Manager, GRC Engineering

About The Position

Requirements

• Demonstrated experience managing client relationships directly — you are comfortable owning accounts, leading difficult conversations, and being the trusted face of an engagement
• Exceptional professionalism in all client-facing communication, with outstanding written and verbal English skills
• 5+ years of experience managing or leading a team
• Proven experience managing compliance programs with hands-on familiarity with SOC 2 and ISO 27001 frameworks
• Strong knowledge of technical control implementation in cloud platforms (AWS, GCP, Azure)
• Ability to manage multiple compliance projects simultaneously without sacrificing client experience or quality
• Bachelor's degree in Information Technology, Cybersecurity, or a related field
• Ability to work independently with a strong sense of initiative
• Amenable to working US time zone hours

Nice To Haves

• Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity
• Relevant certifications (e.g., CISA, CISSP, CISM)
• Consulting experience
• Familiarity with additional frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA)

Responsibilities

• Own the Client Experience: Serve as the primary point of contact for a portfolio of client accounts, building strong, trusted relationships and ensuring clients feel supported, informed, and valued throughout every engagement.
• Lead Client Engagements: Guide clients through compliance initiatives end-to-end — from kickoff through certification — providing clear communication, proactive updates, and expert guidance at every milestone.
• Handle Escalations with Professionalism: Resolve complex client issues and requests with urgency, composure, and a solution-oriented approach that reinforces confidence and long-term retention.
• Be a Trusted Advisor: Understand each client's unique business context and deliver compliance guidance that is practical, actionable, and tailored to their needs.
• Collaborate Cross-Functionally: Partner with internal teams and client stakeholders to embed security and compliance best practices and resolve issues quickly.
• Manage and Develop a Pod of Analysts: Lead a team of 3–5 analysts through coaching, mentorship, and performance management, fostering accountability, quality, and professional growth.
• Drive Consistent Delivery: Ensure the team meets deadlines and delivers high-quality work across all active client engagements, stepping in to support where needed.
• Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards.
• Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi-cloud environments (AWS, GCP, Azure).
• Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture.
• Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls.
• Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness.

Benefits

• Career Development: Clear growth path with mentorship and training opportunities
• Technical Training: Comprehensive onboarding on security and compliance frameworks
• Competitive Compensation: Competitive base salary with regular performance reviews, merit-based appraisals, and bonus opportunities
• Growth Opportunity: Early-stage company with significant room for career advancement
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team