98 Security Compliance jobs in the United Kingdom
Senior Security & Compliance Specialist,Payments Security Compliance
London, London
Amazon
Posted 7 days ago
Job Viewed
Job Description
Description
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customeru2019s Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer orgu2019s voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the u201ctrusted advisoru201d. Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazonu2019s WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customeru2019s Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer orgu2019s voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the u201ctrusted advisoru201d. Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazonu2019s WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
0
Senior Security & Compliance Specialist,Payments Security Compliance
London, London
Amazon
Posted 7 days ago
Job Viewed
Job Description
Description
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customeru2019s Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer orgu2019s voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the u201ctrusted advisoru201d. Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazonu2019s WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customeru2019s Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer orgu2019s voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the u201ctrusted advisoru201d. Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazonu2019s WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region youu2019re applying in isnu2019t listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
1
Senior Security & Compliance Specialist, Payments Security Compliance
London, London
Amazon
Posted 2 days ago
Job Viewed
Job Description
Description
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customer's Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer org's voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the "trusted advisor". Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazon's WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
In compliance with regulatory requirements, and in alignment with business teams, Payments Security Compliance (PSC) team supports Amazon payments entities in select regions. Security Compliance Specialists have varying scope of responsibility in each region, depending on the nature of regulatory licenses to be maintained, number of regulators, the number of systems and teams in scope (blast radius of regulatory compliance), and the degree of stringency the local regime places on Security and Data protection
We are seeking an experienced, self-motivated Senior Security Compliance Specialist with strong Security and Compliance background. This candidate will be an innovative and forward thinking individual who possess in-depth knowledge and will be identifying Information Security compliance risks, drive Security Governance, Security Assurance and Risk Management efforts, manage regional regulatory compliance and contribute to emerging regulations and technology standards globally, partnering with Security Experts of Global Amazon Information Security teams. Your work directly impacts Customer's Trust in Amazon by providing secure, robust, and reliable payment services.
Key job responsibilities
- Positively impact how Amazon builds, consumes and operate software securely and in compliance with standards and regulations
- Contribute on emerging regulations and technology standards joining forces with AWS, Public Policy team and others, making Amazon Consumer org's voice heard in the relevant forums
- Communicate clearly and effectively to executive management on the plans, status and critical issues.
- Escalate urgent issues appropriately and driving them to closure in a timely manner
- Oversight on remediation programs impacting regulated region (s) being supported
- Be recognized as thought leader in Regulatory Security Compliance and Security best practices/standards
- Represents Security posture of regulated entities, in external regulatory audits
- Review Implementation of Security best practices and standards, drive continuous improvements
- Influence Security Control Assessment Automation efforts, for security and compliance at scale.
- Skilled in security risk analysis and making complex business/risk trade-off recommendations and decisions
- Maintaining C-level relationships with peers, stakeholders, boardrooms, and/or customers, often becoming the "trusted advisor". Also, create and maintain a trusted relationship with regulators and industry forums
About the team
The objective of Payments Security Compliance (PSC) is to oversee & manage Information Security Governance, Risk and Compliance (IS-GRC) for the Payments entities globally as part of Amazon's WW SRC team. The tenets for Payments Security Compliance team (Unless you know better ones) are:
We provide timely and accurate security, compliance, and risk data to the business to make decisions. We hold ourselves accountable for accuracy of the data and businesses accountable for timely customer trustworthy decisions.
We escalate appropriately to ensure that security and compliance issues are resolved promptly and with high judgment. If in doubt, we escalate and are clinical, precise, and complete in our escalation.
We are business-risk driven in security and compliance decisions. We exercise judgement and partner with businesses in managing risk.
We make it easy to be compliant. We eliminate, automate, provide self-service for customer compliance activities and in that order. Only where absolutely necessary we have manual activities.
We interpret unclear external regulations, industry standards or Amazon policies in favor of our businesses protecting customer trust.
We always favor automated policy enforcement over manual/best intentions policy enforcement.
