Plaid

Senior Security Analyst, Customer Assurance

Plaid$110K — $140K *
Finance & Insurance
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 6+ years of experience in security assurance or related roles with ownership of customer-facing workflows.
  • Experience in reviewing security provisions in MSAs, DPAs, and addenda for clear feedback to Legal.
  • Familiarity with common security clause types in fintech agreements.
  • Knowledge of security standards such as SOC 2, ISO 27001, and GDPR/CCPA.
  • Experience in designing security assurance programs and metrics ownership.
  • Exceptional communication skills for cross-functional effectiveness.
  • Proven ability to build AI-assisted workflows to enhance operational throughput.

Responsibilities

  • Lead security contract reviews across various agreements and provide actionable feedback to Legal.
  • Own and design the Security Contracts program infrastructure and processes.
  • Analyze security contract trends to identify gaps or non-standard requests.
  • Propose improvements to leadership based on recurring security asks.
  • Serve as SME on customer and partner calls, fostering trust and collaboration.
  • Define KPIs and deliver reports on program effectiveness to leadership.
  • Implement AI workflows for contract reviews and reporting to increase efficiency.

Benefits

  • Comprehensive medical, dental, and vision plans.
  • 401(k) retirement plan with employer matching.
  • Equity options as part of compensation packages.
Full Job Description
About the Team:

The Security Governance, Risk, and Compliance team is part of Plaid's security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood and impact of security risks while operating a robust assurance program that builds trust with our customers, consumers, and data partners. We partner closely across the company to ensure Plaid's platform remains secure, resilient, and aligned with industry and regulatory expectations. The Security Contracts workstream is a core part of our Security Assurance program, ensuring Plaid's contractual security obligations with customers and data partners are defensible, consistent, and never a bottleneck to deal velocity, all while building trust.

You'll be the direct owner of Plaid's Security Contracts work-stream, responsible for how security contract reviews get done, how quickly they move, and how the program improves over time. You'll review security provisions in customer MSAs, DPAs, and security addenda, identify unacceptable clauses, and provide Legal and GTM with clear, actionable feedback that helps move deals forward. You'll also build the playbooks, processes, and program infrastructure that make the work-stream scalable, use data and pattern analysis to proactively reduce friction, and operate as an AI power user to maximize throughput. Beyond contracts, you'll support broader Security Assurance work by responding to customer security questionnaires and joining external audit calls with customers and data partners.
Responsibilities
  • Lead security contract reviews across customer MSAs, DPAs, security addenda, and security exhibits by identifying unacceptable clauses, forming a clear security position, and providing Legal with actionable feedback they can take directly into negotiations.
  • Design and own the end-to-end Security Contracts program infrastructure, including intake processes, tiered SLAs, security positions runbooks, and handoff protocols with Legal and GTM.
  • Track security contract asks across deals, identify recurring patterns, and determine whether they represent gaps in Plaid's program or non-standard customer requests.
  • Assess feasibility and propose recommendations to leadership when recurring asks point to program gaps, and codify existing capabilities into standard security addenda where appropriate to reduce future negotiation cycles.
  • Join customer and data partner calls as Plaid's security subject matter expert, building trust through patient, clear, and collaborative communication.
  • Define KPIs, build dashboards, and deliver regular reporting on program health to Security and GTM leadership, including visibility into deal friction, SLA adherence, and improvement opportunities.
  • Build and scale AI-assisted workflows for security assurance, contract review, questionnaire completion, clause library maintenance, pattern analysis, and reporting.
  • Support customer security questionnaires and external audit calls with customers and data partners, ensuring Plaid presents a consistent and credible security posture across customer-facing assurance activities.
Qualifications
  • 6+ years of experience in security assurance, security GRC, security compliance, or a related information security role with meaningful ownership of customer- or partner-facing security workflows.
  • Security contract review and negotiation:
    • Experience reviewing security provisions in MSAs, DPAs, and security addenda - and translating that expertise into clear positions Legal can take directly into negotiations.
    • Deep familiarity with common security clause types: e.g. incident notification windows, audit rights, encryption requirements, subprocessor obligations, data retention, and penetration testing provisions.
    • Ability to translate a company's security posture and risk appetite into clear, defensible contract positions and hold those positions through multiple negotiation cycles.
    • Experience representing a company's security program directly to customers and financial institution partners on calls - fielding questions about security controls, compliance posture, and contractual obligations.
  • Security Compliance and regulatory knowledge:
    • Working knowledge of SOC 2, ISO 27001, NIST CSF, PCI DSS, GLBA, GDPR/CCPA, NIST 800-53, etc.
    • Deep understanding of what "standard" security contract language looks like in fintech and banking agreements
    • Prior experience in fintech, payments, or financial services - you understand the security expectations of data partners and regulated entities, and know how to navigate those relationships with the patience and credibility they require.
  • Program design and operational maturity:
    • Experience building security assurance programs - designing intake processes, tiered SLAs, escalation paths, and runbooks, not just executing within existing ones.
    • Strong analytical skills: ability to identify patterns across a high volume of security contract asks, track pushback rates and cycle counts, and translate findings into process improvements.
    • Experience with metrics ownership: defining KPIs, building tracking infrastructure, and reporting on program health to cross-functional stakeholders.
  • Communication and cross-functional effectiveness:
    • Exceptional written and verbal communication skills - precise enough for Legal to use your positions to draft language, clear enough for a Sales rep to use in a customer call.
    • Experience working directly with Legal and GTM teams as a security subject matter expert.
    • Experience driving customer and data partner calls involving security.
  • AI fluency and tooling:
    • Demonstrated ability to build and scale AI-assisted workflows - applies AI tooling to Security Assurance activities like contract review, questionnaire completion, clause library maintenance, pattern analysis, and reporting to materially increase throughput.
    • Shares what works with the broader team; approaches AI as a force multiplier for the function, not just a personal productivity tool.

Nice to have:
  • Experience redlining security contract language directly, beyond providing advisory feedback.


Additional compensation in the form(s) of equity and/or commission are dependent on the position offered. Plaid provides a comprehensive benefit plan, including medical, dental, vision, and 401(k). Pay is based on factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience and skillset, and location. Pay and benefits are subject to change at any time, consistent with the terms of any applicable compensation or benefit plans.

About Plaid

Plaid is a financial services company based in New York City. The company builds a technology platform, which enables applications to connect with users' bank accounts. Plaid focuses on enabling consumers and businesses to interact with their bank accounts, check balances, and make payments through financial technology applications. The company was founded in 2013 by Zach Perret and William Hockey. In January 2020, Visa announced that it would acquire Plaid for $5.3 billion. The acquisition was completed in January 2021.
Learn more about Plaid
Size
600 employees
Industry
Founded
2011

Similar Jobs

More Jobs at Plaid

More Finance & Insurance Jobs

Find similar Senior Security Analyst, Customer Assurance jobs: