Senior Manager, GRC Engineering
Workstreet
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Oversee Compliance Projects: Manage and coordinate multiple cybersecurity compliance engagements, ensuring timely completion and adherence to relevant standards and frameworks.
- Lead and Develop Teams: Supervise and mentor managers and analysts across various accounts, fostering performance, collaboration, and professional growth.
- Drive Resource Strategy: Guide staffing, hiring, and resource allocation to optimize delivery efficiency and support department scalability.
- Manage Client Escalations: Address executive-level client concerns with professionalism, ensuring swift and effective resolution.
- Ensure Quality Standards: Conduct regular reviews of client communications, deliverables, and quality metrics to maintain consistency and excellence across projects.
- Implement Compliance Policies: Develop, execute, and maintain cybersecurity compliance policies and procedures aligned with industry best practices.
- Collaborate on Risk Mitigation: Partner with internal and external teams to identify, assess, and remediate cybersecurity risks.
- Engage Directly with Clients: Communicate with US-based clients to address compliance concerns and deliver expert guidance.
- Interpret Regulatory Frameworks: Analyze and apply cybersecurity regulations and standards, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC.
Requirements
- 8+ years working in cybersecurity compliance, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC frameworks
- 8+ years creating and enforcing cybersecurity policies
- 5+ years of proven experience leading and developing mid-sized teams in a fast-paced, results-driven environment
- Strong strategic thinking skills with experience driving cross-functional collaboration and aligning team goals with business objectives
- Proven ability to work directly with clients in the US
- Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
- Experience working in a tech company with a focus on cybersecurity
- Thrives in a fast-paced startup environment
- Exceptional written and verbal English communication skills.
- Nice to Have: Certifications such as CISA, CISSP, CISM, ISO 27001 Lead Implementer, or CRISC
- Experience managing GRC functions within a managed security services or consulting environment
- Familiarity with compliance automation platforms such as Vanta, Drata, or Secureframe
- Exposure to risk management or audit methodologies across multiple regulatory frameworks.
Benefits
- Career Development: Clear path with mentorship and training opportunities
- Technical Training: Comprehensive onboarding on security and compliance frameworks
- Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
- Growth Opportunity: Early-stage company with significant room for career advancement.
- Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecurity compliancecybersecurity policiesrisk managementaudit methodologiesSOC 2ISO 27001GDPRHIPAAPCI DSSNIST 800-171
Soft Skills
strategic thinkingcross-functional collaborationorganizational skillsclient communicationteam leadershipmentoringperformance managementprofessional growthproblem-solvingadaptability
Certifications
CISACISSPCISMISO 27001 Lead ImplementerCRISC