We are slow and deliberate when adding new policies, quick to fix policy issues and quick to eliminate irrelevant policies. When we add or update policies we ensure they are enforceable.
Basic Qualifications
Bachelor's Degree in computer science, engineering or related discipline or equivalent experience
Familiarity with common attack patterns, exploitation techniques and remediation techniques will be plus
Experience with service-oriented architectures, private and public clouds and web services security.
Excellent communication, work prioritization and analytical skills.
Result oriented, high energy, self-motivated
Strong skills in security principles such as least privilege access, defense in depth, preventative vs detective controls,
Preferred Qualifications
Have a record of delivery of large scale security programs and/or technology solutions for major tech companies.
AWS knowledge preferred.
Work ethic based on a strong desire to exceed expectations. Experience working successfully in a very fast-paced, results-oriented environment.
Knowledge of technology and payment industry trends
Senior-level written and verbal communication skills
Ability to communicate effectively with both technical and non-technical stakeholders across multiple business units
Amazon is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success. We make recruiting decisions based on your experience and skills. We value your passion to discover, invent, simplify and build. Protecting your privacy and the security of your data is a longstanding top priority for Amazon. Please consult our Privacy Notice ( ) to know more about how we collect, use and transfer the personal data of our candidates.
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status, disability, or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.
This advertiser has chosen not to accept applicants from your region.
2
Security Compliance Manager
Greater London, London
£50000 - £55000 Annually
Gategroup
Posted 11 days ago
Job Viewed
Job Description
Job Overview
As the Security Compliance Manager, you will be responsible for the coordination, implementation, and continuous improvement of security activities across the UK & Ireland. You will ensure compliance with corporate, local, and legislative security requirements while actively supporting the development and effectiveness of our Security Management Systems.
Main duties
- Conduct site visits to all Gate Group rail and aviation sites providing expert security advice and solutions.
- Complete site Risk Assessments and surveys. Generate a risk report for further analysis and review.
- Advise with the writing and publishing of the security programme for all elements of the business.
- Advise with any new unit set ups.
- Provide threat assessments and advice as required.
- Manage the incident reporting systems ensuring that security breaches and potential security breaches are identified and investigated.
- Provide guidance with new business initiatives, providing future proofed solutions which are industry leading.
- Prepare an annual audit schedule and conduct security audits for all sectors of the business.
- Conduct Supplier Audits as per the legal or business requirements and communicate the results to all relevant stakeholders.
- Create a monthly security report and send out to all stakeholders
Qualifications
Education
- A Security specific professional course would be desirable (ASyl or CSMP)
- Strong communication skills (written and verbal)
- Good knowledge of EU and UK legislation for both aviation and rail relating to security
- Relevant training in security aspects
Work Experience
- Management experience preferably within aviation or rail security with knowledge of threat assessment, and crisis management planning
- Knowledge of the catering industry and preferably the airline/rail industries
- Knowledge of physical systems CCTV, Access control experience using x ray technology preferable.
About the Company:
Gate Gourmet is the world's largest independent provider of catering services for airlines and are the core business behind gategroup.
All applicants must have the right to work in the UK, undertake a CRC (Criminal Record Check) and provide 5 years of checkable referencing history. For anytime spent outside the UK exceeding 6 months, you must be able to provide a CRC (Criminal Record Check) for that country.
This advertiser has chosen not to accept applicants from your region.
3
Security Compliance Manager
Heathrow, London
Gategroup
Posted 11 days ago
Job Viewed
Job Description
Job Overview
As the Security Compliance Manager, you will be responsible for the coordination, implementation, and continuous improvement of security activities across the UK & Ireland. You will ensure compliance with corporate, local, and legislative security requirements while actively supporting the development and effectiveness of our Security Management Systems.
Main duties
- Conduct site visits to all Gate Group rail and aviation sites providing expert security advice and solutions.
- Complete site Risk Assessments and surveys. Generate a risk report for further analysis and review.
- Advise with the writing and publishing of the security programme for all elements of the business.
- Advise with any new unit set ups.
- Provide threat assessments and advice as required.
