GRC Manager / SOC 2 / Onsite in Vienna, VA

A high-growth technology startup in Vienna, VA is seeking a GRC Manager to build and lead its compliance program end-to-end. They are looking for someone who can work onsite in Vienna. The GRC Manager will operate at the intersection of engineering, infrastructure, legal, and operations, ensuring that compliance programs are not only audit-ready but deeply embedded into how the organization operates. This person will be responsible for owning Compliance, building foundations for scalable frameworks such as

SOC 2, ISO

27001, GDPR and Fedramp, owning SOC 2 Audits, and maintaining the IT risk register.. Required Skills & Experience 3-5 years of experience in GRC, compliance, or IT audit, ideally within a SaaS or highly technical environment Proven, hands-on experience leading SOC 2 audits (direct ownership, not advisory roles) Strong ability to understand and engage with complex technical architecture, including non-standard environments Background in SRE, security engineering, engineering, or a related technical field (education and/or experience) Experience working with AWS and/or Google Cloud Platform, as well as Infrastructure as Code (IaC) environments Strong written communication skills, including the ability to author policies and customer-facing documentation Ability to operate effectively in fast-paced, high-growth environments Familiarity with ISO 27001, GDPR, and/or FedRAMP frameworks Experience supporting Legal in security-related contract negotiations and DPAs Professional certifications such as CISA, CISSP, CISM, CCSK, or similar) What You Will Be Doing The Offer Bonus eligible You will receive the following benefits: Medical, Dental, and Vision Insurance Generous Vacation Time Company equity Applicants must be currently authorized to work in the US on a full-time basis now and in the future. #LI-CK2