Manager, GRC Engineering

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by building and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in compliance frameworks like SOC 2, ISO 27001, and GDPR, empowering companies to meet regulatory standards and strengthen their cybersecurity posture from day one. We’ve partnered with Vanta, which has significantly driven our business and contributed to our growth!

We are seeking a Manager to join our Client-Facing Cybersecurity GRC team to lead client kickoff and milestone review engagements, guide organizations through their compliance journeys, and manage a team of compliance professionals. This role also supports a limited number of active client engagements to ensure effective execution of compliance programs.
This position requires a strong understanding of cybersecurity compliance frameworks, excellent client communication skills, and the ability to proactively guide clients toward security best practices while partnering closely with internal delivery teams.

• Lead Client Kickoff Engagements: Serve as the initial point of contact for new clients by leading kickoff calls that clarify scope, address technical concerns, and align compliance goals with Workstreet’s services.
• Guide Active Client Engagements: Support strategic client accounts by providing hands-on guidance with compliance best practices, security documentation, and client inquiries.
• Conduct Milestone Reviews: Facilitate milestone review calls to assess progress, identify blockers, and provide actionable recommendations to keep compliance initiatives on track.
• Provide Compliance Expertise: Advise clients on security and compliance best practices across multiple frameworks, translating regulatory requirements into practical, business-aligned guidance.
• Own Compliance Process Knowledge: Maintain expert-level understanding of Workstreet’s end-to-end compliance implementation process, including risk assessments, policy development, technical controls, and audit readiness.
• Ensure Seamless Delivery Handoffs: Partner closely with delivery teams to ensure smooth transitions between phases of engagement, sharing context and expectations to drive successful outcomes.
• Stay Current on Regulations: Monitor evolving regulatory requirements, industry trends, and best practices to inform internal teams and proactively advise clients.
• Support Compliance Tool Adoption: Work confidently within compliance automation platforms such as Vanta to help clients navigate tools and streamline their compliance efforts.
• Manage and Develop Team Members: Lead, mentor, and support a team of GRC professionals to ensure high-quality client delivery and consistent execution standards.

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Demonstrated experience managing cybersecurity or compliance programs.
• Familiarity with three or more frameworks such as SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, NIST 800-171, NIST 800-53, or HiTRUST.
• Strong written and verbal English communication skills, with the ability to explain complex concepts to non-technical stakeholders.
• Comfortable working independently with a high level of ownership and initiative.
• Experience partnering with sales and delivery teams to support client engagements.
• Ability to translate compliance requirements into clear business value and compelling client guidance.
• Willingness to work Pacific Time (PST) hours.

• Relevant certifications such as CISA, CISSP, CISM, or CCSP.
• Hands-on experience with AWS, Azure, or GCP environments.
• Experience providing strategic recommendations to mature cybersecurity programs.
• Prior interaction with external cybersecurity auditors or audit firms.