- Manage the incident reporting systems ensuring that security breaches and potential security breaches are identified and investigated.
- Provide guidance with new business initiatives, providing future proofed solutions which are industry leading.
- Prepare an annual audit schedule and conduct security audits for all sectors of the business.
- Conduct Supplier Audits as per the legal or business requirements and communicate the results to all relevant stakeholders.
- Create a monthly security report and send out to all stakeholders
Qualifications
Education
- A Security specific professional course would be desirable (ASyl or CSMP)
- Strong communication skills (written and verbal)
- Good knowledge of EU and UK legislation for both aviation and rail relating to security
- Relevant training in security aspects
Work Experience
- Management experience preferably within aviation or rail security with knowledge of threat assessment, and crisis management planning
- Knowledge of the catering industry and preferably the airline/rail industries
- Knowledge of physical systems CCTV, Access control experience using x ray technology preferable.
About the Company:
Gate Gourmet is the world's largest independent provider of catering services for airlines and are the core business behind gategroup.
All applicants must have the right to work in the UK, undertake a CRC (Criminal Record Check) and provide 5 years of checkable referencing history. For anytime spent outside the UK exceeding 6 months, you must be able to provide a CRC (Criminal Record Check) for that country.
This advertiser has chosen not to accept applicants from your region.
4
Security Compliance Engineer
£45000 - £85000 annum
Kuba
Posted 525 days ago
Job Viewed
Job Description
The Security Compliance Engineer is a crucial member of our security team, responsible for ensuring our organisation's adherence to PCI standards and other relevant security regulations. This role involves implementing and maintaining secure payment environments, managing key encryption and decryption processes, and providing technical guidance for security compliance projects. The ideal candidate will have a strong understanding of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and Amazon Web Services (AWS). They will also have excellent problem-solving skills, a hands-on approach to work, and the ability to communicate complex security concepts to a non-technical audience. Relevant certifications in information security and AWS are a plus.
We are a fast-growing SaaS company with offices in the UK, France, South Africa, Italy and the US. We believe that efficient public transport is key to delivering positive, sustainable change.
Kuba is in the transport sector, but we are a technology provider that enables Ticketing-as-a-Service (TaaS). We offer cutting-edge ticketing technology coupled with broad practical sector experience.
It's an exciting time to work at Kuba as we are accelerating into an incredible period of growth, and you'll have a chance to grow with us.
- Implement and maintain secure payment environments, including data encryption, secure networks, and secure transaction systems in compliance with PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS best practices.
- Conduct regular audits to ensure secure handling of cardholder data and compliance with PCI, AWS, and other relevant security standards.
- Develop and implement security policies and procedures related to data protection, network security, and incident management to ensure compliance with PCI standards, AWS best practices, and other relevant regulations.
- Manage key encryption and decryption processes, ensuring secure key management.
- Provide technical guidance and support for all security compliance projects.
- Collaborate with various teams to ensure security standards are met across all projects.
- Stay updated on the latest security standards, systems, and authentication protocols, including AWS security services and features.
- Participate in the creation and or maintenance of the Information Security Management System.
Requirements
- Proven experience in a technical role managing security compliance, preferably with a focus on PCI standards and AWS. Experience in roles such as Security Analyst, Security Engineer, or similar is preferred.
- Strong knowledge of PCI-DSS, PCI-PTS, PCI Software Security Framework, Secure Software Standard, Secure SLC Standard, and AWS.
- Expertise in key management, encryption/decryption processes, and AWS security services and features.
- Familiarity with various network architectures, cloud services, system management practices, process improvement strategies, and AWS infrastructure.
- Strong problem-solving skills and a hands-on approach to tackling challenges.
- Excellent communication skills, with the ability to explain complex security concepts to non-technical team members.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or AWS Certified Security - Specialty are a plus.
Benefits
Salary and benefits commensurate with position
This advertiser has chosen not to accept applicants from your region.
