About Workstreet
At Workstreet, we’re on an exciting journey to help businesses scale securely by building and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in compliance frameworks like SOC 2, ISO 27001, and GDPR, empowering companies to meet regulatory standards and strengthen their cybersecurity posture from day one. We’ve partnered with Vanta, which has significantly driven our business and contributed to our growth!
The OpportunityWe are seeking a Manager, GRC Engineering who is highly motivated, detail-oriented, and experienced in leading cybersecurity compliance initiatives. The ideal candidate will have a solid background in frameworks such as SOC 2, ISO 27001, and NIST CSF, along with strong communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously.
As part of our GRC leadership team, you will manage compliance programs, oversee client engagements, and ensure adherence to industry standards such as SOC 2, ISO 27001, HIPAA, and PCI DSS. This role also involves leading a small team of analysts, providing strategic direction, and ensuring the consistent delivery of high-quality compliance outcomes for Workstreet’s clients.
What You'll Do- Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards.
- Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi-cloud environments (AWS, GCP, Azure).
- Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture.
- Manage Compliance Team: Lead a team of 3–5 analysts through coaching, mentorship, and performance management to ensure quality and accountability.
- Collaborate Cross-Functionally: Partner with internal teams and clients to embed security and compliance best practices and resolve compliance escalations.
- Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls.
- Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness.
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
- 5+ years of experience managing a team.
- Proven experience in managing compliance programs and familiarity with SOC 2 and ISO 27001 frameworks.
- Strong knowledge of technical control implementation in cloud platforms such as AWS, GCP, and Azure.
- Excellent written and verbal communication skills in English.
- Ability to work independently with a strong sense of initiative.
- Must be amenable to working US Time zone hours.
- Relevant certifications (e.g., CISA, CISSP, CISM).
- Consulting experience
- Familiarity with other compliance frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA).
Top Skills
What We Do
Workstreet is an AI-powered security firm. We deliver full stack solutions that transform security and compliance from operational anchors into growth accelerators.
We work with thousands of companies - startups, hypergrowth scalers and enterprises that are at the cutting edge of disruptive innovation. Specifically, we support our customers with the following solutions:
• Virtual CISO - dedicated security teams to help our customers build and scale security programs
• AI Powered GRC Solutions - turnkey compliance for SOC2, ISO 27001, CMMC and 35+ frameworks
• Security Questionnaires - AI powered, human in the loop solution to accelerate GTM teams
• Penetration Testing - Penetration testing and vulnerability management for market and security demand
• Vanta Implementation - Expert Vanta implementation, integration and migration; we are Vanta's #1 security solutions partner
