The Security Governance, Risk, and Compliance (GRC) team is part of Plaid’s security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood and impact of security risks while operating a robust assurance program that builds trust with our customers, consumers, and data partners. We own Plaid’s security compliance frameworks, run our audits and risk programs, and partner across the company to keep Plaid’s platform secure, resilient, and aligned with industry and regulatory expectations. GRC Engineering is how we make all of that scale — turning compliance into code, evidence into telemetry, and audits into a continuous, automated capability. The Role: You will own GRC Engineering at Plaid — a foundational, high-ownership role defining an emerging discipline from the ground up. Today most of our compliance work is manual and point-in-time; you will turn it into an engineered system that is continuous, data-driven, and scalable, and set the technical direction for the field. You will: Define the discipline and the architecture — how GRC Engineering works at Plaid, not just execute within it. Build the foundation the function runs on — a codified source of truth for controls, policies, and evidence, fed by live pipelines and continuous controls monitoring. Be the engineering backbone for Security Assurance & Trust Enablement, Third-Party Ecosystem Risk, and Risk Management Make risk visible and data-driven — turning control and risk data into real-time signals for the team and leadership. Pioneer where compliance is heading — compliance-agents-as-code in the SDLC, AI- and agent-driven workflows, and machine-readable continuous compliance (FedRAMP 20x). This role is perfect for you if: You think in systems: you'd rather design the thing that eliminates a whole class of manual work than automate one task at a time. You love building and shipping internal tools and solutions that people actually use. You're relentlessly curious — you poke, you investigate, and you dig into how controls can silently fail, drift, or get bypassed so you can catch it automatically. You treat every roadblock as just an obstacle to route around — you don't back down, because there's always a path. You like range — juggling several problems across security, risk, compliance, and engineering beats grinding on a single one. You're energized by turning compliance from a documentation exercise into demonstrable, continuous, machine-readable evidence.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed