As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment.
The key focus of this role will be helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively. You will use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience.
RESPONSIBILITIES:
Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution
Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners
Assist with third-party risk program management activities
QUALIFICATIONS:
2+ years of experience in GRC - third-party risk management experience preferred
Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS
Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management
Being a team player and working to achieve common goal in a dynamic setting
A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.
Skills Required
- 2+ years of experience in GRC
- Third-party risk management experience
- Understanding of cybersecurity compliance frameworks and controls (ISO 27001, NIST CSF, COSO, SOC 2, PCI-DSS)
- Strong organizational and operational discipline with clear escalation and recommendation skills
- Ability to coordinate cross-functionally with Security, Legal, Privacy, Procurement, IT, Finance, and business owners
- Team player, able to work collaboratively in a dynamic environment
- Bachelor's degree (any discipline)
- Degree in computer science, cybersecurity, risk, or technology
WHOOP Compensation & Benefits Highlights
-
Parental & Family Support — Parental leave is described as generous, with an additional transition period to support return-to-work. Feedback suggests this policy stands out within the overall package.
-
Wellbeing & Lifestyle Benefits — Wellness stipends, free WHOOP memberships (including a giftable one), a sleep-performance cash incentive, daily meals, and access to onsite gym and recovery tools create a lifestyle-oriented offering. Feedback suggests these perks meaningfully enhance the total rewards experience beyond base pay.
-
Equity Value & Accessibility — Equity participation and stock option eligibility are highlighted, and ownership is portrayed as rewarding as the company grows. Feedback suggests this sense of ownership positively influences perceptions of compensation.
WHOOP Insights
What We Do
At WHOOP, we’re on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. Our wearable device and performance optimization platform has been adopted by many of the world's greatest athletes and consumers alike.
Why Work With Us
At WHOOP, we’re focused on building an inclusive and equitable team with a strong sense of belonging for everyone—increasing representation in every way as our team grows. We believe that our differences are our source of strength—so much so it’s one of our core values.
Gallery
WHOOP Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.

.jpg)


.jpg)
