Risk Analyst - Security GRC

At Plaid we're convinced that the way people interact with their finances will drastically improve in the coming years. We’re dedicated to empowering this transformation by building the tools that thousands of developers use to create their own products.

The Security Governance Risk and Compliance (GRC) team at Plaid is a cross-functional team responsible for enabling the business by mitigating risks and maintaining controls that ensure trust in the platform.

Plaid serves as the gateway for our customers to build launch and scale FinTech applications that democratize financial services. In this role you will be primarily responsible for supporting Plaid’s customer oversight risk management activities from security regulatory and reputational perspectives. You will work closely with our GTM Engineering Legal and Financial Access teams to ensure trust in the platform and protect the ecosystem.

Responsibilities

• Engage with customers to gather necessary information to perform security reviews.

• Conduct high quality security and privacy risk assessments of customers within the ecosystem.

• Perform security and privacy assessments of Plaid’s vendors and partners.

• Develop and maintain internal frameworks policies and procedures to support a rapidly evolving customer oversight risk management function.

• Influence effective risk management strategies and monitor the progress of remediation efforts.

• Confidently represent Plaid’s security and privacy risk management practices to external stakeholders.

• Prepare and present reports on the security posture of onboarded customers to senior management and stakeholders.

Requirements

• Working knowledge of common security assurance and trust frameworks such as SOC 2 NIST CSF ISO 27001 GLBA Safeguards ISO 27701 and others.

• Prior experience working in GRC roles at an engineering-led SaaS FinTech or Cloud company.

• Experience performing security audits or gap assessments.

• Good understanding of common security risks and control domains that make up information security programs.

• Exceptional attention to detail an eye for operational excellence and the capacity to execute and iteratively improve operational processes.

• The ability to clearly articulate ideas work effectively and strategically collaborate cross-functionally with internal stakeholders.

What Excites You

• Having a significant impact on Plaid’s ecosystem and the overall future of financial services.

• Being part of a highly evolving and rapidly growing Security GRC team.

• Being a trusted partner for cross-functional teams on all matters related to security privacy assurance and compliance.

• The opportunity to learn and grow as a security and privacy professional as part of a high-growth industry-disruptive company.

$99360 - $125280 a year

Target base salary for this role is between $99360 and $125280 per year. Additional compensation in the form(s) of equity and/or commission are dependent on the position offered. Plaid provides a comprehensive benefit plan including medical dental vision and 401(k). Pay is based on factors such as (but not limited to) scope and responsibilities of the position candidate's work experience and skillset and location. Pay and benefits are subject to change at any time consistent with the terms of any applicable compensation or benefit plans.