Manager, GRC Engineering

Workstreet

135d•Remote

About The Position

We are seeking a Manager, GRC Engineering who is highly motivated, detail-oriented, and experienced in leading cybersecurity compliance initiatives. The ideal candidate will have a solid background in frameworks such as SOC 2, ISO 27001, and NIST CSF, along with strong communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously. As part of our GRC leadership team, you will manage compliance programs, oversee client engagements, and ensure adherence to industry standards such as SOC 2, ISO 27001, HIPAA, and PCI DSS. This role also involves leading a small team of analysts, providing strategic direction, and ensuring the consistent delivery of high-quality compliance outcomes for Workstreet’s clients.

Requirements

Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
5+ years of experience managing a team.
Proven experience in managing compliance programs and familiarity with SOC 2 and ISO 27001 frameworks.
Strong knowledge of technical control implementation in cloud platforms such as AWS, GCP, and Azure.
Excellent written and verbal communication skills in English.
Ability to work independently with a strong sense of initiative.
Must be amenable to working US Time zone hours.

Nice To Haves

Relevant certifications (e.g., CISA, CISSP, CISM).
Consulting experience
Familiarity with other compliance frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA).

Responsibilities

Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards.
Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi-cloud environments (AWS, GCP, Azure).
Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture.
Manage Compliance Team: Lead a team of 3–5 analysts through coaching, mentorship, and performance management to ensure quality and accountability.
Collaborate Cross-Functionally: Partner with internal teams and clients to embed security and compliance best practices and resolve compliance escalations.
Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls.
Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness.

Benefits

Career Development: Clear path with mentorship and training opportunities
Technical Training: Comprehensive onboarding on security and compliance frameworks
Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
Growth Opportunity: Early-stage company with significant room for career advancement.
Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume