This job offer is no longer available
Manager, GRC Engineering
Workstreet
- New York, New York, United States
- New York, New York, United States
About
SOC 2, ISO 27001, GDPR, HIPAA, and more
—empowering companies to meet regulatory standards while strengthening their cybersecurity posture from day one. The Opportunity
We’re seeking a
Compliance and Security Analyst (Compliance & Security Extraordinaire)
to join our global team. This role is focused on managing compliance programs and ensuring adherence to key frameworks such as
SOC 2, ISO 27001, and HIPAA
for our clients. The ideal candidate will bring hands-on experience in
policy writing, SOC 2 Type 1 and Type 2 implementations
, and
technical control management
across cloud environments including
AWS, GCP, and Azure
. This is a highly visible role that bridges technical depth, compliance rigor, and client collaboration. What You’ll Do
Develop, write, and maintain
policies, procedures, and documentation
to support compliance with SOC 2, ISO 27001, and related standards. Lead and manage
SOC 2 Type 1 and Type 2 implementation projects
across multiple clients. Implement and monitor
technical controls
in
cloud environments (AWS, GCP, Azure)
to ensure security best practices. Conduct
internal security audits and risk assessments
, identifying vulnerabilities and recommending improvements. Collaborate cross-functionally with engineering, operations, and client teams to embed compliance and security processes into day-to-day workflows. Stay current with
regulatory developments, cybersecurity trends
, and evolving compliance requirements. Operate confidently in compliance platforms such as
Drata, Vanta, and SecureFrame
. Who You Are
Bachelor’s degree in
Information Technology, Cybersecurity, Computer Science
, or a related discipline. Proven experience in
managing compliance programs
and working with
SOC 2
and
ISO 27001
frameworks. Strong knowledge of
cloud infrastructure security
across AWS, GCP, and Azure. Excellent written and verbal communication skills with strong attention to detail. Self-starter who thrives in a
fast-paced, remote-first startup
environment. Analytical, organized, and proactive — with a strong sense of ownership and accountability. Nice to Have
Experience in a
Big 4
or other professional services environment is a
plus (Preferred) Professional certifications such as
CISA, CISSP, CISM
, or
ISO 27001 Lead Implementer/Auditor
. Experience in delivering
security awareness and compliance training programs
. Familiarity with additional frameworks and regulations including
GDPR, HIPAA, NIST, or FedRAMP
. Hands-on experience using
compliance automation tools
like
Drata, Vanta, SecureFrame, or Tugboat Logic
. What We Offer
Competitive Compensation:
Fair, transparent pay aligned with your experience and impact. Remote-First Flexibility:
Work from anywhere in the world while collaborating with a distributed team. Career Growth:
Opportunity to grow into advanced roles such as
vCISO
or senior compliance leadership. Meaningful Work:
Partner with innovative, security-driven organizations across industries. Learning Culture:
Continuous exposure to evolving frameworks, technologies, and compliance standards. Workstreet Is An Equal Opportunity Employer As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.