5
Information Security and Compliance Manager
Hampshire, South East
Gama Group Limited
Posted today
Job Viewed
Job Description
- Position: Information Security & Compliance Manager
- Location: Farnborough HQ
- Working Hours: Full-Time, 40 Hours per week
We are looking for a hands-on Information Security & Compliance Manager to take ownership of cyber security and data privacy across myairops. This role balances strategic oversight with practical, day-to-day security operations. Youll be central to maintaining our SOC 2 Type II a.
WHJS1_UKTJ
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security compliance Jobs in United Kingdom !
6
Security and Compliance Manager (London)
London, London
Deskpro
Posted 153 days ago
Job Viewed
Job Description
Deskpro, a leading provider of help desk software, is seeking a Security and Compliance Manager to join our team. As a Security and Compliance Manager at Deskpro, you will be responsible for ensuring the security and compliance of our software and systems, as well as implementing and enforcing policies and procedures to safeguard sensitive data.
We take security seriously, and we work with many enterprise and government clients. In this role, you will have the opportunity to make an impact and contribute to the continued success of Deskpro as a trusted provider of secure help desk solutions.
Responsibilities:
- Manage all existing security and compliance security policies, practices, procedures and systems
- Where required, develop and implement additional security policies, practices and procedures
- Ensure compliance with relevant industry standards and regulations
- Monitor and assess potential security risks and vulnerabilities
- Design and implement security controls, including authentication, encryption, and access controls
- Perform regular security audits and vulnerability assessments
- Engage with customers and prospects regarding custom security and compliance requests
- Conduct security incident response and investigations
- Educate and train employees on security best practices
- Maintain awareness of emerging security threats and solutions
- Collaborate with cross-functional teams to implement security measures
- Stay up-to-date with industry trends and best practices in security and compliance
Requirements
- Proven experience in a similar role, with a focus on security and compliance
- Deep knowledge of relevant industry standards and regulations (e.g., SOC 2, ISO 27001, GDPR, HIPAA)
- Strong understanding of security principles, technologies, and best practices
- Experience in developing and implementing security policies and procedures
- Familiarity with security tools and technologies, such as intrusion detection systems, firewalls, and data encryption
- Ability to assess and mitigate security risks
- Excellent communication and interpersonal skills
- Ability to work independently and collaboratively in a fast-paced environment
- Attention to detail and strong analytical skills
- Relevant certifications (e.g., CISSP, CISM, CRISC) are a plus
Benefits
Competitive benefits package including stock options. Specifics will be dependent on location (either London, UK or Austin, TX, USA).
This advertiser has chosen not to accept applicants from your region.
7
Lead_Analyst Information Security Governance Risk Compliance
PSI Services
Posted 2 days ago
Job Viewed
Job Description
**Description**
**Title:** Lead Analyst, Information, Security, Governance, Risk and Compliance
**Location:** Remote-UK
**Salary:** £60,000 / annually
**About PSI**
We are PSI Services. We power world leading tests. Delivered with trusted science and the very best test taker experience. PSI supports test-takers on their journey to pursuing dreams and gaining certifications that are important to them. They believe that their dreams are worth working for; that their dreams are worth the effort. And we believe that too. This is our core purpose, to empower people to achieve their dreams. We do this by being the best provider of workforce solutions, which foster both technology and science to deliver the best solutions for our test takers.
We are searching for top talent to join our PSI team and help grow our products and services. We have a creative, supportive and inclusive culture where we empower people in their careers to be their authentic self and make the most of their great talent.
At PSI, we are committed to helping people meet their potential and we believe that promoting diversity, equity and inclusion is critical to our success. That's why you'll find these ideals are intrinsic to our company culture and applied throughout the employee lifecycle.
Learn more about what we do at: the Role**
The Lead Analyst, Information Security - GRC plays a key role in supporting PSI's commitment to data security, privacy, and compliance. This role is responsible for driving core activities across quality, risk management, Information Security, data protection, and audit readiness to ensure the organization meets ISO, PCI, SOC 2, and other relevant standards. The position helps deliver assurance to stakeholders that PSI prioritizes the security and privacy of its data and systems.
