The Role: Ready to take charge of enhancing security and driving compliance across the organization? As a GRC Analyst at Prezzee, you’ll play a pivotal role in supporting our security team’s governance, risk, and compliance efforts. You'll assist in the implementation and upkeep of essential security frameworks like ISO 27001, PCI DSS, ISO 42001, and Cyber Essentials. By identifying and managing risks, ensuring adherence to industry standards, and supporting security governance initiatives, you’ll help strengthen Prezzee’s security posture and safeguard its future success.

**What You'll Be Doing: **

Security Governance & Compliance

• Assist in the implementation and maintenance of security frameworks (ISO 27001, PCI DSS, ISO 42001, Cyber Essentials).
• Support compliance assessments, audits, user access reviews, and internal security reviews.
• Maintain security policies, standards, and procedures, ensuring they align with industry best practices and regulatory requirements.
• Collaborate with internal stakeholders to ensure security governance requirements are met.
• Track and manage security compliance metrics and reporting.
• Leverage AI-driven tools and automation to enhance security governance and compliance processes.

Risk Management

• Support risk assessments to identify, assess, and mitigate security risks.
• Maintain and update the risk register, ensuring risks are tracked and assigned appropriate treatment plans.
• Assist in third-party risk assessments, evaluating vendors' security postures.
• Work with security teams to implement risk mitigation strategies and track remediation efforts.
• Utilize AI and automation to enhance risk assessment and monitoring capabilities.

Security Awareness & Training

• Support the development and delivery of security awareness programs to promote a security-first culture.
• Assist in security training initiatives for employees and key stakeholders.
• Monitor and report on the effectiveness of security awareness programs.

Audit & Assurance

• Completion of security questionnaires, RFPs and security responses to provide customers assurance in Prezzee products and services.
• Assist in preparing for internal and external security audits, ensuring evidence collection and documentation is up to date.
• Support remediation efforts following audit findings, tracking corrective actions.
• Contribute to continuous improvement initiatives to enhance security controls and compliance measures.
• Implement AI-driven analytics to streamline audit preparation and compliance monitoring.

What We’re Looking For: Core Skills:

• 2+ years of experience in security governance, risk, and compliance (GRC) or related fields.
• Knowledge of ISO 27001, PCI DSS, ISO 42001, Cyber Essentials, and risk management frameworks.
• Experience conducting risk assessments and maintaining risk registers.
• Strong written and verbal communication skills for policy writing and reporting.
• Familiarity with security audit processes and third-party risk management.