See how to add and remove a user from a SharePoint group with this end user SharePoint Tutorial.
SharePoint offers by default a lot of different settings regarding security and permissions. First there are objects that need to be secured like documents and list items, lists and libraries itself as well as sites, whole site collections or just configurations settings and files.
Second you need to know who has access to these secured objects. Often people come up with a highly complex matrix and other things but the goal is to keep things as simple as possible since the management of permissions can easily become confusing. Usually each company already has security groups in Active Directory which can be reused.
Example: When a user joins or leaves a company this user is already managed in Active Directory. If you put Active Directory groups in SharePoint groups the change will be reflected inside SharePoint without additional effort. In most cases it's simple and sufficient to rely on both types of groups.
Third you need to define which actions a user (or group) should be able to perform and therefore you have a permission that allows user to do something. Single permissions are grouped to permission levels and they are assigned to e.g. SharePoint groups or single AD users if you need to.
How to add users to a SharePoint security group
Go to site actions and click site permissions. There you can add new users and grant permission.