatory Controls - Strong knowledge of security frameworks and standards (NIST Cybersecurity Framework, ISO 27001/27002, PCI-DSS, SOC 2) and experience designing and implementing solutions using commercial and open-source security tools for lifecycle management of enterprise security infrastructure. Understanding ...

documentation, organisation, and communication skills. Confidence engaging with auditors, regulators, customers, and senior stakeholders. Desirable Experience HIPAA and healthcare/health tech compliance experience. SOC2 knowledge. Understanding of cloud security and SaaS environments. Qualifications (desirable but not required) CIPP/E, CIPM, CIPT ISO27001 Lead Implementer/Lead Auditor HCISPP ...

and associated services. Enhance identity governance, privileged access management, DLP, and data classification. Support Defender tooling and alert management. Threat & Vulnerability Management Work with SOC partners to triage and respond to alerts. Conduct vulnerability assessments and coordinate remediation efforts. Enhance endpoint protection and XDR capabilities. Security Operations & Compliance Harden … endpoints, and virtual desktop environments. Maintain logging, monitoring, and alerting coverage. Support external audits and recognised security certifications (e.g., Cyber Essentials Plus, ISO 27001, SOC 2). About You 3+ years’ experience in security engineering or cyber operations. Strong hands-on Azure and Microsoft 365 security expertise. Experience ...

places · Strong knowledge of Service acceptance criterias and key artefacts · Ability to ensure projects align with relevant frameworks including ISO 27001, NIST CSF, DORA, SOC 2, CIS Controls and regulatory requirements as applicable · Coordinate platform integration with existing infrastructure, applications, and cloud environments whilst ensuring security engineering and ...

security Infrastructure-as-code mindset and strong automation skills Comfortable working cross-functionally and owning shared platforms Nice to Have Experience with compliance frameworks (SOC 2, ISO 27001, etc.) Familiarity with SRE principles and reliability engineering Security certifications or deep interest in cloud security About ...

security Infrastructure-as-code mindset and strong automation skills Comfortable working cross-functionally and owning shared platforms Nice to Have Experience with compliance frameworks (SOC 2, ISO 27001, etc.) Familiarity with SRE principles and reliability engineering Security certifications or deep interest in cloud security About ...

operating within IT service providers, consultancies, or complex enterprise environments advantageous Strong knowledge of security frameworks and standards (ISO 27001, NIST CSF, CIS, GDPR, SOC 2, IEC 62443) Familiarity with risk management and regulatory compliance Desirable Certifications PMP, MSP, CISSP, CISM or equivalent ...

integration, security posture management). Compliance & Risk Knowledge of security and compliance frameworks such as NIST CSF, ISO 27001/27002, PCI-DSS, SOC 2 . Understanding of ITIL, risk management frameworks, and enterprise security governance processes. Agile Delivery Experience working in Agile environments (Scrum/Kanban) using ...

teams. Key Responsibilities Design and implement security strategies, policies and controls Lead vulnerability assessments, penetration testing and remediation Oversee regulatory and compliance frameworks including SOC2, ISO 27001 and GDPR Monitor systems and respond to incidents and security events Strengthen AWS and GCP cloud security environments Support customer and sales teams ...

Code: Implement and manage CI/CD pipelines using Git, Terraform, and related tooling. Governance & Compliance: Maintain audit trails and ensure releases meet SOC2, GDPR, and security standards. Risk & Readiness: Conduct release reviews, identify schema conflicts, and prevent production incidents. Stakeholder Coordination: Partner with IAM engineers, security architects, and operations ...

challenge assumptions diplomatically, and influence senior stakeholders. Provide guidance in across security frameworks and standards such as ISO27001, NIST CSF, PCI-DSS, Cyber Essentials, SOC 2 (or others/more/similar) where appropriate. Have a strong understanding of technical services, challenges, architecture and onoarding of those ...

market Oversee delivery across multiple concurrent initiatives Ensure operational excellence in deployment, monitoring and resilience Champion Security & Governance Drive secure engineering and compliance (GDPR, SOC2) Ensure risk-aware practices across architecture and delivery Support responsible AI governance What Youll Bring 10+ years in software engineering, including senior leadership experience Proven ...

Cyber Security Project Manager required for a global FTSE 100 organisation. The role is focused on leading the Threat Defence (SOC) workstream within a major cyber transformation programme. This role will drive the uplift of security operations and response capabilities, delivering enhanced network visibility and transitioning services into business … usual. Key Responsibilities Lead end-to-end delivery of the Threat Defence workstream (SOC, EDR, SIEM and security operations uplift). Define scope, milestones, resource plans, budgets and success criteria. Manage delivery through stage gates, governance forums and Steering Committee oversight. Oversee RAID management, risk mitigation and inter-workstream ...

SDLC, and assurance processes. Experience delivering "secure by design" in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications like ISO 27001, SOC 2, and GDPR. Proficiency in cloud security architecture, including zero-trust models, container security (e.g., AKS), and multi-cloud/hybrid strategies. Whilst ...

with: Defining and delivering an information security strategy aligned with business objectives Managing compliance with UK and international standards such as GDPR, PCI DSS, SOC 2, and related frameworks Leading audit activity, certifications, and third-party security assessments Incident response planning, vulnerability management, and security awareness initiatives Does ...

compliance topics. Champion ethical governance and sustainable practices in all sales engagements. Skills & Experience Strong understanding of compliance frameworks (e.g. ISO 27001, GDPR, SOC 2) and risk management principles. Experience supporting sales teams in a technical or compliance-focused capacity. Proven ability to complete RFPs and security questionnaires ...

and facilities-related troubleshooting. Oversee tech logistics for onboarding and offboarding. Governance, Compliance & Security Maintain IT policies and controls aligned with compliance standards (GDPR, SOC2, internal audit requirements, etc.). Manage access controls, asset tracking, and periodic IT audits. Develop data protection strategies and business continuity planning. Lead content protection ...