23 of 23 Remote SOC 2 Jobs in the UK excluding London

clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk exception process, and drive SOC 2 readiness initiatives. Partnering with IT, architecture, SRE, and procurement teams, you'll translate complex technical risks into actionable business decisions and provide senior leaders with clear, data … driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the enterprise risk register. ** Manage risk exceptions and ensure timely review, tracking, and remediation … of risks. ** Drive SOC 2 readiness activities and collaborate with auditors and internal stakeholders to ensure compliance. ** Develop and enforce cybersecurity governance policies, standards, and procedures aligned with industry frameworks. ** Work with IT, SRE, Architecture, and Procurement teams to identify, assess, and mitigate technology and third party risks. ** Provide clear, actionable reporting and metrics to senior leadership, translating More ❯

clear visibility of its cyber risk exposure and the processes in place to respond effectively. You will oversee the enterprise risk register, manage the risk exception process, and drive SOC 2 readiness initiatives. Partnering with IT, architecture, SRE, and procurement teams, you'll translate complex technical risks into actionable business decisions and provide senior leaders with clear, data … driven insights. You will also align the company with leading industry frameworks such as NIST CSF, NIST 800 53, and SOC 2, helping advance its risk maturity. What You'll Be Doing ** Lead and continuously improve the cyber risk management program, including oversight of the enterprise risk register. ** Manage risk exceptions and ensure timely review, tracking, and remediation … of risks. ** Drive SOC 2 readiness activities and collaborate with auditors and internal stakeholders to ensure compliance. ** Develop and enforce cybersecurity governance policies, standards, and procedures aligned with industry frameworks. ** Work with IT, SRE, Architecture, and Procurement teams to identify, assess, and mitigate technology and third party risks. ** Provide clear, actionable reporting and metrics to senior leadership, translating More ❯

take ownership of day-to-day security operations, implement and refine controls, and play a hands-on role in ensuring compliance with recognised standards such as ISO 27001 and SOC 2 Type II. This is a visible and strategic position - ideal for someone who enjoys combining technical depth with governance, audit, and risk management responsibilities. Key Responsibilities Develop … Implement and manage controls across cloud and on-premises environments (Azure/AWS preferred). Lead incident response processes and investigations, coordinating remediation actions. Support compliance programmes - ISO 27001, SOC 2 Type II, and data-protection (GDPR). Deliver regular security reporting and KPI tracking for senior leadership. Drive security awareness training and best practice across the wider … team. What You'll Bring 5+ years' experience in information security, risk, or compliance roles. Strong understanding of ISMS principles (ISO 27001) and audit support for SOC 2 Type II. Hands-on experience with security tools and controls - SIEM, IAM/PAM, endpoint protection, vulnerability management. Working knowledge of data-protection and privacy standards (GDPR, HIPAA). Excellent More ❯

Salary: Up to £65,000 Employment Type: Permanent Job Summary: Our client, a leading IT services and consulting firm, is seeking a Cyber Security Assurance Manager to ensure their SOC meets and maintains … top security certifications and assurance standards. As part of the GRC function, you’ll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and CREST SOC accreditation. Key Responsibilities: Act as primary contact for customer assurance activities, supporting RFIs, RFPs, and client audit requests Deliver training and … awareness sessions on SOC assurance standards to internal teams Develop customer-facing assurance documentation demonstrating the organisation's security posture Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO/IEC 27001, Cyber Essentials Plus, CREST) Embed certification requirements into SOC governance, processes, and operational practices More ❯

external pen-test liaison) and two GRC specialists. What you’ll do Drive and extend ISO 27001 implementation/maintenance (UK certified; expanding to Madrid and Manila ). Support SOC 2 Type 2 maintenance (already accredited)—expert level not required. Oversee SIEM operations with the tech team: ensure log ingestion/coverage , daily monitoring, and follow-up. … GRC grounding plus solid technical understanding (AWS-heavy environment). Comfortable being hands-on where needed; people management nice-to-have, not essential. ISO 27001 (implementation/assurance) experience; SOC 2 exposure helpful. SIEM familiarity and the ability to work with engineers on coverage, tuning, and use-cases . Stakeholder-savvy; calm under pressure; excellent written/verbal More ❯

