Career Opportunities

Senior GRC Engineer

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

The Opportunity 

We are seeking a highly motivated, client-focused Sr. GRC Engineer to join our fast-growing team. The ideal candidate is a seasoned client relationship manager who brings deep expertise in cybersecurity compliance and a proven track record of leading high-complexity client engagements with professionalism and care. This role is first and foremost about delivering an exceptional client experience — managing accounts, building trust, and driving successful outcomes — while overseeing a pod of analysts and applying expertise across frameworks such as SOC 2, ISO 27001, and NIST CSF.

The successful candidate will be able to come up to speed quickly, integrate into the organization, and take on clients within your first 15 days. You will serve as the primary point of contact for a portfolio of clients, leading engagements end-to-end, managing escalations with composure and urgency, and ensuring every client interaction reflects the highest standard of service.

What You'll Do

Client Relationship Management (Primary Focus)

  • Own the Client Experience: Serve as the dedicated primary contact for a portfolio of high-complexity, long-term client accounts, ensuring consistent delivery, proactive communication, and strong relationships at every stage of the engagement.
  • Lead Client Engagements: Conduct regular client meetings, deliver progress updates, set expectations, and guide clients through audits, assessments, and compliance milestones with clarity and confidence.
  • Communicate with Care: Engage directly with U.S.-based clients via phone, email, and text to address compliance concerns, provide expert guidance, and ensure clients always feel supported and informed.
  • Handle Escalations: Resolve complex client issues swiftly and professionally, applying a solution-oriented approach that reinforces client trust and satisfaction.
  • Be a Trusted Advisor: Build long-term relationships by understanding each client's unique business context and delivering compliance guidance that is practical, relevant, and actionable.

Team Leadership

  • Manage and Develop a Pod of Analysts: Provide day-to-day direction, constructive feedback, and professional development support to a small team of junior analysts, fostering a high-performance and collaborative culture.
  • Drive Accountability: Ensure the pod delivers high-quality work on time across all active client engagements, stepping in to support and coach where needed.

GRC & Compliance Execution

  • Interpret Regulatory Frameworks: Analyze and apply cybersecurity compliance requirements under SOC 2, ISO 27001, HIPAA, NIST CSF, and related standards.
  • Lead Compliance Projects: Oversee multiple client engagements simultaneously, including audits, evidence collection, control mapping, and due diligence or incident response activities.
  • Develop Compliance Programs: Create, implement, and maintain cybersecurity policies, procedures, and supporting documentation to meet audit and certification objectives.
  • Collaborate on Risk Management: Work with internal and external teams to identify, assess, and mitigate cybersecurity and compliance risks.
  • Drive Process Improvement: Enhance standard operating procedures, playbooks, and compliance frameworks to strengthen operational effectiveness.

Who You Are

  • Demonstrated client relationship management - you're comfortable owning client engagements, navigating difficult conversations, and serving as the primary point of contact throughout the engagement.
  • Exceptional professionalism and communication - you communicate confidently and professionally in all client interactions, with outstanding written and verbal English skills.
  • Proven people leadership experience - you bring 3+ years of experience managing or leading a small team, pod, or squad, providing coaching, mentorship, and accountability while fostering a collaborative, high-performing environment.
  • Hands-on cybersecurity compliance expertise - you have 3+ years of practical experience working with cybersecurity compliance frameworks such as SOC 2, ISO 27001, and/or NIST CSF, helping organizations implement and maintain effective compliance programs.
  • Strong project management skills - you can successfully manage multiple compliance engagements simultaneously, balancing competing priorities while maintaining exceptional quality and client satisfaction.
  • Highly organized and adaptable - you thrive in fast-paced startup environments, staying organized, proactive, and flexible as priorities evolve.
  • Policy development and governance - you're experienced in creating, maintaining, and enforcing cybersecurity policies that align with regulatory requirements and industry best practices.
  • Experience in a cybersecurity-focused technology company - you've worked within a technology organization where security and compliance are core to the business, collaborating closely with technical, operational, and cross-functional teams.

What will help you succeed

  • Big 4 advisory or assurance tenure – Prior success directing complex IT compliance audits, data governance assessments, or technical risk advisory workflows inside elite environments like Deloitte, PwC, EY, or KPMG.
  • Multi-framework compliance command – Advanced familiarity with specialized, adjacent international frameworks and regulatory bodies, explicitly including HIPAA, PCI DSS, or regional data sovereignty baselines.
  • Mastery of compliance automation architectures – Direct backend operational mastery navigating, configuring, and tracking continuous evidence collection inside automated platforms like Vanta.
  • Validated industry credentials – Hold active, globally recognized professional security and audit designations such as CISA, CISSP, ISO 27001 Lead Implementer, or CompTIA Security+.
  • Advanced audit coordination background – Proven history managing full-lifecycle third-party assessments, audit pathways, and independent examiner walkthroughs.

What We Offer

  • Career Development: Clear path with mentorship and training opportunities
  • Technical Training: Comprehensive onboarding on security and compliance frameworks
  • Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
  • Growth Opportunity: Early-stage company with significant room for career advancement.
  • Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

What We Offer

  • Career Development: Clear path with mentorship and training opportunities.
  • Role-Related Training: Reimbursement for the successful completion of approved training and certification courses relevant to your current role.
  • Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
  • Growth Opportunity: Early-stage company with significant room for career advancement.
  • Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

What You'll Need to Thrive

  • Excellent written and verbal English communication skills, with the ability to engage confidently with candidates, hiring managers, and business leaders across global teams.
  • A reliable, high-speed internet connection and a professional home office environment that supports confidential conversations, virtual interviews, and uninterrupted collaboration.
  • Commitment to working a standard schedule of 8:00 AM–5:00 PM US Eastern Time (ET) to effectively support hiring managers, candidates, and cross-functional teams. Occasional flexibility to adjust working hours is expected to accommodate changing business priorities, global collaboration, and time-sensitive hiring needs.
  • Willingness and ability to travel locally for occasional onsite meetings, team gatherings, or business activities as needed.

Hiring and Selection Process

  • Candidates must participate in live video interviews throughout the hiring process with camera on (non-negotiable) and be prepared to verify their identity during recruitment and onboarding.
  • Employment is contingent upon successful completion of identity verification and background screening, where permitted by law.
  • Selected candidates will participate in structured interviews with hiring managers and cross-functional stakeholders to assess role fit, experience, and alignment with Workstreet’s operating principles.
  • Candidates will receive prompt updates and consistent communication throughout the interview process, ensuring a transparent, smooth, and engaging experience at every step.
  • Applicants must be authorized to work in the U.S. without the need for visa sponsorship now or in the future. Workstreet does not provide employment-based visa sponsorship or transfers for this role, including H-1B, L-1, TN, O-1, E-3, H-1B1, F-1 (OPT/CPT), J-1, or any other work-authorized visa category.

Workstreet Is An Equal Opportunity Employer

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.


Delivery

Remote (United States)

Partilhar em:

Termos de serviço.PrivacidadeCookiesDesenvolvido pela Rippling