WHOOP

GRC Analyst - Third Party Risk

WHOOP$70K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 2+ years of experience in Governance, Risk, and Compliance (GRC) with a preference for third-party risk management.
  • Familiarity with cybersecurity compliance frameworks such as ISO 27001 and NIST CSF.
  • Highly organized with operational discipline for clear escalation and informed management recommendations.
  • Ability to collaborate effectively as part of a dynamic team towards common goals.
  • Bachelor's degree in any discipline, preferably in computer science, cybersecurity, or technology.

Responsibilities

  • Manage day-to-day triage and tracking of third-party vendor risk assessments.
  • Conduct vendor risk reviews and reassessments alongside cross-functional teams.
  • Support the management of third-party risk program activities including partner coordination and remediation.

Benefits

  • Generous equity package aligning employee interests with long-term company success.
  • Commitment to building a diverse and inclusive work environment.
  • Encouragement for candidates to apply even if they don't meet every qualification.
Full Job Description
As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment.

The key focus of this role will be helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively. You will use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience.

RESPONSIBILITIES:

  • Support day-to-day third-party vendor risk assessments - manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution
  • Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners
  • Assist with third-party risk program management activities


QUALIFICATIONS:

  • 2+ years of experience in GRC - third-party risk management experience preferred
  • Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls - ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS
  • Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management
  • Being a team player and working to achieve common goal in a dynamic setting
  • A minimum bachelor's degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.


This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.

Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.

The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values.

At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company's long-term growth and success.

The U.S. base salary range for this full-time position is $70,000 - $110,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training.

In addition to the base salary, the successful candidate will also receive benefits and a generous equity package.

These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate's specific qualifications, expertise, and alignment with the role's requirements.

About WHOOP

WHOOP is a wearable technology company that specializes in fitness tracking. The company was founded in 2012 and is based in Boston, Massachusetts. WHOOP's flagship product is a wristband that tracks various metrics related to fitness and health, such as heart rate variability, sleep quality, and recovery time. The company also offers a subscription service that provides personalized insights and recommendations based on the data collected by the wristband. WHOOP has raised over $200 million in funding and has partnerships with several professional sports leagues and teams.
Learn more about WHOOP
Size
500 employees
Industry
Founded
2011

Similar Jobs

  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    Short Hills, NJ 07078 (Essex County)
  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    Boston, MA 02115 (Suffolk County)
  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    Wilmington, DE 19805 (New Castle County)
  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    Philadelphia, PA 19120 (Philadelphia County)
  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    Los Angeles, CA 90011 (Los Angeles County)
  • DLA Piper
    Conflicts Analyst
    $70K — $110K *
    DLA Piper
    New York, NY 10025 (New York County)

More Jobs at WHOOP

More Information Technology Jobs

Find similar GRC Analyst - Third Party Risk jobs: