Senior GRC Engineer

Role Overview

• Own the Client Experience: Serve as the dedicated primary contact for a portfolio of high-complexity, long-term client accounts, ensuring consistent delivery, proactive communication, and strong relationships at every stage of the engagement.
• Lead Client Engagements: Conduct regular client meetings, deliver progress updates, set expectations, and guide clients through audits, assessments, and compliance milestones with clarity and confidence.
• Communicate with Care: Engage directly with U.S.-based clients via phone, email, and text to address compliance concerns, provide expert guidance, and ensure clients always feel supported and informed.
• Handle Escalations: Resolve complex client issues swiftly and professionally, applying a solution-oriented approach that reinforces client trust and satisfaction.
• Be a Trusted Advisor: Build long-term relationships by understanding each client's unique business context and delivering compliance guidance that is practical, relevant, and actionable.
• Manage and Develop a Pod of Analysts: Provide day-to-day direction, constructive feedback, and professional development support to a small team of junior analysts, fostering a high-performance and collaborative culture.
• Drive Accountability: Ensure the pod delivers high-quality work on time across all active client engagements, stepping in to support and coach where needed.
• Interpret Regulatory Frameworks: Analyze and apply cybersecurity compliance requirements under SOC 2, ISO 27001, HIPAA, NIST CSF, and related standards.
• Lead Compliance Projects: Oversee multiple client engagements simultaneously, including audits, evidence collection, control mapping, and due diligence or incident response activities.
• Develop Compliance Programs: Create, implement, and maintain cybersecurity policies, procedures, and supporting documentation to meet audit and certification objectives.
• Collaborate on Risk Management: Work with internal and external teams to identify, assess, and mitigate cybersecurity and compliance risks.
• Drive Process Improvement: Enhance standard operating procedures, playbooks, and compliance frameworks to strengthen operational effectiveness.

Requirements

• Demonstrated experience managing client relationships directly — you are comfortable owning accounts, navigating difficult conversations, and being the face of the engagement.
• Exceptional professionalism in all client-facing communication, with outstanding written and verbal English skills.
• 3+ years of experience managing or leading a small team (pod, squad, or similar structure).
• 3+ years of experience in cybersecurity compliance, including hands-on work with SOC 2, ISO 27001, or NIST CSF frameworks.
• Proven ability to manage multiple compliance projects concurrently without sacrificing quality or client experience.
• Strong organizational skills and the ability to thrive in a fast-paced startup environment.
• Familiarity with creating and enforcing cybersecurity policies.
• Experience working in a tech company with a cybersecurity focus.

Tech Stack

• Cyber Security

Benefits

• Career Development: Clear growth path with mentorship and training opportunities.
• Technical Training: Comprehensive onboarding on security and compliance frameworks.
• Competitive Compensation: Competitive base salary with regular performance reviews, merit-based appraisals, and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.
• Work Environment Requirements: Reliable high-speed internet connection. Quiet, professional home office setup. Must be amenable to work US Eastern Time zone hours. Fluency in written and verbal English communication skills.