×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Manager, GRC Engineering

Job in Merthyr Tydfil, Merthyr Tydfil County, CF47, Wales, UK
Listing for: Workstreet
Full Time position
Listed on 2026-06-07
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

About Workstreet

At Workstreet, we’re on an exciting journey to help businesses scale securely by designing and implementing cutting‑edge security and compliance programs. As a fast‑growing startup, we specialize in a wide range of frameworks—including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP—empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

Opportunity

We are seeking a Manager, GRC Engineering who leads with a client‑first mindset and brings exceptional relationship management skills to every engagement. The ideal candidate is an experienced client manager who knows how to build trust, navigate complex accounts, and deliver an outstanding client experience—while also bringing deep expertise in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF.

The successful candidate will be able to come up to speed quickly, integrate into the organization, and take on clients within your first 15 days.

What You'll Do Client Relationship Management (Primary Focus)
  • Own the client experience: serve as the primary point of contact for a portfolio of client accounts, building strong, trusted relationships and ensuring clients feel supported, informed, and valued throughout every engagement.
  • Lead client engagements: guide clients through compliance initiatives end-to-end—from kickoff through certification—providing clear communication, proactive updates, and expert guidance at every milestone.
  • Handle escalations with professionalism: resolve complex client issues and requests with urgency, composure, and a solution‑oriented approach that reinforces confidence and long‑term retention.
  • Be a trusted advisor: understand each client’s unique business context and deliver compliance guidance that is practical, actionable, and tailored to their needs.
  • Collaborate cross‑functionally: partner with internal teams and client stakeholders to embed security and compliance best practices and resolve issues quickly.
Team Leadership
  • Manage and develop a pod of analysts: lead a team of 3–5 analysts through coaching, mentorship, and performance management, fostering accountability, quality, and professional growth.
  • Drive consistent delivery: ensure the team meets deadlines and delivers high‑quality work across all active client engagements, stepping in to support where needed.
GRC & Compliance Execution
  • Develop and maintain compliance frameworks: create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards.
  • Lead compliance certifications: oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi‑cloud environments (AWS, GCP, Azure).
  • Conduct risk and security audits: perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture.
  • Monitor regulatory developments: stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls.
  • Leverage compliance automation tools: utilize platforms such as Drata, Vanta, and Secure Frame to track compliance metrics and ensure continuous audit readiness.
Required
  • Demonstrated experience managing client relationships directly—comfortable owning accounts, leading difficult conversations, and being the trusted face of an engagement.
  • Exceptional professionalism in all client‑facing communication, with outstanding written and verbal English skills.
  • 5+ years of experience managing or leading a team.
  • Proven experience managing compliance programs with hands‑on familiarity with SOC 2 and ISO 27001 frameworks.
  • Strong knowledge of technical control implementation in cloud platforms (AWS, GCP, Azure).
  • Ability to manage multiple compliance projects simultaneously without sacrificing client experience or quality.
  • Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
  • Ability to work independently with a strong sense of initiative.
  • Amenable to working UK time zone hours.
Nice to Have
  • Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity.
  • Relevant…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search