Senior GRC Engineer

This is a fully remote position, open to applicants in India.

📋 Description

• Take ownership of the Client Experience: Act as the primary contact for a portfolio of complex, long-term client accounts, ensuring consistent service delivery, proactive communication, and robust relationships throughout the engagement process.

• Lead Client Engagements: Facilitate regular meetings with clients, provide progress updates, set expectations, and guide clients through audits, assessments, and compliance milestones with assurance and clarity.

• Communicate with Care: Interact directly with U.S.-based clients through phone, email, and text to address compliance issues, offer expert advice, and guarantee that clients feel supported and informed at all times.

• Handle Escalations: Address complex client issues promptly and professionally, utilizing a solution-focused approach that enhances client trust and satisfaction.

• Be a Trusted Advisor: Cultivate long-term relationships by comprehending each client's unique business landscape and providing practical, relevant, and actionable compliance guidance.

• Manage and Develop a Pod of Analysts: Offer daily direction, constructive feedback, and professional growth support to a small team of junior analysts, fostering a culture of high performance and collaboration.

• Drive Accountability: Ensure the pod delivers high-quality work punctually across all active client engagements, stepping in to assist and mentor as necessary.

• Interpret Regulatory Frameworks: Analyze and apply cybersecurity compliance mandates under SOC 2, ISO 27001, HIPAA, NIST CSF, and related standards.

• Lead Compliance Projects: Manage multiple client engagements simultaneously, encompassing audits, evidence collection, control mapping, and due diligence or incident response activities.

• Develop Compliance Programs: Design, implement, and maintain cybersecurity policies, procedures, and supporting documentation to achieve audit and certification goals.

• Collaborate on Risk Management: Partner with internal and external teams to identify, assess, and mitigate cybersecurity and compliance risks.

• Drive Process Improvement: Enhance standard operating procedures, playbooks, and compliance frameworks to improve operational efficiency.

⛳️ Requirements

• Proven experience in managing client relationships directly — comfortable taking ownership of accounts, navigating challenging conversations, and representing the engagement.

• Exceptional professionalism in all client-facing communications, with excellent written and verbal English skills.

• Over 3 years of experience managing or leading a small team (pod, squad, or similar structure).

• More than 3 years of experience in cybersecurity compliance, including hands-on work with SOC 2, ISO 27001, or NIST CSF frameworks.

• Demonstrated ability to manage multiple compliance projects simultaneously without compromising quality or client experience.

• Strong organizational abilities and the capacity to excel in a fast-paced startup environment.

• Familiarity with the creation and enforcement of cybersecurity policies.

• Experience in a tech company with a focus on cybersecurity.

🏝️ Benefits

• Career Development: Clear growth trajectory with mentorship and training opportunities.

• Technical Training: Thorough onboarding on security and compliance frameworks.

• Competitive Compensation: Attractive base salary with regular performance evaluations, merit-based assessments, and bonus opportunities.

• Growth Opportunity: Early-stage company offering substantial potential for career advancement.

• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.