CrawlJobs Logo

Security GRC Manager

plaid.com Logo

Plaid

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

166800.00 - 282000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We enable Plaid to quickly build safe and secure products while ensuring that Plaid's users, data, and infrastructure remains protected. The Security GRC team at Plaid is responsible for reducing the likelihood and impact of the highest risks to the business. We unblock the business by proactively identifying, assessing, and reducing security risks without slowing down product delivery. We reduce security incidents through strong governance, effective controls, and informed risk decisions. We maintain an assurance program that demonstrates security maturity to our key stakeholders. We enable the business to prioritize mitigations that matter the most to our customers, consumers, and data partners. We unblock revenue and partnerships opportunities through efficient, high quality security reviews and audits. We design controls that scale with our business, with a strong bias towards automation and continuous assurance. We partner closely across the entire organization to embed security and risk management into critical workflows. We act as trusted advisors that raise the security bar while enabling innovation, experimentation, and velocity. You will help lead and evolve our Security Governance, Risk, and Compliance program to unblock the next phase of Plaid’s growth. You will report directly to the CISO, and manage a team of ICs responsible for security assurance, compliance operations, and technology risk management. You will be a trusted partner to customer-facing cross-functional teams and product teams across different product areas.

Job Responsibility:

  • Own Plaid's Security GRC strategy and roadmap
  • Lead and scale the Security GRC team
  • Run the Compliance and Assurance programs
  • Build internal and external customer and partner trust
  • Accelerate GRC workflows through automation

Requirements:

  • Hands on experience operating security GRC programs that map to industry frameworks: SSAE18 (SOC1 and SOC2), ISO 27001, SOX 404 ITGCs, NIST CSF and 800-53
  • Hands on experience translating framework requirements into practical and testable control objectives
  • Hands on experience operating technology risk management programs, and applying quantitative risk analysis techniques (FAIR) and structured qualitative risk modeling
  • Cloud-Native security controls and architecture literacy
  • Direct customer facing security and trust assurance experience, and stakeholder management
  • Direct auditor facing experience through scoping, evidence collection, testing, and remediations
  • Direct experience building and deploying control automations
  • Working knowledge of modern web application architecture, build and release techniques, incident response, AuthN/AuthZ strategies, data encryption, vulnerability management, third-party risk management, and security training

Nice to have:

Prior experience in FinTech

What we offer:
  • medical
  • dental
  • vision
  • 401(k)
  • equity
  • commission

Additional Information:

Job Posted:
January 07, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Plaid - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security GRC Manager

Senior Security GRC Engineer

The Senior Security GRC Engineer at Atlassian will be instrumental in implementi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Security GRC Engineer

The Security GRC Engineer at Atlassian will be instrumental in implementing and ...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Develop and implement security risk and governance capabilities, policies, and operations, ensuring alignment with Atlassian's business objectives and compliance with relevant laws and regulations
  • Provide technical guidance, promote automation, review designs, and support security teams to equip engineering partner teams with the latest tools, techniques, and methodologies to build secure products by default
  • Security GRC data management, analysis and reporting
  • Identify potential security risks and threats, and develop strategies to mitigate them
  • Understand Atlassian’s security controls and how they mitigate our risks
  • Support other teams in implementing and maintaining security controls and best practices
  • Periodically evaluate and report on the effectiveness of Atlassian’s security posture
  • Stay informed on the latest developments in cybersecurity and risk management to ensure that Atlassian's security controls are always at the cutting edge
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Security Strategy and Risk Management Head of Department

The Security Strategy and Risk Management Head of Department is a senior leaders...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
  • Excellent stakeholder management, communication, and leadership skills
  • Demonstrated experience working across multi-disciplinary teams to achieve common objectives
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk assessment, risk issue management, and risk exception management
  • Maintain and enhance risk management frameworks aligned with industry best practices
  • Deliver insightful, data-driven risk reporting to senior leadership
  • Oversee the Information Security compliance and control assurance program
  • Lead coordination of internal and external audits, assessments, and certification processes
  • Lead the Third-Party Risk Management (TPRM) program
  • Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
  • Direct the Information Security Training and Awareness program
  • Partner with the CISO to define and maintain the Information Security strategic roadmap
  • Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Plan, perform and control the activities to assure Blockchain.com’s controls are...
Location
Location
Argentina , Buenos Aires
Salary
Salary:
Not provided
blockchain.com Logo
Blockchain
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Forward-looking and strategic minded, with an eye to understanding potential risks, legal and compliance implications
  • Good knowledge of IT risk areas including regulatory, operational, information and energy industry specific
  • Good overall knowledge of application and infrastructure security control mechanisms
  • Advanced command of the English language
  • 2+ years experience in audit and security certifications such as ISO, SOC and PCI
  • Education Four-year college degree (or equivalent)
Job Responsibility
Job Responsibility
  • Oversee execution and completion of applications related security controls ensuring effectiveness
  • Design, create and share policies, standards and procedures to ensure demonstrable regulatory /legal control. Communicate changes to internal stakeholders
  • Conduct preliminary self-assessment control tests of the applicable controls
  • Track and document remediation actions as result of audit findings
  • Host internal/external IT audits including walkthroughs, retaining test evidence for in scope assets and tracking action plans to either remediate or mitigate potential risk exposure findings
  • Conduct the quarterly User Access reviews process including information gathering, management responses tracking, and results review to follow through on corrective actions
  • Develop, implement and maintain a risk register. Contribute results to the corporate dashboard
  • Participate in new tools/partners/investors due diligences
  • Have an active participation in Digital projects and perform other activities assigned by the Manager
What we offer
What we offer
  • Amazing and accessible office location in Palermo
  • Apple equipment
  • Full-time salary based on experience and meaningful equity in an industry-leading company
  • The opportunity to be a key player and build your career at a rapidly expanding, global technology company in an emerging field
  • Flexible work culture
  • Work from Anywhere Policy: You can work remotely from anywhere in the world for up to 20 days per year
  • Fulltime
Read More
Arrow Right

