Risk Analyst, Security GRC
United States
Plaid Inc.
Plaid helps companies build fintech solutions by making it easy, safe and reliable for people to connect their financial data to apps and services.
At Plaid, we're convinced that the way people interact with their finances will drastically improve in the coming years. We’re dedicated to empowering this transformation by building the tools that thousands of developers use to create their own products.
The Security Governance, Risk, and Compliance (GRC) team at Plaid is a cross-functional team responsible for enabling the business by mitigating risks and maintaining controls that ensure trust in the platform.
Plaid serves as the gateway for our customers to build, launch, and scale FinTech applications that democratize financial services. In this role, you will be primarily responsible for supporting Plaid’s customer oversight risk management activities from security, regulatory, and reputational perspectives. You will work closely with our GTM, Engineering, Legal, and Financial Access teams to ensure trust in the platform and protect the ecosystem.
The Security Governance, Risk, and Compliance (GRC) team at Plaid is a cross-functional team responsible for enabling the business by mitigating risks and maintaining controls that ensure trust in the platform.
Plaid serves as the gateway for our customers to build, launch, and scale FinTech applications that democratize financial services. In this role, you will be primarily responsible for supporting Plaid’s customer oversight risk management activities from security, regulatory, and reputational perspectives. You will work closely with our GTM, Engineering, Legal, and Financial Access teams to ensure trust in the platform and protect the ecosystem.
Responsibilities
- Engage with customers to gather necessary information to perform security reviews.
- Conduct high quality security and privacy risk assessments of customers within the ecosystem.
- Perform security and privacy assessments of Plaid’s vendors and partners.
- Develop and maintain internal frameworks, policies, and procedures to support a rapidly evolving customer oversight risk management function.
- Influence effective risk management strategies and monitor the progress of remediation efforts.
- Confidently represent Plaid’s security and privacy risk management practices to external stakeholders.
- Prepare and present reports on the security posture of onboarded customers to senior management and stakeholders.
Requirements
- Working knowledge of common security assurance and trust frameworks such as SOC 2, NIST CSF, ISO 27001, GLBA Safeguards, ISO 27701, and others.
- Prior experience working in GRC roles at an engineering-led SaaS, FinTech, or Cloud company.
- Experience performing security audits or gap assessments.
- Good understanding of common security risks and control domains that make up information security programs.
- Exceptional attention to detail, an eye for operational excellence, and the capacity to execute and iteratively improve operational processes.
- The ability to clearly articulate ideas, work effectively, and strategically collaborate cross-functionally with internal stakeholders.
What Excites You
- Having a significant impact on Plaid’s ecosystem and the overall future of financial services.
- Being part of a highly evolving and rapidly growing Security GRC team.
- Being a trusted partner for cross-functional teams on all matters related to security, privacy, assurance, and compliance.
- The opportunity to learn and grow as a security and privacy professional as part of a high-growth, industry-disruptive company.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
12
3
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits Cloud Compliance FinTech GLBA Governance ISO 27001 NIST Privacy Risk assessment Risk management SaaS SOC SOC 2
Perks/benefits: Startup environment Team events
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Specialist jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer jobsCloud Security Architect jobsChief Information Security Officer jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsSecurity Consultant jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCybersecurity Consultant jobsSenior Information Security Engineer jobsInformation System Security Officer (ISSO) jobsThreat Intelligence Analyst jobs
SaaS jobsSDLC jobsMalware jobsEncryption jobsRMF jobsForensics jobsSQL jobsGDPR jobsIPS jobsSplunk jobsIDS jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsTerraform jobsBash jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsGIAC jobsDocker jobsCompTIA jobsIntrusion detection jobs
TCP/IP jobsBanking jobsSANS jobsThreat detection jobsData Analytics jobsActive Directory jobsPolygraph jobsCCSP jobsOSCP jobsClearance Required jobsCyber defense jobsVPN jobsIT infrastructure jobsJavaScript jobsSOC 2 jobsAnsible jobsSOX jobsDNS jobsSOAR jobsJira jobsGCIH jobsSecurity strategy jobsOracle jobsNIST 800-53 jobsCryptography jobs