GRC Analyst - Third Party Risk

Posted Yesterday
Easy Apply
Be an Early Applicant
Boston, MA, USA
Hybrid
Junior
Fitness • Hardware • Healthtech • Sports • Wearables
Power your performance with 24/7 data
The Role
Support WHOOP's GRC program by managing third-party vendor risk intake, performing vendor risk reviews and reassessments, tracking remediation, coordinating cross-functional follow-up, and improving workflows, reporting, templates, and automation.
Summary Generated by Built In

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment.

The key focus of this role will be helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively. You will use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience.

RESPONSIBILITIES:

  • Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution

  • Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners

  • Assist with third-party risk program management activities

QUALIFICATIONS:

  • 2+ years of experience in GRC - third-party risk management experience preferred

  • Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS

  • Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management

  • Being a team player and working to achieve common goal in a dynamic setting

  • A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.

Skills Required

  • 2+ years of experience in GRC
  • Third-party risk management experience
  • Understanding of cybersecurity compliance frameworks and controls (ISO 27001, NIST CSF, COSO, SOC 2, PCI-DSS)
  • Strong organizational and operational discipline with clear escalation and recommendation skills
  • Ability to coordinate cross-functionally with Security, Legal, Privacy, Procurement, IT, Finance, and business owners
  • Team player, able to work collaboratively in a dynamic environment
  • Bachelor's degree (any discipline)
  • Degree in computer science, cybersecurity, risk, or technology

What the Team is Saying

Josh
Manan Dedhia
Anahis

WHOOP Compensation & Benefits Highlights

  • Parental & Family Support Parental leave is described as generous, with an additional transition period to support return-to-work. Feedback suggests this policy stands out within the overall package.
  • Wellbeing & Lifestyle Benefits Wellness stipends, free WHOOP memberships (including a giftable one), a sleep-performance cash incentive, daily meals, and access to onsite gym and recovery tools create a lifestyle-oriented offering. Feedback suggests these perks meaningfully enhance the total rewards experience beyond base pay.
  • Equity Value & Accessibility Equity participation and stock option eligibility are highlighted, and ownership is portrayed as rewarding as the company grows. Feedback suggests this sense of ownership positively influences perceptions of compensation.

WHOOP Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Boston, MA
500 Employees
Year Founded: 2012

What We Do

At WHOOP, we’re on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. Our wearable device and performance optimization platform has been adopted by many of the world's greatest athletes and consumers alike.

Why Work With Us

At WHOOP, we’re focused on building an inclusive and equitable team with a strong sense of belonging for everyone—increasing representation in every way as our team grows. We believe that our differences are our source of strength—so much so it’s one of our core values.


Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

WHOOP Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: 4 days a week
HQBoston, MA
Limerick, Limerick, V94 4D83 Ireland
Learn more

Similar Jobs

WHOOP Logo WHOOP

Senior Financial Analyst

Fitness • Hardware • Healthtech • Sports • Wearables
Easy Apply
Hybrid
Boston, MA, USA
500 Employees
115K-155K Annually

WHOOP Logo WHOOP

Senior Lead, DTC Commercial Planning & Strategy

Fitness • Hardware • Healthtech • Sports • Wearables
Easy Apply
Hybrid
Boston, MA, USA
500 Employees

WHOOP Logo WHOOP

Senior Machine Learning Engineer

Fitness • Hardware • Healthtech • Sports • Wearables
Easy Apply
Hybrid
Boston, MA, USA
500 Employees

WHOOP Logo WHOOP

VP, Product (AI)

Fitness • Hardware • Healthtech • Sports • Wearables
Easy Apply
Hybrid
Boston, MA, USA
500 Employees
200K-300K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account