Senior Manager, GRC Engineering

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

The Opportunity 

We are seeking a highly motivated and detail-oriented Sr. Manager, GRC Engineering to join our fast-growing team. The ideal candidate will have 8+ years of experience working with cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.

This leadership role requires extensive experience managing teams, guiding multiple client engagements, and overseeing the successful delivery of cybersecurity compliance programs. The successful candidate will combine strong strategic thinking, communication skills, and technical depth to lead a team of GRC professionals and drive operational excellence across Workstreet’s client base.

• Oversee Compliance Projects: Manage and coordinate multiple cybersecurity compliance engagements, ensuring timely completion and adherence to relevant standards and frameworks.
• Lead and Develop Teams: Supervise and mentor managers and analysts across various accounts, fostering performance, collaboration, and professional growth.
• Drive Resource Strategy: Guide staffing, hiring, and resource allocation to optimize delivery efficiency and support department scalability.
• Manage Client Escalations: Address executive-level client concerns with professionalism, ensuring swift and effective resolution.
• Ensure Quality Standards: Conduct regular reviews of client communications, deliverables, and quality metrics to maintain consistency and excellence across projects.
• Implement Compliance Policies: Develop, execute, and maintain cybersecurity compliance policies and procedures aligned with industry best practices.
• Collaborate on Risk Mitigation: Partner with internal and external teams to identify, assess, and remediate cybersecurity risks.
• Engage Directly with Clients: Communicate with US-based clients to address compliance concerns and deliver expert guidance.
• Interpret Regulatory Frameworks: Analyze and apply cybersecurity regulations and standards, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC.

• 8+ years working in cybersecurity compliance, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC frameworks
• 8+ years creating and enforcing cybersecurity policies
• 5+ years of proven experience leading and developing mid-sized teams in a fast-paced, results-driven environment
• Strong strategic thinking skills with experience driving cross-functional collaboration and aligning team goals with business objectives
• Proven ability to work directly with clients in the US
• Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
• Experience working in a tech company with a focus on cybersecurity
• Thrives in a fast-paced startup environment
• Exceptional written and verbal English communication skills

• Certifications such as CISA, CISSP, CISM, ISO 27001 Lead Implementer, or CRISC
• Experience managing GRC functions within a managed security services or consulting environment
• Familiarity with compliance automation platforms such as Vanta, Drata, or Secureframe
• Exposure to risk management or audit methodologies across multiple regulatory frameworks

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.