Key skills
AWSAzureGCPCommunication
About this role
Workstreet is a fast-growing startup focused on helping businesses scale securely through security and compliance programs. The Manager, GRC Engineering will lead client engagements, manage a team of analysts, and oversee compliance initiatives, ensuring high-quality service and client satisfaction.
Responsibilities:
- Own the Client Experience: Serve as the primary point of contact for a portfolio of client accounts, building strong, trusted relationships and ensuring clients feel supported, informed, and valued throughout every engagement
- Lead Client Engagements: Guide clients through compliance initiatives end-to-end — from kickoff through certification — providing clear communication, proactive updates, and expert guidance at every milestone
- Handle Escalations with Professionalism: Resolve complex client issues and requests with urgency, composure, and a solution-oriented approach that reinforces confidence and long-term retention
- Be a Trusted Advisor: Understand each client's unique business context and deliver compliance guidance that is practical, actionable, and tailored to their needs
- Collaborate Cross-Functionally: Partner with internal teams and client stakeholders to embed security and compliance best practices and resolve issues quickly
- Manage and Develop a Pod of Analysts: Lead a team of 3–5 analysts through coaching, mentorship, and performance management, fostering accountability, quality, and professional growth
- Drive Consistent Delivery: Ensure the team meets deadlines and delivers high-quality work across all active client engagements, stepping in to support where needed
- Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards
- Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi-cloud environments (AWS, GCP, Azure)
- Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture
- Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls
- Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness
Requirements:
- Demonstrated experience managing client relationships directly — you are comfortable owning accounts, leading difficult conversations, and being the trusted face of an engagement
- Exceptional professionalism in all client-facing communication, with outstanding written and verbal English skills
- 5+ years of experience managing or leading a team
- Proven experience managing compliance programs with hands-on familiarity with SOC 2 and ISO 27001 frameworks
- Strong knowledge of technical control implementation in cloud platforms (AWS, GCP, Azure)
- Ability to manage multiple compliance projects simultaneously without sacrificing client experience or quality
- Bachelor's degree in Information Technology, Cybersecurity, or a related field
- Ability to work independently with a strong sense of initiative
- Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity
- Relevant certifications (e.g., CISA, CISSP, CISM)
- Consulting experience
- Familiarity with additional frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA)