Senior Security Analyst, Customer Assurance
Listed on 2026-07-09
-
IT/Tech
Cybersecurity, Information Security, Security Management & Operations, Data Security -
Security
Cybersecurity, Information Security, Security Management & Operations, Data Security
About the Team
The Security Governance, Risk, and Compliance team is part of Plaid’s security organization, focused on enabling the business by proactively managing information security risks and maintaining effective controls. Our mission is to reduce the likelihood and impact of security risks while operating a robust assurance program that builds trust with our customers, consumers, and data partners. We partner closely across the company to ensure Plaid’s platform remains secure, resilient, and aligned with industry and regulatory expectations.
The Security Contracts workstream is a core part of our Security Assurance program, ensuring Plaid’s contractual security obligations with customers and data partners are defensible, consistent, and never a bottleneck to deal velocity, all while building trust.
You’ll be the direct owner of Plaid’s Security Contracts work-stream, responsible for how security contract reviews get done, how quickly they move, and how the program improves over time. You’ll review security provisions in customer MSAs, DPAs, and security addenda, identify unacceptable clauses, and provide Legal and GTM with clear, actionable feedback that helps move deals forward. You’ll also build the playbooks, processes, and program infrastructure that make the work-stream scalable, use data and pattern analysis to proactively reduce friction, and operate as an AI power user to maximize throughput.
Beyond contracts, you’ll support broader Security Assurance work by responding to customer security questionnaires and joining external audit calls with customers and data partners.
- Lead security contract reviews across customer MSAs, DPAs, security addenda, and security exhibits by identifying unacceptable clauses, forming a clear security position, and providing Legal with actionable feedback they can take directly into negotiations.
- Design and own the end-to-end Security Contracts program infrastructure, including intake processes, tiered SLAs, security positions runbooks, and handoff protocols with Legal and GTM.
- Track security contract asks across deals, identify recurring patterns, and determine whether they represent gaps in Plaid’s program or non-standard customer requests.
- Assess feasibility and propose recommendations to leadership when recurring asks point to program gaps, and codify existing capabilities into standard security addenda where appropriate to reduce future negotiation cycles.
- Join customer and data partner calls as Plaid’s security subject matter expert, building trust through patient, clear, and collaborative communication.
- Define KPIs, build dashboards, and deliver regular reporting on program health to Security and GTM leadership, including visibility into deal friction, SLA adherence, and improvement opportunities.
- Build and scale AI-assisted workflows for security assurance, contract review, questionnaire completion, clause library maintenance, pattern analysis, and reporting.
- Support customer security questionnaires and external audit calls with customers and data partners, ensuring Plaid presents a consistent and credible security posture across customer-facing assurance activities.
- 6+ years of experience in security assurance, security GRC, security compliance, or a related information security role with meaningful ownership of customer- or partner-facing security workflows.
- Security contract review and negotiation:
- Experience reviewing security provisions in MSAs, DPAs, and security addenda – and translating that expertise into clear positions Legal can take directly into negotiations.
- Deep familiarity with common security clause types: e.g. incident notification windows, audit rights, encryption requirements, subprocessor obligations, data retention, and penetration testing provisions.
- Ability to translate a company's security posture and risk appetite into clear, defensible contract positions and hold those positions through multiple negotiation cycles.
- Experience representing a company's security program directly to customers and financial institution partners on calls – fielding questions about security controls, compliance posture,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).