Workstreet, Inc.
At Workstreet, we're on an exciting journey to help businesses scale securely by designing and implementing cutting edge security and compliance programs. As a fast growing startup, we specialize in a wide range of frameworks-including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP-empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one. The Opportunity We are seeking a Manager, GRC Engineering who leads with a client first mindset and brings exceptional relationship management skills to every engagement. The ideal candidate is an experienced client manager who knows how to build trust, navigate complex accounts, and deliver an outstanding client experience - while also bringing deep expertise in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. The successful candidate will be able to come up to speed quickly, integrate into the organization, and take on clients within your first 15 days. You will serve as the primary point of contact for a portfolio of clients, leading engagements end to end, managing escalations with composure and urgency, and ensuring every client interaction reflects the highest standard of service. What You'll Do Client Relationship Management (Primary Focus) Own the Client Experience: Serve as the primary point of contact for a portfolio of client accounts, building strong, trusted relationships and ensuring clients feel supported, informed, and valued throughout every engagement. Lead Client Engagements: Guide clients through compliance initiatives end to end - from kickoff through certification - providing clear communication, proactive updates, and expert guidance at every milestone. Handle Escalations with Professionalism: Resolve complex client issues and requests with urgency, composure, and a solution oriented approach that reinforces confidence and long term retention. Be a Trusted Advisor: Understand each client's unique business context and deliver compliance guidance that is practical, actionable, and tailored to their needs. Collaborate Cross Functionally: Partner with internal teams and client stakeholders to embed security and compliance best practices and resolve issues quickly. Manage and Develop a Pod of Analysts: Lead a team of 3-5 analysts through coaching, mentorship, and performance management, fostering accountability, quality, and professional growth. Drive Consistent Delivery: Ensure the team meets deadlines and delivers high quality work across all active client engagements, stepping in to support where needed. GRC & Compliance Execution Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards. Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi cloud environments (AWS, GCP, Azure). Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture. Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls. Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness. Who You Are Required Demonstrated experience managing client relationships directly - you are comfortable owning accounts, leading difficult conversations, and being the trusted face of an engagement. Exceptional professionalism in all client facing communication, with outstanding written and verbal English skills. 5+ years of experience managing or leading a team. Proven experience managing compliance programs with hands on familiarity with SOC 2 and ISO 27001 frameworks. Strong knowledge of technical control implementation in cloud platforms (AWS, GCP, Azure). Ability to manage multiple compliance projects simultaneously without sacrificing client experience or quality. Bachelor's degree in Information Technology, Cybersecurity, or a related field. Ability to work independently with a strong sense of initiative. Amenable to working US time zone hours. Nice to Have Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity. Consulting experience. Familiarity with additional frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA). What We Offer Career Development: Clear growth path with mentorship and training opportunities. Technical Training: Comprehensive onboarding on security and compliance frameworks. Competitive Compensation: Competitive base salary with regular performance reviews, merit based appraisals, and bonus opportunities. Growth Opportunity: Early stage company with significant room for career advancement. Remote First Culture: Flexibility to work from anywhere while collaborating with a global team. Reliable high speed internet connection. Quiet, professional home office setup. Must be amenable to working UK time zone hours. Fluency in written and verbal English communication skills. Workstreet Is An Equal Opportunity Employer As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.
At Workstreet, we're on an exciting journey to help businesses scale securely by designing and implementing cutting edge security and compliance programs. As a fast growing startup, we specialize in a wide range of frameworks-including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP-empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one. The Opportunity We are seeking a Manager, GRC Engineering who leads with a client first mindset and brings exceptional relationship management skills to every engagement. The ideal candidate is an experienced client manager who knows how to build trust, navigate complex accounts, and deliver an outstanding client experience - while also bringing deep expertise in cybersecurity compliance frameworks such as SOC 2, ISO 27001, and NIST CSF. The successful candidate will be able to come up to speed quickly, integrate into the organization, and take on clients within your first 15 days. You will serve as the primary point of contact for a portfolio of clients, leading engagements end to end, managing escalations with composure and urgency, and ensuring every client interaction reflects the highest standard of service. What You'll Do Client Relationship Management (Primary Focus) Own the Client Experience: Serve as the primary point of contact for a portfolio of client accounts, building strong, trusted relationships and ensuring clients feel supported, informed, and valued throughout every engagement. Lead Client Engagements: Guide clients through compliance initiatives end to end - from kickoff through certification - providing clear communication, proactive updates, and expert guidance at every milestone. Handle Escalations with Professionalism: Resolve complex client issues and requests with urgency, composure, and a solution oriented approach that reinforces confidence and long term retention. Be a Trusted Advisor: Understand each client's unique business context and deliver compliance guidance that is practical, actionable, and tailored to their needs. Collaborate Cross Functionally: Partner with internal teams and client stakeholders to embed security and compliance best practices and resolve issues quickly. Manage and Develop a Pod of Analysts: Lead a team of 3-5 analysts through coaching, mentorship, and performance management, fostering accountability, quality, and professional growth. Drive Consistent Delivery: Ensure the team meets deadlines and delivers high quality work across all active client engagements, stepping in to support where needed. GRC & Compliance Execution Develop and Maintain Compliance Frameworks: Create, update, and align compliance policies, procedures, and technical controls with SOC 2 (Type 1 & 2), ISO 27001, HIPAA, and PCI DSS standards. Lead Compliance Certifications: Oversee and execute SOC 2 and ISO 27001 implementation and certification projects across multi cloud environments (AWS, GCP, Azure). Conduct Risk and Security Audits: Perform regular risk assessments and audits to identify vulnerabilities and enhance overall security posture. Monitor Regulatory Developments: Stay informed on evolving regulations and frameworks to maintain the relevance and accuracy of compliance controls. Leverage Compliance Automation Tools: Utilize platforms such as Drata, Vanta, and SecureFrame to track compliance metrics and ensure continuous audit readiness. Who You Are Required Demonstrated experience managing client relationships directly - you are comfortable owning accounts, leading difficult conversations, and being the trusted face of an engagement. Exceptional professionalism in all client facing communication, with outstanding written and verbal English skills. 5+ years of experience managing or leading a team. Proven experience managing compliance programs with hands on familiarity with SOC 2 and ISO 27001 frameworks. Strong knowledge of technical control implementation in cloud platforms (AWS, GCP, Azure). Ability to manage multiple compliance projects simultaneously without sacrificing client experience or quality. Bachelor's degree in Information Technology, Cybersecurity, or a related field. Ability to work independently with a strong sense of initiative. Amenable to working US time zone hours. Nice to Have Experience at a Big 4 firm (e.g., Deloitte, PwC, EY, KPMG) in an advisory or assurance capacity. Consulting experience. Familiarity with additional frameworks and regulations (e.g., HiTRUST, PCI DSS, NIST, GDPR, HIPAA). What We Offer Career Development: Clear growth path with mentorship and training opportunities. Technical Training: Comprehensive onboarding on security and compliance frameworks. Competitive Compensation: Competitive base salary with regular performance reviews, merit based appraisals, and bonus opportunities. Growth Opportunity: Early stage company with significant room for career advancement. Remote First Culture: Flexibility to work from anywhere while collaborating with a global team. Reliable high speed internet connection. Quiet, professional home office setup. Must be amenable to working UK time zone hours. Fluency in written and verbal English communication skills. Workstreet Is An Equal Opportunity Employer As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.
Adecco
Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)
