GRC Engineer I

The Opportunity 

We are seeking a highly motivated and detail-oriented GRC Engineer I to join our fast-growing team. The ideal candidate will have a solid background in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.

This role requires strong communication skills and the ability to manage multiple cybersecurity compliance projects simultaneously. The successful candidate will also have experience overseeing or managing a small team, while ensuring client engagements are delivered effectively and aligned with Workstreet’s security objectives.

What You'll Do

• Support Compliance Initiatives: Assist in implementing and maintaining cybersecurity compliance programs aligned with SOC 2, ISO 27001, and other regulatory standards.
• Maintain Documentation: Develop and update cybersecurity policies, procedures, and control evidence to support audits and assessments.
• Assist in Risk Mitigation: Work with internal and external teams to identify, track, and help remediate cybersecurity risks and control gaps.
• Coordinate Project Tasks: Support multiple compliance projects by managing documentation, timelines, and deliverables under senior guidance.
• Communicate with Clients: Engage with clients via email, chat, and calls to gather evidence, clarify compliance requirements, and provide timely updates.
• Perform Control Testing: Conduct basic control checks and assist in readiness reviews to ensure continuous compliance with internal and external standards.
• Collaborate Cross-Functionally: Partner with IT, security, and operations teams to implement corrective actions and strengthen compliance posture.
• Learn and Grow: Receive mentorship from senior team members and contribute to improving processes, templates, and playbooks for compliance delivery.

Who You Are

• Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
• Exceptional written and verbal English communication skills
• Proven ability to work directly with clients in the US
• Experience working in cybersecurity compliance, including SOC 2, ISO 27001, or NIST CSF frameworks
• Familiarity with creating and enforcing cybersecurity policies
• Experience working in a tech company with a focus on cybersecurity
• Thrives in a fast-paced startup environment

Nice to Have 

• Familiarity with Vanta or similar compliance automation platforms
• Additional experience with frameworks such as GDPR, HIPAA, or PCI DSS
• Certifications such as ISO 27001 Lead Implementer, CISA, or Security+

What We Offer

• Career Development: Clear path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
• Growth Opportunity: Early-stage company with significant room for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.

Work Environment Requirements

• Reliable high-speed internet connection.
• Quiet, professional home office setup.
• Must be amenable to work US Eastern Time zone hours.
• Fluency in written and verbal English communication skills.

Workstreet Is An Equal Opportunity Employer

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.