Security Engineer, GRC
We believe that the way people interact with their finances will drastically improve in the next few years. We’re dedicated to empowering this transformation by building the tools and experiences that thousands of developers use to create their own products. Plaid powers the tools millions of people rely on to live a healthier financial life. We work with thousands of companies like Venmo, SoFi, several of the Fortune 500, and many of the largest banks to make it easy for people to connect their financial accounts to the apps and services they want to use. Plaid’s network covers 12,000 financial institutions across the US, Canada, UK and Europe. Founded in 2013, the company is headquartered in San Francisco with offices in New York, Washington D.C., London and Amsterdam.
The Security Governance, Risk, and Compliance (GRC) team is part of Plaid’s security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood and impact of security risks while operating a robust assurance program that builds trust with our customers, consumers, and data partners. We partner closely across the company to ensure Plaid’s platform remains secure, resilient, and aligned with industry and regulatory expectations.
As a Security Engineer on the GRC team, you will own our GRC automation roadmap—developing and implementing strategies to detect drift from expected security baselines and audited controls. You will collaborate with GRC team members to accelerate workstreams by automating processes across audits, vendor management, risk assessments, security training, and more. Beyond automation, you’ll conduct in-depth, data-driven risk and control assessments that influence critical decisions across the company. Your work will directly impact Plaid’s ability to prevent future incidents and build trust.
This role is perfect for you if:
-You enjoy solving complex engineering problems at the intersection of security, risk, and compliance.
-You’re passionate about automation and building workflows that reduce manual effort while increasing assurance.
-You thrive in a collaborative environment, working across engineering, product, and security teams.
-You have a curious mindset with a drive to explore how security controls can fail or be bypassed.
- Deploy and configure AI tools to drive efficiency across GRC processes.
- Automate evidence collection, control testing, and compliance monitoring across cloud and internal systems.
- Build integrations and Slack bots using APIs/webhooks to streamline GRC workflows.
- Develop dashboards and SQL-driven reports to surface meaningful risk and compliance metrics.
- Write detection logic to alert on security control drift or misconfigurations.
- Perform security risk assessments and recommend mitigation strategies using a data-informed approach.
- Support the buildout of continuous control monitoring infrastructure.
- Strong foundation in core security concepts (e.g., authentication, encryption, logging, access control).
- Hands-on experience with AWS and understanding of cloud-native security controls.
- Proficiency with scripting languages (e.g., Python) and building integrations via APIs/webhooks.
- Strong SQL skills and experience with dashboards or data visualization tools.
- Experience writing rules or logic for compliance drift detection.
- Ability to work independently and cross-functionally, with strong prioritization skills.
- Nice to have:Exposure to security incident response and triage processes.
- Degree in Computer Science, Cybersecurity, or a related field.
- Hands-on experience with Infrastructure as Code (IaC) and configuring cybersecurity tools.
Our mission at Plaid is to unlock financial freedom for everyone. To support that mission, we seek to build a diverse team of driven individuals who care deeply about making the financial ecosystem more equitable. We recognize that strong qualifications can come from both prior work experiences and lived experiences. We encourage you to apply to a role even if your experience doesn't fully match the job description. We are always looking for team members that will bring something unique to Plaid!
Plaid is proud to be an equal opportunity employer and values diversity at our company. We do not discriminate based on race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state, and local laws. Plaid is committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance with your application or interviews due to a disability, please let us know at accommodations@plaid.com.
Please review our Candidate Privacy Notice here.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Join Plaid as a Security Engineer on the GRC team, where your expertise will play a key role in empowering financial innovation. Based in San Francisco, Plaid is at the forefront of creating tools that enable developers to connect financial accounts seamlessly with applications. In this role, you'll be responsible for managing our GRC automation roadmap, which means you'll develop strategies to maintain security standards while streamlining processes for audits, vendor management, and risk assessments. You’ll have the chance to collaborate with multidisciplinary teams, leveraging your skills to enhance our security posture through automation—think building integrations and using AI tools to increase efficiency. You'll conduct deep data-driven risk assessments, ensuring that your findings help make informed decisions that ripple through the organization. If you have a passion for solving complex engineering challenges at the convergence of security, risk, and compliance, this could be a perfect fit for you. With a dynamic and collaborative atmosphere, Plaid encourages you to think outside the box, experiment with workflows, and explore security vulnerabilities. Bring your curiosity and your knack for security tech to create a safer financial ecosystem for everyone with Plaid.
Plaid seeks a Senior Business Operations professional to enhance efficiency and operational performance in its Credit product area.
Join Plaid as an Account Manager where you'll manage vital client relationships and empower them to create impactful financial applications.
BBVA seeks a Líder de Infraestructura to lead high-complexity infrastructure solutions and project management in a dynamic banking environment.
Join Peraton as an AWS Cloud Engineer to provide Tier 3 support for cutting-edge government technology in a fully remote environment.
Join BNY as a Vice President of Production Services to enhance operational stability and drive automation in a dynamic financial services environment.
Saviynt seeks an experienced Director of Information Security to advance their FedRAMP compliance strategies in a dynamic, remote environment.
Seeking a Manager of ERP Systems to lead technology implementations and cultivate team performance in a hospital environment.
Seeking a skilled Oracle HCM EBS Techno-Functional Consultant proficient in supporting and enhancing HCM solutions in a fully remote environment.
Join AECOM as an Information & Communication Technologies (ICT) Consultant to advance innovative ICT infrastructure projects globally.
Plaid’s mission is to unlock financial freedom for everyone.
121 jobs
Subscribe to Rise newsletter
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
Sign up for our weekly
newsletter of fresh jobs
