The Compliance team at Plaid is a cross functional team with deep product and industry knowledge, that designs and maintains controls to mitigate risks, ensure trust in the platform, and enable the business. Plaid sits in the middle of this ecosystem, and we're the gateway used by our customers to build, test, launch, and scale amazing FinTech applications.
In this role, you will be responsible for assessing the design and effectiveness of Plaid’s internal controls that ensure privacy, security, and availability of our API and related underlying infrastructure through internal audits and risk assessments. You will also be the primary point of contact for external security assessments and audit engagements by our enterprise customers and banking partners, working cross functionally with our account management and business development teams.
What Excites You:
Being part of a highly evolving cross functional team in a rapidly growing organization
Being a trusted partner to product and engineering teams
Simplifying and articulating deep technical concepts and requirements into easily understood terms
Translating compliance requirements into operational procedures
Building and maintaining highly effective cross functional relationships in a highly technical organization.
What Excites Us:
Deep understanding of IT audit and enterprise risk management concepts
Deep understanding of internal controls and information security concepts from both enterprise and start-up perspectives (e.g. ITIL Change Management vs. DevOps Continuous Delivery).
Deep understanding of security assurance and trust frameworks (SOC 2 - AICPA Trust Service Principles, NIST 800-53, ISO2700x, CSA STAR, etc.).
Strong understanding of privacy and data protection laws (CCPA, GDPR, GLBA Privacy and Safeguards Rules).
Proven ability to understand and contextualize complex technical concepts into ELI5 terms.
Strong track record of developing and maintaining high quality internal policy and procedure documents,
Proven ability to manage projects and deliverables to completion with limited direction.
Experience interacting with external auditors and explaining deep technical concepts.
Experience working extremely cross functionally in a fast moving, highly technical organization.
Familiarity with different types of application architectures (e.g. monoliths vs service-oriented architecture), and application deployment models (e.g. on-prem vs. cloud).