Senior Manager, GRC Engineering
Workstreet · United States · 1 mo ago
RemoteRemoteEngineeringFull-time
About Workstreet
We help businesses scale securely by designing and implementing cutting-edge security and compliance programs. Our specialties include SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP.
Client Relationship Management (Primary Focus)
- Own Executive-Level Client Relationships: Serve as the senior point of contact for a portfolio of strategic accounts, building long-term trust and ensuring clients receive an exceptional, high-touch experience at every stage of the engagement.
- Lead and Guide Client Engagements: Provide strategic oversight across multiple compliance engagements, ensuring clients are well-informed, prepared, and confident throughout audits, certifications, and assessments.
- Manage Escalations at the Executive Level: Address complex, high-stakes client concerns with professionalism, urgency, and composure — turning challenging situations into opportunities to reinforce trust and loyalty.
- Be a Strategic Trusted Advisor: Understand the broader business goals of each client and deliver compliance guidance that is not just technically sound, but strategically aligned with their objectives.
- Ensure Quality Across All Client Touchpoints: Conduct regular reviews of client communications, deliverables, and quality metrics to maintain consistency and excellence across all engagements.
- Engage Directly with US-Based Clients: Communicate proactively via phone, email, and meetings to address compliance concerns and deliver expert, personalized guidance.
Team Leadership
- Lead and Develop a High-Performing Team: Supervise and mentor managers and analysts across various accounts, fostering a culture of performance, accountability, collaboration, and professional growth.
- Drive Resource Strategy: Guide staffing, hiring, and resource allocation to optimize delivery efficiency and support department scalability as the business grows.
- Set and Uphold Standards: Establish and enforce quality benchmarks across the team, ensuring every client-facing output meets Workstreet's high standards.
GRC & Compliance Execution
- Oversee Compliance Programs: Manage and coordinate multiple cybersecurity compliance engagements simultaneously, ensuring timely completion and adherence to relevant standards and frameworks.
- Implement Compliance Policies: Develop, execute, and maintain cybersecurity compliance policies and procedures aligned with industry best practices.
- Collaborate on Risk Mitigation: Partner with internal and external teams to identify, assess, and remediate cybersecurity risks.
- Interpret Regulatory Frameworks: Analyze and apply cybersecurity regulations and standards including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC.
Required
- Demonstrated experience managing client relationships at a senior or executive level — you are skilled at owning high-complexity accounts, navigating escalations, and delivering a consistently outstanding client experience
- Exceptional professionalism in all client-facing communication, with outstanding written and verbal English skills
- 5+ years of proven experience leading and developing mid-sized teams in a fast-paced, results-driven environment
- 8+ years of experience in cybersecurity compliance, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC frameworks
- 8+ years of experience creating and enforcing cybersecurity policies
- Strong strategic thinking skills with experience driving cross-functional collaboration and aligning team goals with business objectives
- Strong organizational skills with the ability to manage multiple compliance projects concurrently
- Experience working in a tech company with a focus on cybersecurity
- Thrives in a fast-paced startup environment
- Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity
- Experience managing GRC functions within a managed security services or consulting environment
- Certifications such as CISA, CISSP, CISM, ISO 27001 Lead Implementer, or CRISC
- Familiarity with compliance automation platforms such as Vanta, Drata, or Secureframe
- Exposure to risk management or audit methodologies across multiple regulatory frameworks
Career Development
- Clear growth path with mentorship and training opportunities
- Comprehensive onboarding on security and compliance frameworks
Compensation
- Competitive base salary with regular performance reviews, merit-based appraisals, and bonus opportunities
Growth Opportunity
- Early-stage company with significant room for career advancement
Company Culture
- Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team
- Reliable high-speed internet connection
- Quiet, professional home office setup
Background Check
- Employment with Workstreet is contingent upon the successful completion of a background check, which may include verification of employment history, education, and other relevant information, in compliance with applicable laws.
Delivery
- Remote (United States)