Best-in-class trust services for high-growth companies. Vanta’s biggest services partner.

Senior Manager, GRC Engineering

Software EngineerSoftware EngineerFull TimeRemoteTeam 11-50Since 2023H1B No SponsorCompany Site LinkedIn

Location

United States

Posted

47 days ago

Salary

Not specified

8 yrs expEnglishCyber SecuritySwift

Job Description

• Oversee Compliance Projects: Manage and coordinate multiple cybersecurity compliance engagements, ensuring timely completion and adherence to relevant standards and frameworks. • Lead and Develop Teams: Supervise and mentor managers and analysts across various accounts, fostering performance, collaboration, and professional growth. • Drive Resource Strategy: Guide staffing, hiring, and resource allocation to optimize delivery efficiency and support department scalability. • Manage Client Escalations: Address executive-level client concerns with professionalism, ensuring swift and effective resolution. • Ensure Quality Standards: Conduct regular reviews of client communications, deliverables, and quality metrics to maintain consistency and excellence across projects. • Implement Compliance Policies: Develop, execute, and maintain cybersecurity compliance policies and procedures aligned with industry best practices. • Collaborate on Risk Mitigation: Partner with internal and external teams to identify, assess, and remediate cybersecurity risks. • Engage Directly with Clients: Communicate with US-based clients to address compliance concerns and deliver expert guidance. • Interpret Regulatory Frameworks: Analyze and apply cybersecurity regulations and standards, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC.

Job Requirements

8+ years working in cybersecurity compliance, including SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HiTRUST, and NIST 800-171/CMMC frameworks
8+ years creating and enforcing cybersecurity policies
5+ years of proven experience leading and developing mid-sized teams in a fast-paced, results-driven environment
Strong strategic thinking skills with experience driving cross-functional collaboration and aligning team goals with business objectives
Proven ability to work directly with clients in the US
Strong organizational skills with the ability to manage multiple cybersecurity compliance projects concurrently
Experience working in a tech company with a focus on cybersecurity
Thrives in a fast-paced startup environment
Exceptional written and verbal English communication skills.
Nice to Have: Certifications such as CISA, CISSP, CISM, ISO 27001 Lead Implementer, or CRISC
Experience managing GRC functions within a managed security services or consulting environment
Familiarity with compliance automation platforms such as Vanta, Drata, or Secureframe
Exposure to risk management or audit methodologies across multiple regulatory frameworks.

Benefits

Career Development: Clear path with mentorship and training opportunities
Technical Training: Comprehensive onboarding on security and compliance frameworks
Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
Growth Opportunity: Early-stage company with significant room for career advancement.
Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.