Manager, GRC Engineering

About The Position

Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Demonstrated experience managing cybersecurity or compliance programs.
• Familiarity with three or more frameworks such as SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, NIST 800-171, NIST 800-53, or HiTRUST.
• Strong written and verbal English communication skills, with the ability to explain complex concepts to non-technical stakeholders.
• Comfortable working independently with a high level of ownership and initiative.
• Experience partnering with sales and delivery teams to support client engagements.
• Ability to translate compliance requirements into clear business value and compelling client guidance.
• Willingness to work Pacific Time (PST) hours.

Nice To Haves

• Relevant certifications such as CISA, CISSP, CISM, or CCSP.
• Hands-on experience with AWS, Azure, or GCP environments.
• Experience providing strategic recommendations to mature cybersecurity programs.
• Prior interaction with external cybersecurity auditors or audit firms.

Responsibilities

• Lead Client Kickoff Engagements: Serve as the initial point of contact for new clients by leading kickoff calls that clarify scope, address technical concerns, and align compliance goals with Workstreet’s services.
• Guide Active Client Engagements: Support strategic client accounts by providing hands-on guidance with compliance best practices, security documentation, and client inquiries.
• Conduct Milestone Reviews: Facilitate milestone review calls to assess progress, identify blockers, and provide actionable recommendations to keep compliance initiatives on track.
• Provide Compliance Expertise: Advise clients on security and compliance best practices across multiple frameworks, translating regulatory requirements into practical, business-aligned guidance.
• Own Compliance Process Knowledge: Maintain expert-level understanding of Workstreet’s end-to-end compliance implementation process, including risk assessments, policy development, technical controls, and audit readiness.
• Ensure Seamless Delivery Handoffs: Partner closely with delivery teams to ensure smooth transitions between phases of engagement, sharing context and expectations to drive successful outcomes.
• Stay Current on Regulations: Monitor evolving regulatory requirements, industry trends, and best practices to inform internal teams and proactively advise clients.
• Support Compliance Tool Adoption: Work confidently within compliance automation platforms such as Vanta to help clients navigate tools and streamline their compliance efforts.
• Manage and Develop Team Members: Lead, mentor, and support a team of GRC professionals to ensure high-quality client delivery and consistent execution standards.