Security Manager

GRC Specialist - Cloud Security, SOC 2 Compliance, Identity and Access Management

London - Competitive day rateA growing technology company transforming project delivery through precision and accountability is seeking a GRC Specialist to strengthen their security posture and drive SOC 2 Type II compliance across their cloud infrastructure and enterprise applications.The GRC Specialist''s responsibilities will be:Design and implement comprehensive identity lifecycle management including joiner/mover/leaver processes for SOC 2 evidence collection.Deploy and manage Privileged Identity Management (PIM) solutions with just-in-time access provisioning and approval workflows.Configure and maintain Conditional Access policies enforcing MFA, location restrictions, and device compliance requirements.Establish role-based access controls distinguishing between engineering, customer success, and administrative functions.Manage enterprise application security including centralised SSO for SaaS platforms (GitHub, Jira, Slack) and SCIM/SAML integrations.Conduct periodic access reviews for all systems and external integrations to maintain compliance standards.Implement comprehensive logging and reporting of privileged activities for audit trails and SOC 2 evidence.Align Azure RBAC with Infrastructure as Code practices and secure service principals and managed identities.Support SOC 2 Type II audit processes and maintain continuous compliance monitoring frameworks.The GRC Specialist will be expected to have experience with:Strong background in GRC frameworks, particularly SOC 2 Type II compliance and audit preparation.Deep expertise with Entra ID, Azure IAM, and cloud security architectures in enterprise environments.Hands-on experience with privileged access management, conditional access policies, and identity federation.Knowledge of SAML/SCIM integrations, enterprise SSO implementations, and SaaS security governance.Understanding of Infrastructure as Code security practices and Azure resource management.Experience with access governance tools and automated compliance monitoring solutions.Strong technical communication skills with ability to translate security requirements into business outcomes.Track record of implementing identity and access management solutions in growing technology companies.Are you a technically skilled GRC professional with SOC 2 compliance expertise looking to drive security transformation at an innovative project delivery platform? Please apply!Seniority level

Mid-Senior levelEmployment type

ContractJob function

Information TechnologyIndustries

Technology, Information and ..... full job details .....