How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
All content for Security & GRC Decoded is the property of Raj Krishnamurthy and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
Why GRC Is More Than Compliance with Kenneth Moras | Head of Security GRC | Plaid
Security & GRC Decoded
1 hour 19 minutes
1 month ago
Why GRC Is More Than Compliance with Kenneth Moras | Head of Security GRC | Plaid
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Kenneth Moras, Head of Security GRC at Plaid. Kenneth shares his journey from web developer and pen tester to building GRC and assurance teams at scale across leading companies like Adobe, Meta, and now Plaid. The conversation explores how GRC must balance governance, risk, and compliance as distinct but interdependent functions — and why great programs require clarity, collaboration, and simplicity. Kenneth ...
Security & GRC Decoded
How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
