openlevergaingels
GRC Analyst, Operations & Risk
WHOOP
LocationBoston, MA
Posted1778507726517
Last observed2026-06-13 05:23:01.799481
Job idgaingels-whoop:lever:3c091499-3208-4bf7-8ed7-44c463cc05ce
Support day-to-day GRC program operations – manage and triage GRC intakes and accurate tracking through resolution Perform and support third-party risk management activities, including vendor reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners Assist with risk program management activities Support security compliance monitoring and audit readiness activities, managing audit request lists and taking ownership of gathering security audit evidence to verify compliance with internal policies / regulations and industry best practices Coordinate security awareness and training program management activities 2+ years of experience in GRC, third-party risk management, security compliance, internal audit, risk management, or a related function Deep understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS Possess a strong risk mindset, exceptional attention to detail, and the ability to apply critical thinking when assessing complex issues and control gaps Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management Superior interpersonal and communication skills – verbal and written Being a team player and working to achieve common goal in a dynamic setting Strong commitment to embracing and leveraging AI tools in day-to-day tasks, ensuring AI-assisted work aligns with the same high-quality standards as personal contributions. A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred. CISA or CRISC certification preferred
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.