Security Compliance Professional (GRC)

Your Role in Our Mission

Prosper is seeking a detail-oriented, highly motivated, and automation-focused security compliance professional to support, promote, and further mature the company’s Governance, Risk, and Compliance (GRC) program. This position involves integrating standard GRC practices (PCI DSS, NIST, SOC 1/2) with a technical mindset, leveraging GRC platforms, scripting, and AI tools to automate manual compliance workflows, audit trails, and data gathering. You will utilize strong analytical and technical skills to identify security gaps and build efficient, scalable processes. We are looking for self-driven candidates eager to join an innovative FinTech company dedicated to improving customers' financial well-being.

How You’ll Make an Impact:

• Automated Compliance Monitoring: Review, audit, and monitor security compliance programs against frameworks like PCI-DSS, NIST CSFv2, and SOC 1/2, using automation tools for continuous control health assessment.
• Process Optimization & AI Integration: Identify opportunities to leverage AI tools and LLMs for accelerated risk assessments, summarizing regulatory requirements, and streamlining process improvements.
• Code-Assisted Evidence Collection: Lead and automate evidence collection for external audits (SOC 1, PCI Level 1), reducing manual overhead for engineering and product teams.
• Identity & Access Management (IAM): Oversee user access management and quarterly reviews, exploring automation for provisioning audits and anomaly detection.
• Cross-Functional Collaboration: Build and maintain positive relationships with engineering, DevOps, and product stakeholders to integrate compliance into CI/CD pipelines and cloud infrastructure.

Skills That Will Help You Thrive:

• Education: B.S. degree in Computer Science, Information Systems, Cyber Security, or a related technical field.
• Experience: 5–7 years of GRC or Security Engineering experience, preferably in SaaS, FinTech, or Cloud-native environments.
• Cloud Security Compliance: Solid understanding of AWS, Azure, or GCP compliance.
• Technical & Scripting Skills: Hands-on experience with command line and scripting languages (Python, Bash, Powershell, etc.) for log parsing, API querying, and automating GRC tasks.
• AI Savvy: Familiarity with AI productivity tools, prompt engineering, or LLMs for documentation, drafting, or data analysis.
• Framework Fluency: Experience with security standards/frameworks such as PCI-DSS, NIST (800-53/CSF), and SOC 1/2 Type II.
• Soft Skills: Ability to clearly articulate technical risk to non-technical stakeholders and collaborate effectively cross-functionally.
• Certifications: CISSP, CISA, CISM, CCSP, or similar security certifications are a plus.

Resources to Help You Prosper:

• A Connected Experience: High-touch collaboration and flexibility, with digital-first tools and an intentional culture supporting remote, hybrid, and in-office work.
• Invested in Your Future: Competitive salary and a 401(k) with a 5% company match.
• Holistic Well-being: Flexible time off, paid parental leave, annual wellness allowance, and comprehensive health coverage.
• Professional & Personal Growth: Access to Udemy, childcare assistance, pet insurance, and other savings through Beneplace.

Compensation: $136,000 - $169,000 annually, plus bonus and generous benefits. Salary will be determined by location, experience, and other job-related factors.

Note: Prosper may use AI tools to assist in the hiring process, such as reviewing applications and analyzing resumes. These tools assist the recruitment team but do not replace human judgment.