CrawlJobs Logo
Plaid Logo Plaid · IT - Administration

Security GRC Manager

United States, New York 166800.00 - 282000.00 USD / Year · Job Posted January 07, 2026
Apply Position
Job Link Share

Job Description

We enable Plaid to quickly build safe and secure products while ensuring that Plaid's users, data, and infrastructure remains protected. The Security GRC team at Plaid is responsible for reducing the likelihood and impact of the highest risks to the business. We unblock the business by proactively identifying, assessing, and reducing security risks without slowing down product delivery. We reduce security incidents through strong governance, effective controls, and informed risk decisions. We maintain an assurance program that demonstrates security maturity to our key stakeholders. We enable the business to prioritize mitigations that matter the most to our customers, consumers, and data partners. We unblock revenue and partnerships opportunities through efficient, high quality security reviews and audits. We design controls that scale with our business, with a strong bias towards automation and continuous assurance. We partner closely across the entire organization to embed security and risk management into critical workflows. We act as trusted advisors that raise the security bar while enabling innovation, experimentation, and velocity. You will help lead and evolve our Security Governance, Risk, and Compliance program to unblock the next phase of Plaid’s growth. You will report directly to the CISO, and manage a team of ICs responsible for security assurance, compliance operations, and technology risk management. You will be a trusted partner to customer-facing cross-functional teams and product teams across different product areas.

Job Responsibility

  • Own Plaid's Security GRC strategy and roadmap
  • Lead and scale the Security GRC team
  • Run the Compliance and Assurance programs
  • Build internal and external customer and partner trust
  • Accelerate GRC workflows through automation

Requirements

  • Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
  • Hands on experience translating framework requirements into practical and testable control objectives
  • Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling
  • Cloud-Native security controls and architecture literacy
  • Direct customer facing security and trust assurance experience, and stakeholder management
  • Direct auditor facing experience through scoping, evidence collection, testing, and remediations
  • Direct experience building and deploying control automations
  • Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training

Nice to have

Prior experience in FinTech

What we offer

  • medical
  • dental
  • vision
  • 401(k)
Plaid - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security GRC Manager

8 matching positions

Security GRC Manager

Hex is looking for our first Security GRC Manager to build, scale, and own our s...
Location
Location
United States
Salary
Salary:
182000.00 - 295000.00 USD / Year
hex.tech Logo
Her
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years in GRC, compliance, security engineering, privacy, audit, or a related field
  • Deep familiarity with frameworks such as SOC 2, ISO 27001, ISO 27701, PCI DSS, HIPAA, GDPR, and associated security controls
  • Experience running or contributing significantly to audit cycles and certification processes
  • Technical literacy in cloud-native environments (AWS preferred), SaaS architectures, and modern security tooling
  • Ability to understand and explain product architecture, data flows, and control implementations to auditors and customers
  • Experience building or maturing GRC programs at a high-growth company
  • Strong project/program management skills
  • Comfort creating order out of ambiguity
  • Exceptional communicator with the ability to translate complex topics into clear, concise, customer-ready language
  • Strong stakeholder management skills
Job Responsibility
Job Responsibility
  • Own and mature Hex’s security and privacy compliance program across SOC 2, ISO 27001, ISO 27701, HIPAA, GDPR, CCPA, PCI DSS, and other frameworks relevant to our business
  • Ensure continuous audit readiness
  • Track regulatory and industry changes
  • Maintain and develop core security policies, standards, and procedures
  • Own Hex’s risk management lifecycle
  • Build lightweight but effective governance processes
  • Partner with Engineering and Security to ensure technical controls map appropriately to compliance requirements
  • Serve as the primary owner of customer and prospect security questionnaires, risk assessments, and contractual security provisions
  • Manage and improve Hex’s Trust Center / trust portal
  • Collaborate with Sales, Customer Success, and Legal on security-related deal support
What we offer
What we offer
  • Competitive total rewards package
  • Market-benched salary & equity
  • Comprehensive health benefits
  • Flexible paid time off
  • Fulltime
Read More
Arrow Right

