Senior GRC Engineer

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

We are seeking a highly motivated and detail-oriented Sr. GRC Engineer to join our fast-growing team. The ideal candidate will have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.

This role requires excellent communication skills, the ability to manage multiple cybersecurity compliance projects simultaneously, and experience leading or managing a small team. The successful candidate will serve as a trusted compliance advisor to clients, leading engagements, managing escalations, and driving successful outcomes across multiple frameworks.

• Interpret Regulatory Frameworks: Analyze and apply cybersecurity compliance requirements under SOC 2, ISO 27001, HIPAA, and related standards.
• Develop Compliance Programs: Create, implement, and maintain cybersecurity policies, procedures, and supporting documentation to meet audit and certification objectives.
• Lead Compliance Projects: Oversee multiple client engagements, including audits, evidence collection, control mapping, and due diligence or incident response activities.
• Serve as Primary Client Contact: Manage high-complexity or long-term accounts, ensuring consistent delivery and strong client relationships.
• Communicate with Clients: Engage directly with U.S.-based clients via phone, email, and text to address compliance concerns and deliver expert guidance.
• Collaborate on Risk Management: Work with internal and external teams to identify, assess, and mitigate cybersecurity and compliance risks.
• Lead Client Engagements: Conduct client meetings, provide progress updates, and prepare clients for upcoming audits and assessments.
• Manage and Mentor Team Members: Provide direction, feedback, and professional development support to junior analysts.
• Handle Escalations: Resolve complex client issues and requests with professionalism and solution-oriented communication.
• Drive Process Improvement: Enhance standard operating procedures, playbooks, and compliance frameworks to strengthen operational effectiveness.

• Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
• 3+ years of leadership experience managing or guiding a small team
• Exceptional written and verbal English communication skills
• Proven ability to work directly with clients in the US
• Experience working in cybersecurity compliance, including SOC 2, ISO 27001, or NIST CSF frameworks
• Familiarity with creating and enforcing cybersecurity policies
• Experience working in a tech company with a focus on cybersecurity
• Thrives in a fast-paced startup environment

• Experience with HIPAA, PCI DSS, or additional frameworks
• Familiarity with Vanta or similar compliance automation platforms
• Certifications such as CISA, CISSP, ISO 27001 Lead Implementer, or Security+
• Prior experience handling audit coordination or third-party assessments

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.
• Must be amenable to start January or February 2026

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.