This is a full-time, permanent role, Monday to Friday, with flexible working hours around a standard 09:00 - 17:30 schedule. The role reports to the Snr Director of Information Security, Governance, Risk and Compliance and may be performed remotely, with occasional travel to offices and test centres as required for audits and assessments.
**Role Responsibilities**
+ Act as the primary point of contact for implementing and maintaining the security GRC framework.
+ Collaborate with internal teams to support an integrated end-to-end GRC approach across the organization.
+ Collaborate with internal teams to ensure documentation of security control in the form of system architecture diagrams, data flow diagrams and Information System Continuity Plans are in place.
+ Maintain and update security policies, standards, procedures, and guidelines, ensuring they align with current business and IT practices.
+ Monitor and assess the effectiveness of security controls across business systems and processes.
+ Ensure alignment with client, regulatory, and internal compliance requirements.
+ Support the automation and continual improvement of GRC processes and tools.
+ Generate and present GRC-related metrics and reports to internal stakeholders and executive leadership.
+ Support and coordinate internal and external audits (e.g., ISO27001, SOC2, etc.), including gathering evidence and managing responses.
+ Assist in third-party and entity-level risk assessments, identifying and mitigating risks through effective controls.
+ Build and maintain cross-functional relationships with teams such as Legal, IT, Audit, Finance, and Business Operations to ensure GRC practices support overall business objectives.
+ Support ongoing compliance initiatives, including security incident reviews, risk memos, and policy exceptions.
+ Deliver training and awareness programs related to information security, policies, and best practices.
+ Participate in the development of operational reports, metrics dashboards, and trend analysis related to security and compliance activities.
+ Prepare and support audit plans and compliance documentation for internal or external stakeholders.
+ Conduct vetting for access to sensitive systems and data, including continuous monitoring and clearance reviews.
**Knowledge, Skills and Experience Requirements**
+ Experience working within, achieving and/or maintaining ISO standards such as ISO 27001, 9001, 14001 and 2000 (essential).
+ Experience in implementing and maintaining externally awarded certifications such as ISO27001 is essential.
+ Proficient with MS Office
+ Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) strongly recommended
+ Extensive training and experience in computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplines
+ Familiarity with OneTrust or ServiceNow GRC and Privacy tools desired
+ Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) desirable.
+ Experience in a fast-paced GRC/ISO function (desirable).
**Benefits & Culture**
At PSI, our culture is to be transparent and fair. That's why all of our roles have been benchmarked at a competitive rate against the local market they are based in. To be transparent all of our adverts now include the salary so you can see if we align with your expectations when looking for your next role.
In addition to a competitive salary, we offer a comprehensive benefits package and supportive culture when you join us. This includes:
+ 401k/Pension/Retirement Plan - with country specific employer %
+ Enhanced PTO/Annual Leave
+ Medical insurance - country specific
+ Dental, Vision, Life and Short-Term Disability for US
+ Flexible Spending Accounts - for the US
+ Medical Cashback plan covering vision, dental and income protection for UK
+ Employee Assistance Programme
+ Commitment and understanding of work/life balance
+ A culture of embracing wellness, including regular global initiatives
+ Access to supportive and professional mechanisms to help you plan for your future
+ Volunteer Day and a culture of giving back to our community and industry through volunteering opportunities
**Title:** Lead Analyst, Information, Security, Governance, Risk and Compliance
**Location:** Remote-UK
**Salary:** £60,000 / annually
**About PSI**
We are PSI Services. We power world leading tests. Delivered with trusted science and the very best test taker experience. PSI supports test-takers on their journey to pursuing dreams and gaining certifications that are important to them. They believe that their dreams are worth working for; that their dreams are worth the effort. And we believe that too. This is our core purpose, to empower people to achieve their dreams. We do this by being the best provider of workforce solutions, which foster both technology and science to deliver the best solutions for our test takers.
We are searching for top talent to join our PSI team and help grow our products and services. We have a creative, supportive and inclusive culture where we empower people in their careers to be their authentic self and make the most of their great talent.