Security GRC Manager

We enable Plaid to quickly build safe and secure products while ensuring that Pl...
Location
Location
United States , San Francisco
Salary
Salary:
166800.00 - 282000.00 USD / Year
plaid.com Logo
Plaid
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
  • Hands on experience translating framework requirements into practical and testable control objectives
  • Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling
  • Cloud-Native security controls and architecture literacy
  • Direct customer facing security and trust assurance experience, and stakeholder management
  • Direct auditor facing experience through scoping, evidence collection, testing, and remediations
  • Direct experience building and deploying control automations
  • Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training
Job Responsibility
Job Responsibility
  • Own Plaid's Security GRC strategy and roadmap
  • Lead and scale the Security GRC team
  • Run the Compliance and Assurance programs
  • Build internal and external customer and partner trust
  • Accelerate GRC workflows through automation
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401(k)
  • equity
  • commission
  • Fulltime
Read More
Arrow Right

AI Project / Product Manager - Security / GRC

We have a 6 - 12 month+ contract position for an AI Project / Product Manager wi...
Location
Location
United States , St Louis
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • AI and IT Integrations Experience
  • Technical fluency to engage with AI / DSPM conversations
  • Business analyst / project manager mindset
  • Ability to understand and translate strategy
  • Partner with leaders, vendor, engineering, security, and GRC
  • Drive clarity, alignment, prioritization, and delivery
  • Produce BA/PM artifacts (requirements, roadmaps, dependencies, risks)
  • Work with the vendor
  • Bachelor’s degree in Business, IT, Cybersecurity, Data Analytics, or related field (or equivalent experience)
  • Exposure to AI, machine learning, or LLM-enabled solutions in an enterprise environment (required)
Job Responsibility
Job Responsibility
  • Lead end-to-end planning, execution, and delivery of AI Intelligence Layer initiatives supporting DSPM and data protection objectives
  • Translate strategic data protection and AI objectives into clear roadmaps, priorities, and delivery plans
  • Drive cross-functional alignment across business, security, engineering, GRC, and vendor teams
  • Partner with vendors throughout the lifecycle
  • Produce and maintain key program artifacts
  • Support requirements gathering and refinement
  • Facilitate prioritization and decision-making
  • Ensure solutions meet enterprise governance, risk, and compliance standards
  • Provide ongoing program oversight
  • Act as the primary coordinator across SDLC, security governance, and deployment processes
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
  • Fulltime
Read More
Arrow Right
New

SAP Application Analyst (Security & GRC)

We are seeking an SAP Application Analyst to support system security, access man...
Location
Location
United States , Madison
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in SAP application support, security, or GRC
  • Experience with SAP GRC (Access Control, Risk Analysis, Emergency Access)
  • Understanding of SAP S/4 and general business processes
  • Strong communication skills and ability to work with non-technical stakeholders
  • Bachelor's degree or equivalent experience
Job Responsibility
Job Responsibility
  • Manage and maintain SAP user access and security roles
  • Monitor and resolve segregation of duties (SoD) risks
  • Partner with audit and compliance teams to meet regulatory requirements
  • Support SAP GRC processes, including access controls and risk analysis
  • Maintain security policies, procedures, and documentation
  • Assist with system testing and validation of security controls
  • Support ongoing system enhancements and projects
  • Fulltime
Read More
Arrow Right
New

Grc Security Officer

Location
Location
United Kingdom , Warwickshire
Salary
Salary:
Not provided
whitehallresources.com Logo
Whitehall Resources Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in Issue Management
  • Lead on the provision of cyber security compliance advice to the customer GRC lead through collaborative review of their design approach and delivery projects to minimise the risk of non-compliance with internal and regulatory standards
  • Advise on the implementation of information/cyber security measures across projects by identifying information/cyber security goals and objectives consistent with customer objective
  • Challenge the scope of the project /deployment with regards to business value and best practice
  • Ensure project are aligning with internal policies and industry standards including NIS Directives, NIST800-53, NCSC CAF, ISO27001
  • Knowledge of IEC62443 controls
  • Experience within the Energy sector preferred but other sectors considered
Job Responsibility
Job Responsibility
  • Provide governance and leadership of resources engaged on the project
  • Advise on the development of specific information security policies, procedures, guidelines and processes in consultation with stakeholders
  • Attend project Meetings and Security Working Groups as required
  • Review and monitor planned activities to ensure full compliance with internal and regulatory policy
  • Assist the Service lead in complying with administrative and team tasks in support of the project
Read More
Arrow Right

