GRC Engineer I
Workstreet · United States · 2 mo ago
RemoteRemoteEngineeringFull-time
About Workstreet
We are dedicated to helping businesses scale securely through the design and implementation of cutting-edge security and compliance programs. Our expertise spans various frameworks including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP.
Job Summary
We are seeking a highly motivated and detail-oriented GRC Engineer I to join our fast-growing team. The ideal candidate should have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.
Responsibilities
- Support Compliance Initiatives: Assist in implementing and maintaining cybersecurity compliance programs aligned with SOC 2, ISO 27001, and other regulatory standards.
- Maintain Documentation: Develop and update cybersecurity policies, procedures, and control evidence to support audits and assessments.
- Aid in Risk Mitigation: Work with internal and external teams to identify, track, and help remediate cybersecurity risks and control gaps.
- Cook up Project Tasks: Support multiple compliance projects by managing documentation, timelines, and deliverables under senior guidance.
- Communicate with Clients: Engage with clients via email, chat, and calls to gather evidence, clarify compliance requirements, and provide timely updates.
- Perform Control Testing: Conduct basic control checks and assist in readiness reviews to ensure continuous compliance with internal and external standards.
- Collaborate Cross-Functionally: Partner with IT, security, and operations teams to implement corrective actions and strengthen compliance posture.
- Learn and Grow: Receive mentorship from senior team members and contribute to improving processes, templates, and playbooks for compliance delivery.
Requirements
- Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
- Exceptional written and verbal English communication skills
- Proven ability to work directly with clients in the US
- Experience working in cybersecurity compliance, including SOC 2, ISO 27001, or NIST CSF frameworks
- Familiarity with creating and enforcing cybersecurity policies
- Experience working in a tech company with a focus on cybersecurity
- Thrives in a fast-paced startup environment
- Familiarity with Vanta or similar compliance automation platforms
- Additional experience with frameworks such as GDPR, HIPAA, or PCI DSS
- Certifications such as ISO 27001 Lead Implementer, CISA, or Security+
Qualifications
- Clear path with mentorship and training opportunities
- Comprehensive onboarding on security and compliance frameworks
- Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities
- Growth Opportunity: Early-stage company with significant room for career advancement
- Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team
- Reliable high-speed internet connection
- Quiet, professional home office setup
Benefits
- Equal Opportunity Employer
- Background Check Required
Pay
Competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
Schedule
US Eastern Time zone hours.