GRC Analyst at Prezzee

Prezzee is seeking a GRC Analyst to enhance security and drive compliance across the organization. The GRC Analyst will support the security team's governance, risk, and compliance efforts.

The role involves:

• Assisting in the implementation and maintenance of security frameworks (ISO 27001, PCI DSS, ISO 42001, Cyber Essentials).
• Supporting compliance assessments, audits, user access reviews, and internal security reviews.
• Maintaining security policies, standards, and procedures.
• Supporting risk assessments to identify, assess, and mitigate security risks.
• Assisting in third-party risk assessments, evaluating vendors' security postures.
• Supporting the development and delivery of security awareness programs.
• Assisting in preparing for internal and external security audits.

Requirements:

• 2+ years of experience in security governance, risk, and compliance (GRC) or related fields.
• Knowledge of ISO 27001, PCI DSS, ISO 42001, Cyber Essentials, and risk management frameworks.
• Experience conducting risk assessments and maintaining risk registers.
• Strong written and verbal communication skills for policy writing and reporting.
• Familiarity with security audit processes and third-party risk management.

Prezzee offers:

• Incentive schemes based on company-wide targets and individual performance.
• Employee referral program and staff discounts.
• Flexible hours, Culture Swap Days, and 30-day work-from-anywhere benefit.
• Opportunities for professional growth through self-led learning and leadership development programs.
• Supportive wellbeing platform (Telus) for your mental, social, financial, and physical wellbeing.