This range is provided by Prism Digital. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

OverviewHelp shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience.

You’ll focus on third-party security assessments, metrics reporting, and supporting certification frameworks including ISO27001 and SOC2. Expect close collaboration across risk, technology and compliance stakeholders. All while operating at pace, with visibility and trust from the top down.

What you’ll bring:

3+ years

in an InfoSec or IT security role within a regulated or financial firm

Security certifications:

SSCP, Security+, or equivalent

Strong GRC foundation:

Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc.

Comfortable with security tooling and metrics-driven reporting

Confident communicator:

Translate acronyms into action, and engage stakeholders with clarity and purpose

Ethical mindset:

understand when to escalate, when to challenge, and how to own your area

What you’ll be doing:

ISO27001 and SOC2 governance:

day-to-day support of the ISMS, remediation tracking, risk reviews

Third-party risk assessments:

conduct supplier security reviews aligned to appetite and regulatory frameworks

Security awareness training:

drive phishing simulations and curate internal content via Proofpoint

BAU InfoSec operations:

ticket triage, KPI reporting, risk dashboards, vulnerability and patch monitoring

Compliance tooling:

operate and report using platforms like Protecht, Panorays, Rapid7, and Armis

Banking enablement:

key InfoSec input into a major new market launch

Panorays

– Third-party risk management

Rapid7, Armis

– Vulnerability and asset visibility

Proofpoint

– Phishing simulations and awareness content

Microsoft Purview

– Data governance and policy enforcement

Azure (beneficial)

– Cloud IAM, logging, and security monitoring

Why this role?

High-impact GRC project work tied to new market expansion

Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership

A clear opportunity to stretch across awareness, compliance, and operational domains

Seniority level

Associate

Employment type

Full-time

Job function

Analyst and Consulting

Industries

Financial Services and Banking

#J-18808-Ljbffr