Risk Analyst - Security Compliance

At Plaid, our mission is to unlock financial freedom for everyone.  There has never been a better time than now to start building the future of fintech with us. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, and Betterment, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Salt Lake City, Washington D.C., London and Amsterdam. #LI-Remote
The Security Compliance team at Plaid is a cross functional team whose responsibility is to enable the business by mitigating security and privacy risks by maintaining controls that ensure trust in the platform. Plaid is looking for a Risk Analyst to help us enhance our security governance, risk and compliance functions. Plaid sits in the middle of this ecosystem, and we are the gateway used by our customers to build, launch, and scale fintech applications that democratize financial services. In this position, you will be responsible for helping Plaid scale our security compliance activities by performing security reviews of our customers  and vendors, in addition to supporting Plaid’s customers and financial institutions’ request for information (RFI) on Plaid’s security posture

What excites you

• Having a significant impact on Plaid’s ecosystem and the overall future of financial services.
• Being part of a highly evolving and rapidly growing security compliance team.
• Being a trusted partner for cross functional teams on all matters related to security, assurance, and compliance.
• The opportunity to learn and grow as a security and privacy professional as part of a high growth, industry disruptive company.

What excites us

• Working knowledge of security assurance and trust frameworks (AICPA Trust Service Criteria, NIST CSF, ISO27001, ISO27018, ISO27701, CSA STAR, etc.)
• Ability to ship high quality: (1) security and privacy compliance assessments of customers in the ecosystem, (2) security and privacy assessments of Plaid vendors, and (3) responses to Requests For Information (RFIs) from customers and financial institutions
• Ability to clearly articulate, work effectively, and strategically collaborate cross functionally with internal stakeholders.
• Confidently representing Plaid’s security and privacy posture with internal and external stakeholders.
• Exceptional attention to detail, an eye for operational excellence, and the capacity to execute and iteratively improve operational processes.
• Support the measurement and monitoring of security/privacy controls by using modern GRC automation tools, compliance-as-code or by building data driven dashboards
• Good understanding of security risk management and product development process and control domains that make up information security programs.
• Prior experience working in security and compliance at an engineering-led SaaS/fintech/cloud company

Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at accommodations@plaid.com.
Please review our Candidate Privacy Notice here.