Skip to content
PlaidPlaidNew York, NY

Senior Security Analyst, Customer Assurance

Own Plaid's Security Contracts program: review security provisions in MSAs/DPAs/addenda, provide positions to Legal/GTM for negotiations, build scalable processes/playbooks, track patterns for improvements, and support questionnaires/audit calls. Requires 6+ years in security GRC/assurance with fintech experience, deep clause knowledge, and AI fluency.

134k – 214k
Hybrid6+ YOESecurity Engineering

About the role

Responsibilities

  • Lead security contract reviews across customer MSAs, DPAs, security addenda, and security exhibits by identifying unacceptable clauses, forming a clear security position, and providing Legal with actionable feedback they can take directly into negotiations.
  • Design and own the end-to-end Security Contracts program infrastructure, including intake processes, tiered SLAs, security positions runbooks, and handoff protocols with Legal and GTM.
  • Track security contract asks across deals, identify recurring patterns, and determine whether they represent gaps in Plaid’s program or non-standard customer requests.
  • Assess feasibility and propose recommendations to leadership when recurring asks point to program gaps, and codify existing capabilities into standard security addenda where appropriate to reduce future negotiation cycles.
  • Join customer and data partner calls as Plaid’s security subject matter expert, building trust through patient, clear, and collaborative communication.
  • Define KPIs, build dashboards, and deliver regular reporting on program health to Security and GTM leadership, including visibility into deal friction, SLA adherence, and improvement opportunities.
  • Build and scale AI-assisted workflows for security assurance, contract review, questionnaire completion, clause library maintenance, pattern analysis, and reporting.
  • Support customer security questionnaires and external audit calls with customers and data partners, ensuring Plaid presents a consistent and credible security posture across customer-facing assurance activities.

Qualifications

  • 6+ years of experience in security assurance, security GRC, security compliance, or a related information security role with meaningful ownership of customer- or partner-facing security workflows.
  • Experience reviewing security provisions in MSAs, DPAs, and security addenda — and translating that expertise into clear positions Legal can take directly into negotiations.
  • Deep familiarity with common security clause types: e.g. incident notification windows, audit rights, encryption requirements, subprocessor obligations, data retention, and penetration testing provisions.
  • Ability to translate a company's security posture and risk appetite into clear, defensible contract positions and hold those positions through multiple negotiation cycles.
  • Experience representing a company's security program directly to customers and financial institution partners on calls — fielding questions about security controls, compliance posture, and contractual obligations.
  • Working knowledge of SOC 2, ISO 27001, NIST CSF, PCI DSS, GLBA, GDPR/CCPA, NIST 800-53, etc.
  • Deep understanding of what "standard" security contract language looks like in fintech and banking agreements.
  • Prior experience in fintech, payments, or financial services.
  • Experience building security assurance programs — designing intake processes, tiered SLAs, escalation paths, and runbooks.
  • Strong analytical skills: ability to identify patterns across a high volume of security contract asks, track pushback rates and cycle counts, and translate findings into process improvements.
  • Experience with metrics ownership: defining KPIs, building tracking infrastructure, and reporting on program health to cross-functional stakeholders.
  • Exceptional written and verbal communication skills.
  • Experience working directly with Legal and GTM teams as a security subject matter expert.
  • Demonstrated ability to build and scale AI-assisted workflows — applies AI tooling to Security Assurance activities like contract review, questionnaire completion, clause library maintenance, pattern analysis, and reporting to materially increase throughput.

Nice-to-Haves

  • Experience redlining security contract language directly, beyond providing advisory feedback.

Skills

Security ContractsMsasDpasSecurity AddendaSOC 2ISO 27001Nist CsfPci DssGlbaGDPRCCPANist 800-53Security AssuranceGRCAI Workflows
Dispel

Senior Security Operations Engineer

DispelUnited States

Senior Security Operations Engineer owns SOC operations using Google SecOps and SentinelOne, builds detection rules and SOAR playbooks, manages incident response and vulnerability remediation, and provides technical leadership to analysts. Requires 6+ years in security operations with hands-on SIEM/EDR experience.

136k – 155k
Remote6+ YOESecurity Engineering
Lyft

Senior Security Engineer, Corporate Security

LyftSeattle, WA

Builds secure processes and systems for corporate security, partnering cross-functionally to enable safe operations. Requires 5+ years engineering experience with Python/Go, databases, networking protocols, and security systems.

136k – 170k
Hybrid5+ YOESecurity Engineering
Teleport

Senior Software Engineer, Security

TeleportUnited States

Senior Software Engineer building security features for Teleport's access platform, focusing on cryptography, networking, automation, AI agents, and detection/response using Go/Rust. Contributes to open-source code reviews, vulnerability hunting, and hardening defenses.

138k – 342k
RemoteSecurity Engineering
Chainguard

Senior Security Engineer

ChainguardUnited States

Own AI platform posture end-to-end: administer Claude/ChatGPT enterprise controls, build MCP servers and agentic tooling, harden security against prompt injection and data leakage, and create spend dashboards. Requires 5+ years security/IT/DevOps experience plus hands-on AI platform administration.

130k – 160k
Remote5+ YOESecurity Engineering
Chainguard

Senior Security Engineer

ChainguardUnited States

Senior Security Engineer on the Cyber Resiliency team designing detection controls, engineering SOAR/AI playbooks, leading incident response, and conducting threat hunts to strengthen Chainguard's security posture.

130k – 150k
Remote5+ YOESecurity Engineering