the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update … information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. More ❯

the Way in Cyber Security Assurance? Robert Half are seeking a dynamic, proactive, and experienced Cyber Security Assurance Manager to join a globally-scaled, fast-paced Security Operations Centre (SOC) environment. In this crucial role, you will ensure that the SOC maintains its commitment to best-in-class standards through internationally recognised security certifications and industry-wide assurance … member in Governance, Risk, and Compliance (GRC) , you will lead certification efforts, influence operational processes, and engage directly with customers and auditors to showcase security credentials that differentiate our SOC from the competition. If you're skilled in blending technical insight with customer-focused communication … while driving compliance excellence, this opportunity is for you! What We're Looking For: Qualifications and Experience: Proven experience delivering and managing cybersecurity certifications (e.g., ISO/IEC 27001, SOC2 Type II, Cyber Essentials Plus, CREST). A strong understanding of SOC operations and security assurance frameworks. Experience engaging with customers during audits and RFP/RFI processes, showcasing More ❯

portals, or golden path templates. Serverless and event-driven architectures (Functions, Logic Apps, Event Grid). Experience in regulated industries (e.g., Financial Services) and with compliance standards (ISO 27001, SOC 2). Knowledge of FinOps principles and cost governance on Azure. Interview process Stage 1 (remote): competency and technical interview including discussion of prior platform/DevOps work … and scenario-based problem solving. Stage 2 (on-site/remote): practical exercise (e.g., pipeline/IaC/Kubernetes task) and a short design presentation to a panel. Working schedule This role is permanent, full time, 37.5 hours per week, Monday to Friday. We offer a hybrid flexible working pattern to enable you the option of working from home More ❯

Anchore) Programming and scripting languages (Python, Go, YAML, JSON etc.) A background in financial services or similar regulated industries. Familiarity with compliance frameworks, and security requirements (e.g., ISO 27001, SOC 2, SOX, PCI DSS, FedRAMP, FFIEC, NYDFS, and SEC compliance requirements) A track record in consulting, solutions architecture, or technical coaching. Interest in technical sales and supporting go More ❯

operational workflows. Maintain and evolve infrastructure documentation and runbooks. Security & Compliance Enforce security best practices including MFA, time-based access controls, and role-based access. Ensure compliance with ISO27001, SOC 2, and other relevant standards. Manage responses to vendor security questionnaires and client-facing security documentation. Cross-Team Collaboration Partner with Engineering, Product, and Support teams to resolve More ❯

Develop cloud infrastructure architecture, standards, and best practices. Optimize cloud costs and performance for complex workloads including GPU-based instances. Implement cloud security measures aligned with compliance frameworks (CIS, SOC 2, HIPAA). Collaborate with data scientists and development teams to deploy production-ready solutions. Provide technical guidance and evaluate new cloud services. Necessary skills of the AWS More ❯

Senior DevSecOps Engineer - Global Health Data Platform Location: Oxford or London (hybrid: 3 office/2 WFH) Join a world-class research and technology organisation using data and AI to tackle global challenges - from health and food security to climate and clean energy. They're now hiring a Senior DevSecOps Engineer to help build and secure this cloud-first … Develop CI/CD pipelines (e.g., GitHub Actions) with built-in security testing. Support data scientists and engineers in deploying secure, automated workflows. Implement monitoring and compliance (ISO 27001, SOC 2, GDPR). Mentor engineers on DevSecOps best practices. What you'll bring Strong cloud experience (ideally OCI ). Industry experience in the pharma space Hands-on with More ❯

e.g. EC2, S3, RDS, Lambda, VPC, IAM, CloudFormation/Terraform). Experience with DevOps tools (e.g. Git, Jenkins, Docker, Kubernetes). Familiarity with security and compliance frameworks (e.g. CIS, SOC 2, HIPAA). Cloud certification at Associate or Professional level (e.g. AWS Solutions Architect, DevOps Engineer). For Associate Manager Level: Minimum 4 years of relevant experience. Strong More ❯

across multiple entities and territories, including risk appetite and impact/likelihood calibration. Has familiarity with regulations and standards such as ISO27001, NIST CSF, NIS2, COBIT, ITIL, GDPR, and SOC2, including developing and maintaining frameworks, policies and guidance, and implementation and monitoring strategies. Some of the key skillset required for this position are: Graduate level in Cyber Security, Computer Science More ❯

