GRC Engineer I

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

We are seeking a highly motivated and detail-oriented GRC Engineer I to join our fast-growing team. The ideal candidate will have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.

This role requires strong communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously. The successful candidate will also have experience overseeing or managing a small team, while ensuring client engagements are delivered effectively and aligned with Workstreet’s security objectives.

• Support Compliance Initiatives: Assist in implementing and maintaining cybersecurity compliance programs aligned with SOC 2, ISO 27001, and other regulatory standards.
• Maintain Documentation: Develop and update cybersecurity policies, procedures, and control evidence to support audits and assessments.
• Assist in Risk Mitigation: Work with internal and external teams to identify, track, and help remediate cybersecurity risks and control gaps.
• Coordinate Project Tasks: Support multiple compliance projects by managing documentation, timelines, and deliverables under senior guidance.
• Communicate with Clients: Engage with clients via email, chat, and calls to gather evidence, clarify compliance requirements, and provide timely updates.
• Perform Control Testing: Conduct basic control checks and assist in readiness reviews to ensure continuous compliance with internal and external standards.
• Collaborate Cross-Functionally: Partner with IT, security, and operations teams to implement corrective actions and strengthen compliance posture.
• Learn and Grow: Receive mentorship from senior team members and contribute to improving processes, templates, and playbooks for compliance delivery.

• Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
• Exceptional written and verbal English communication skills
• Proven ability to work directly with clients in the US
• Experience working in cybersecurity compliance, including SOC 2, ISO 27001, or NIST CSF frameworks
• Familiarity with creating and enforcing cybersecurity policies
• Experience working in a tech company with a focus on cybersecurity
• Thrives in a fast-paced startup environment

• Familiarity with Vanta or similar compliance automation platforms
• Additional experience with frameworks such as GDPR, HIPAA, or PCI DSS
• Certifications such as ISO 27001 Lead Implementer, CISA, or Security+

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.