Security GRC Manager
Plaid
full-time
Posted on:
Location Type: Hybrid
Location: New York City • New York • 🇺🇸 United States
Visit company websiteSalary
💰 $166,800 - $282,000 per year
Job Level
Mid-LevelSenior
Tech Stack
Cloud
About the role
- Own Plaid's Security GRC strategy and roadmap.
- Lead and scale the Security GRC team.
- Run the Compliance and Assurance programs.
- Build internal and external customer and partner trust.
- Accelerate GRC workflows through automation.
Requirements
- Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
- Hands on experience translating framework requirements into practical and testable control objectives.
- Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling.
- Cloud-Native security controls and architecture literacy.
- Direct customer facing security and trust assurance experience, and stakeholder management.
- Direct auditor facing experience through scoping, evidence collection, testing, and remediations.
- Direct experience building and deploying control automations.
- Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training.
Benefits
- medical
- dental
- vision
- 401(k)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security GRC programsSSAE18SOC1SOC2ISO 27001SOX 404 ITGCsNIST CSFNIST 800-53quantitative risk analysisFAIR
Soft skills
stakeholder managementcustomer trust buildingteam leadershipcommunication