About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by building and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in compliance frameworks like SOC 2, ISO 27001, and GDPR, empowering companies to meet regulatory standards and strengthen their cybersecurity posture from day one. We’ve partnered with Vanta, which has significantly driven our business and contributed to our growth!

We are seeking a highly motivated and detail-oriented Manager, GRC Engineering to join our fast-growing team. The ideal candidate will have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. They should possess excellent communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously. The ideal candidate will also have experience overseeing or managing a small team.

Workstreet is seeking an experienced GRC extraordinaire who will be responsible for managing compliance programs and ensuring adherence to frameworks like SOC 2, ISO 27001, HIPAA, and others for our clients. The ideal candidate will have a proven track record in policy writing, implementing SOC 2 Type 1 and Type 2, and hands-on experience with technical controls in various cloud platforms such as AWS, GCP, and Azure.

Key Responsibilities:

• Develop, maintain, and update compliance policies, procedures, and technical controls to meet standards such as SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS.
• Lead and execute compliance implementation and certification projects, including SOC 2 and ISO 27001 audits, across cloud environments (AWS, GCP, Azure).
• Conduct regular risk assessments and security audits to identify vulnerabilities and continuously improve the organization’s security posture.
• Manage a team of 3–5 analysts, providing day-to-day leadership, performance oversight, and driving delivery of compliance outcomes.
• Collaborate with cross-functional teams and clients to integrate security and compliance best practices into workflows, handle onboarding, and resolve escalations.
• Monitor evolving regulatory requirements and industry best practices to keep internal policies and controls up to date.
• Utilize compliance automation platforms (e.g., Drata, Vanta, SecureFrame) to manage audit readiness, track compliance status, and drive metrics-based outcomes.

Must-Have Qualifications:

• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• 5+ years managing a small team.
• Proven experience in managing compliance programs and familiarity with SOC 2 and ISO 27001 frameworks.
• Strong knowledge and experience in implementing technical controls in cloud platforms like AWS, GCP, and Azure.
• Excellent communication and writing skills in English.
• Ability to work independently with a strong sense of initiative.
• Must be amenable to work US Eastern Time zone hours.

Preferred Skills:

• Relevant certifications (e.g., CISA, CISSP, CISM).
• Experience in conducting security training and awareness programs.
• Familiarity with other compliance frameworks and regulations (e.g., GDPR, HIPAA).

What We Offer:

• Competitive pay.
• Potential to grow from this role into a vCISO role.
• Ability to work with amazing companies and clients.

Workstreet Is An Equal Opportunity Employer

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.