At PSI, we are committed to helping people meet their potential and we believe that promoting diversity, equity and inclusion is critical to our success. That's why you'll find these ideals are intrinsic to our company culture and applied throughout the employee lifecycle.
Learn more about what we do at: the Role**
The Lead Analyst, Information Security - GRC plays a key role in supporting PSI's commitment to data security, privacy, and compliance. This role is responsible for driving core activities across quality, risk management, Information Security, data protection, and audit readiness to ensure the organization meets ISO, PCI, SOC 2, and other relevant standards. The position helps deliver assurance to stakeholders that PSI prioritizes the security and privacy of its data and systems.
This is a full-time, permanent role, Monday to Friday, with flexible working hours around a standard 09:00 - 17:30 schedule. The role reports to the Snr Director of Information Security, Governance, Risk and Compliance and may be performed remotely, with occasional travel to offices and test centres as required for audits and assessments.
**Role Responsibilities**
+ Act as the primary point of contact for implementing and maintaining the security GRC framework.
+ Collaborate with internal teams to support an integrated end-to-end GRC approach across the organization.
+ Collaborate with internal teams to ensure documentation of security control in the form of system architecture diagrams, data flow diagrams and Information System Continuity Plans are in place.
+ Maintain and update security policies, standards, procedures, and guidelines, ensuring they align with current business and IT practices.
+ Monitor and assess the effectiveness of security controls across business systems and processes.
+ Ensure alignment with client, regulatory, and internal compliance requirements.
+ Support the automation and continual improvement of GRC processes and tools.
+ Generate and present GRC-related metrics and reports to internal stakeholders and executive leadership.
+ Support and coordinate internal and external audits (e.g., ISO27001, SOC2, etc.), including gathering evidence and managing responses.
+ Assist in third-party and entity-level risk assessments, identifying and mitigating risks through effective controls.
+ Build and maintain cross-functional relationships with teams such as Legal, IT, Audit, Finance, and Business Operations to ensure GRC practices support overall business objectives.
+ Support ongoing compliance initiatives, including security incident reviews, risk memos, and policy exceptions.
+ Deliver training and awareness programs related to information security, policies, and best practices.
+ Participate in the development of operational reports, metrics dashboards, and trend analysis related to security and compliance activities.
+ Prepare and support audit plans and compliance documentation for internal or external stakeholders.
+ Conduct vetting for access to sensitive systems and data, including continuous monitoring and clearance reviews.
**Knowledge, Skills and Experience Requirements**
+ Experience working within, achieving and/or maintaining ISO standards such as ISO 27001, 9001, 14001 and 2000 (essential).
+ Experience in implementing and maintaining externally awarded certifications such as ISO27001 is essential.
+ Proficient with MS Office
+ Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) strongly recommended
+ Extensive training and experience in computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplines
+ Familiarity with OneTrust or ServiceNow GRC and Privacy tools desired
+ Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) desirable.
+ Experience in a fast-paced GRC/ISO function (desirable).
**Benefits & Culture**
At PSI, our culture is to be transparent and fair. That's why all of our roles have been benchmarked at a competitive rate against the local market they are based in. To be transparent all of our adverts now include the salary so you can see if we align with your expectations when looking for your next role.
In addition to a competitive salary, we offer a comprehensive benefits package and supportive culture when you join us. This includes:
+ 401k/Pension/Retirement Plan - with country specific employer %
+ Enhanced PTO/Annual Leave
+ Medical insurance - country specific
+ Dental, Vision, Life and Short-Term Disability for US
+ Flexible Spending Accounts - for the US
+ Medical Cashback plan covering vision, dental and income protection for UK
+ Employee Assistance Programme
+ Commitment and understanding of work/life balance
+ A culture of embracing wellness, including regular global initiatives
+ Access to supportive and professional mechanisms to help you plan for your future
+ Volunteer Day and a culture of giving back to our community and industry through volunteering opportunities
This advertiser has chosen not to accept applicants from your region.
8