Cloud Presales Specialist/AI Presales Consultant/SaaS Integrations/APIs/Security/Compliance/AWS/Azure/GCP/NLP/ML/ISO27001/SOC2/GDPR More ❯

Strategy Define and implement the company's security strategy across AI, blockchain, and cloud environments. Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). Lead incident response, risk assessment, and threat modelling programmes. Build and mentor a world-class security team. AI Data Security Protect proprietary AI models, training data, and pipelines from … trust networks. Harden DevSecOps pipelines to ensure secure software delivery. Collaborate with engineering teams to integrate security by design into products. Compliance & Risk Management Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks. Lead risk assessments for third-party vendors and service providers. Work with legal and compliance teams on KYC/AML security for crypto More ❯

such as EC2, S3, RDS, Lambda, VPC, IAM, and CloudFormation or Terraform Strong experience with DevOps tools (Git, Jenkins, Docker, Kubernetes) Knowledge of cloud security and compliance frameworks (CIS, SOC 2, etc.) Proven track record of leading cloud migration or transformation projects Experience working in hybrid or multi-cloud environments is beneficial If you’re an AWS expert More ❯

such as EC2, S3, RDS, Lambda, VPC, IAM, and CloudFormation or Terraform Strong experience with DevOps tools (Git, Jenkins, Docker, Kubernetes) Knowledge of cloud security and compliance frameworks (CIS, SOC 2, etc.) Proven track record of leading cloud migration or transformation projects Experience working in hybrid or multi-cloud environments is beneficial If you’re an AWS expert More ❯

such as EC2, S3, RDS, Lambda, VPC, IAM, and CloudFormation or Terraform Strong experience with DevOps tools (Git, Jenkins, Docker, Kubernetes) Knowledge of cloud security and compliance frameworks (CIS, SOC 2, etc.) Proven track record of leading cloud migration or transformation projects Experience working in hybrid or multi-cloud environments is beneficial If you’re an AWS expert More ❯

at every level. Ideally, youll have: Strong experience in cybersecurity risk management or GRC roles A solid understanding of industry frameworks such as NIST CSF, NIST 800-53, or SOC 2 Hands-on involvement in audit or certification readiness programmes Excellent communication skills with the ability to translate security risk into business value This role is perfect for More ❯

by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged. Now more than ever, making security continuous—not just a More ❯

maintaining, and maturing the already established audit lifecycles for the following frameworks: PCI DSS v4.0, ISO 27001:2022, ISO 9001:2015, ISO 14001:2015, Cyber Essentials, Cyber Essentials Plus, SOC2 Type 1 – 3 & HIPAA Working in close collaboration with other team members, with peers, and across the business to ensure that mandatory and audit defined GRC requirements are effectively managed … Be a subject matter expert level knowledge of all the Information Security frameworks (as listed within the You Will be Responsible For section), e.g. PCI DSS, ISO 27001:2022, SOC2 etc. Possess a good, and demonstrable, understanding of EU/UK GDPR and the Data Protection Act 2018 etc. Have led and managed audit programmes from inception to completion for … PCI DSS and ISO 27001:2022. Experience in managing SOC2 audit requirements is highly desirable Any experience of working with CSA CCM v4.0 and associated cloud security frameworks is highly desirable. Have excellent knowledge of the principles of risk management, associated processes, and their relevance to maintaining a GRC programme. Are a strong and proactive collaborator with a positive professional More ❯

enterprise risk management, information governance, compliance, and risk assessment. Excellent communication skills - both written and verbal are required - with the ability to influence and educate. Knowledge of Cyber Essentials & SOC2 or other relevant standards would also be beneficial. What you'll get in return Salary is negotiable according to experience - they are considering salaries in excess of £50,000 within … reason! Hybrid working will move to 3 days a week in the office and 2 from home, after the initial settling-in period. 25 days holiday plus your birthday off! Free parking plus a range of company benefits What you need to do now If you're interested in this role, click 'apply now' to forward an up-to More ❯