Senior GRC Security Consultant

Senior GRC Security Consultant The Opportunity We are currently partnering wit...
Location
Location
United Kingdom
Salary
Salary:
350.00 - 600.00 GBP / Day
myn.co.uk Logo
Myn
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in Governance, Risk, and Compliance (GRC) within an information security context
  • Strong knowledge of industry-standard security frameworks such as ISO 27001, NIST, or NCSC CAF
  • Extensive experience conducting security risk assessments, gap analyses, and risk treatment planning
  • Proficiency in managing audit lifecycles, including evidence collection and remediation tracking
  • Ability to develop and maintain comprehensive security policies, standards, and procedures
  • Strong stakeholder management skills with the ability to communicate technical risk to business audiences
  • Experience in client-facing consultancy or cross-functional internal advisory roles
Job Responsibility
Job Responsibility
  • Taking ownership of assessing organisational security posture against industry-standard frameworks
  • Managing full audit lifecycles
  • Ensuring regulatory compliance across complex environments
  • Conducting comprehensive risk assessments and gap analyses
  • Developing robust security policies
  • Collaborating with cross-functional teams to embed security controls into core business operations
Read More
Arrow Right

SAP Security & GRC Consultant

Deep experience in SAP Application Security, GRC Experience in HANA DB roles, oD...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep experience in SAP Application Security, GRC
  • Experience in HANA DB roles, oDATA Roles and Fiori roles, SAP DWC and SAC roles
  • Good understanding of SAP application security implementation methodologies, role-based access controls, and application threats
  • User Administration using SAP Standard TCode, CUA, CUP, ARM, or IDM
  • Role Management. (Create new user, change role, role simulations)
  • Manage GRC roles with modules (ARA, ARM, UAR EAM, SoDR)
  • Perform L1 L3 support for SAP Application Security, GRC (ARA, ARM, UAR EAM, SoDR)
  • Ability to handle sev1 and major incidents and provide resolution within SLA
  • Ability to identify and communicate issues/risks to the team lead or end user to facilitate timely resolution
  • Work independently on standard SAP authorization tasks
Job Responsibility
Job Responsibility
  • User Administration using SAP Standard TCode, CUA, CUP, ARM, or IDM
  • Role Management (Create new user, change role, role simulations)
  • Manage GRC roles with modules (ARA, ARM, UAR EAM, SoDR)
  • Perform L1 L3 support for SAP Application Security, GRC (ARA, ARM, UAR EAM, SoDR)
  • Ability to handle sev1 and major incidents and provide resolution within SLA
  • Ability to identify and communicate issues/risks to the team lead or end user to facilitate timely resolution
  • Work independently on standard SAP authorization tasks
  • Manage and coordinate SAP outages and weekend outages
  • Support SAP audit and compliance activities
  • Scheduling BG Jobs
  • Fulltime
Read More
Arrow Right

Senior Manager, Security Engineering

The Security Engineering team at Fullstory ensures that engineering teams across...
Location
Location
United States
Salary
Salary:
Not provided
fullstory.com Logo
Fullstory
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Has full-time people leadership experience in a similar type of team
  • Has experience owning, planning, and executing business-level security initiatives
  • Experience building sustainable security programs with an emphasis on customer service, partnership, and enablement of software engineering and business stakeholders
  • Experience participating in security architecture, risk management, vendor diligence, threat analysis, and other dimensions of technical expertise to support team initiatives
  • Experience directly managing security vendor relationships, project scoping, deployment, etc.
  • Ability to leverage AI tools to enhance work quality and accelerate timelines by implementing AI solutions that optimize efficiency
Job Responsibility
Job Responsibility
  • Lead a team of application and cloud security engineers, including strategy and mentorship
  • Enable our partners, such as Security GRC and Legal, in supporting business outcomes
  • Create paved roads, with a focus on automation, to speed up secure-engineering practices
  • Own and maximize investments in third-party security services, consultants, and technologies
  • Run incident response investigations in collaboration with Legal and external security firms
  • Advise peer leaders on cross-business initiatives and product strategy on security and risk
What we offer
What we offer
  • Flexible PTO policy
  • Annual company-wide closure
  • Federal holidays
  • Sponsored benefit packages for US-based Fullstorians
  • Supplemental coverage options for international Fullstorians
  • Professional development opportunities through training programs
  • Annual learning subsidy for US and EMEA-based employees
  • Monthly productivity stipend for US and EMEA-based Fullstorians
  • Team off-sites
  • Annual full-company meet-up
  • Fulltime
Read More
Arrow Right