Information Security Officer

The Information Security Officer is a senior leadership role responsible for ove...
Location
Location
Portugal , Lisbon; Oporto; Madrid; Barcelona
Salary
Salary:
Not provided
https://www.tui.com Logo
TUI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced authentic leader with a good understanding of technology and managing Information Security risks in the enterprise
  • Passionate about Information Security, delivering business value and driving continuous improvement
  • Strong people leadership skills and experience in building a positive enabling security culture based on trust, quality and pragmatic risk management
  • Great communicator and influencer comfortable working across hierarchical, organisational, cultural and market boundaries
  • Experience of managing teams, mentoring and developing security talent from different cultural backgrounds
  • Professionally qualified holding a recognised security accreditation (CISSP/CISM/CISA etc.,) or equivalent experience with demonstrable Continuous Professional Development
  • Maintain a good understanding of latest security threats and the mitigating strategies
  • Ability to provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards
  • Experience of the implementation, operation and maintenance of an Information Security Management framework such as ISO27001 or NIST CSF
  • Good understanding of integrating security into software or product development lifecycle and cloud security
Job Responsibility
Job Responsibility
  • Promote and inspire a security first culture at TUI
  • Direct the development, implementation, delivery and support of an enterprise Information Security strategy aligned to the strategic requirements of the business
  • Lead the provision of Information Security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation’s information systems
  • Ensure that each Domain is motivated and empowered to deliver the prioritised roadmap
  • Protect the TUI brand and its customers, detect and respond to incidents, strengthen defences, reduce the attack surface and secure behaviours
  • Drive adoption of and adherence to security policies, standards and controls through the provision of expert advice and guidance
  • Protect our most critical assets and ensure appropriate assurance and rigorous testing is in place
  • Ensure security incidents are managed effectively through engagement with the security operations team, and that lessons learned and audit findings are remediated
  • Ensure effective security operations (e.g. vulnerability scanning, patching)
  • Protect the integrity, availability, authenticity, non-repudiation and confidentiality of information and data in storage and in transit
What we offer
What we offer
  • Attractive remuneration, bonus opportunity, exclusive travel perks & discounts, extensive health & wellbeing support
  • Flexible working: hybrid or remote working models
  • Opportunities to upskill, reskill and grow your career
  • Access the TUI Tech Learning Hub to level-up and reach your ambitions
  • Participate in our tech communities and collaborate on global projects and teams
  • Get involved with incredible local charity and sustainability initiatives like the TUI Care Foundation and the Sustainable Tech Community
  • Fulltime
Read More
Arrow Right

Digital Resilience and IT Risk Manager

Our COO Functional Risk Management team embedded in the Digital Resilience Area ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in using GRC tools and reporting tools (e.g., PowerBI)
  • A solid track record of achievement and continues development (can be any academic, professional, and/or sport)
  • Strong understanding of risk management frameworks and methodologies
  • Data-driven mindset with experience in data analysis and interpretation
  • excellent analytical and problem-solving skills
  • An organized and methodological approach with strong interpersonal skills
  • Possess a strong sense of curiosity and the ability to think creatively and innovatively
  • 4+ years of experience in Operational, IT, or Information Security (IS) Risk Management, Management Consulting, IT Governance, or a related field
  • Bachelor’s degree or higher in Information Technology, Engineering, Economics, Risk Management, Business Administration, or any related field
Job Responsibility
Job Responsibility
  • Support, coordinate and oversee information Risk Management Lifecycle activities performed by the 1st LoD
  • Actively contributes to identifying improvements and assist in adapting the Risk Management frameworks to address our rapidly evolving risk landscape
  • Coordinate thorough risk assessments to identify, evaluate and mitigate information risks across the organization
  • Ensure adherence to relevant regulatory requirements and internal policies related to information risk management as well as preparing detailed reports and presentations on risk findings, trends and recommendations for senior management and stakeholders
  • Utilize data analytics to support risk assessments, decision-making processes and to drive insights that enhance risk management strategies
  • Work closely with various business units, IT, IS, Risk and compliance teams to ensure alignment and integration of risk management practices
  • Utilize new technologies and feature within our organizational setup to enhance, scale, and optimize existing risk management processes
  • Develop and deliver training programs to enhance awareness and understanding of information risk management across the organization
  • Foster a risk-driven culture and advocate for the benefits of risk management whilst engaging with leadership and functional leads to ensure alignment and support
What we offer
What we offer
  • We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
  • We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
  • From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
  • Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy