Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior GRC Analyst

$130k - $170k
Full-time

Whoop

At WHOOP, we are on a mission to unlock human performance and extend healthspan. The Governance, Risk, and Compliance (GRC) team helps ensure technology and cybersecurity risks are identified, assessed, and communicated clearly across the organization. WHOOP is seeking an execution-oriented Senior Governance, Risk, and Compliance Analyst to lead the day-to-day execution and support the ongoing operation of the GRC program in a fast-paced, high-growth environment. This role is responsible for operations of GRC initiatives - including but not limited to structured cybersecurity and AI risk assessments, exceptions management, SDLC reviews and security compliance process ownership. The role will partner closely with Legal, Security, Product, and other teams to advance compliance objectives, reduce enterprise risk, and strengthen operational resilience. The ideal candidate combines strong analytical thinking, critical risk mind-set with the ability to communicate complex risk scenarios clearly to both technical and non-technical stakeholders.

RESPONSIBILITIES:

● Lead cyber, AI, and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control effectiveness, and residual risk ● Maintain and operate the enterprise cyber risk register, including drafting risk statements, tracking mitigation plans, and supporting governance and reporting processes ● Translate technical findings, architectural concerns, and control gaps into clear business risk scenarios that support prioritization and decision-making ● Support and help mature quantitative cyber risk analysis approaches such as FAIR to improve how risk is measured and communicated ● Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting ● Partner with Security Architecture to assess risk in system designs, cloud architecture, identity models, data flows, and platform changes ● Collaborate with Security Engineering, Product Security, Legal, IT, and business teams to evaluate new initiatives, technology changes, artificial intelligence use cases, and third-party integrations through a risk lens ● Conduct risk assessments for emerging technologies including artificial intelligence and machine learning systems, evaluating data usage, model behavior, external dependencies, and security implications ● Develop dashboards and reporting that provide leadership with visibility into key cybersecurity risks and trends. ● Contribute to the continued development of cyber risk management processes

QUALIFICATIONS:

● 6+ years of experience in cybersecurity or enterprise risk management, information security, or a related field
  • Demonstrated experience conducting structured cybersecurity or IT risk assessments
  • Experience maintaining risk registers and tracking risk mitigation or treatment activities
  • Deep understanding of security frameworks such as NIST CSF, ISO 27001, or PCI DSS,
and familiarity with regulatory environments such as GDPR, HIPAA or other privacy and data protection requirements ● Ability to translate technical findings into clear business risk for non-technical stakeholders ● Strong written and verbal communication skills with experience presenting findings to cross-functional teams ● Experience assessing risks related to artificial intelligence, machine learning systems, or emerging technologies, including familiarity with emerging AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or similar standards ● Professional certifications such as CRISC, CISSP, CISA, or CGRC are a plus This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office. Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success. The U.S. base salary range for this full-time position is $130,000 - $170,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.

Vacancy posted 10 hours ago
Similar jobs that could be interesting for youBased on the Senior GRC Analyst in Boston, MA vacancy
  • Forrester Research, based in Cambridge, MA, is seeking a Senior Analyst to deliver strategic advice and conduct research for risk management leaders. The ideal candidate will possess strong knowledge of risk practices, cyber risk quantification, and excellent communication... 
    Senior

    Forrester

    Cambridge, MA
    3 days ago
  • Hampton North recruits a GRC Analyst to support governance, risk, and compliance with a focus on third-party vendor risk. You will own intake, triage, and completion of vendor assessment requests, keeping them moving through review across a fast-paced, cross-functional... 
    Suggested
    Remote job

    Hampton North

    Boston, MA
    1 day ago
  • $70k - $110k

    As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail... 
    Suggested
    Full time
    Work at office
    Relocation

    Whoop

    Boston, MA
    17 hours ago
  • $60k - $90k

    As a GRC Analyst, Operations & Risk, you will support the WHOOP Governance, Risk, and Compliance program by helping manage GRC intake, coordinate third-party risk activities, strengthen operational workflows, and improve visibility across risk and compliance work. This... 
    Suggested
    Full time
    Work at office
    Relocation

    WHOOP

    Boston, MA
    4 days ago
  • WHOOP is seeking a GRC Analyst in Boston to support the Governance, Risk, and Compliance program and manage third-party vendor risk reviews within cross-functional security workflows. You will review, prioritize, route, track, and complete vendor assessments, using intake... 
    Suggested
    Relocation

    Whoop

    Boston, MA
    17 hours ago
  • $70k - $80k

     ...As a GRC Cybersecurity Analyst (CA), you will play a pivotal role securing our clients’ infrastructure, data and software. Beyond helping our clients...  ...not quite large enough yet to hire a full-time “C-level” senior security leader, like a Chief Information Security Officer... 
    Full time
    Work at office

    Fractional CISO

    Newton, MA
    17 hours ago
  • $60k - $90k

    Whoop is searching for a GRC Analyst in Boston, MA, to enhance the Governance, Risk, and Compliance program. This role involves managing GRC intake processes, coordinating third-party risk reviews, and ensuring effective compliance operations. The ideal candidate will have... 

    Whoop

    Boston, MA
    2 days ago
  • Berkshire Hathaway Specialty Insurance (BHSI) in Boston seeks a Technology Senior Risk Analyst to mature the Technology Risk Management pillar and partner with Technology leadership across the enterprise. You'll evaluate risk posture, provide independent challenge, and... 
    Senior
    Worldwide

    BHSI

    Boston, MA
    4 days ago
  •  ...Governance Risk Audit & Compliance (GRAC) team as a Technology Senior Risk Analyst to support and mature the Technology Risk Management pillar,...  ...in Technology risk, Technology audit/compliance, or cyber GRC Experience running RCSAs, defining KRIs/KPIs, and presenting... 
    Senior
    Temporary work
    Flexible hours

    Berkshire Hathaway Specialty Insurance

    Boston, MA
    4 days ago
  •  ...Eacademy Sanofi is seeking a Senior Principal Scientist I in Cambridge, MA, to lead a team developing functional biomarkers and immunophenotyping panels. The role requires a Ph.D. and extensive experience in flow cytometry, assay design, and managing teams. This position... 
    Senior

    Eacademy Sanofi

    Cambridge, MA
    1 day ago
  •  ...Sanofi is seeking a Senior Principal Scientist I - Functional Biomarkers to lead a team in Cambridge, MA. This role involves developing and implementing complex biomarker assays and ensuring compliance with regulatory standards. The ideal candidate will have a Ph.D. and... 
    Senior

    Sanofi

    Somerville, MA
    17 hours ago
  •  ...insurance, reinsurance, and broker clients. This role reports to the Senior Manager for the Casualty Catastrophe Modeling Consulting and...  ...in place to support our clients Manage a Catastrophe Risk Analyst and recruit new analysts and consultants as the business grows... 
    Senior
    Worldwide

    Verisk Analytics

    Boston, MA
    2 days ago
  •  ...EY is seeking a Senior Manager for its Life Sciences Regulatory Submissions practice based in Boston. This role focuses on driving growth and establishing EY as a leader in regulatory compliance. The ideal candidate will have extensive experience in regulatory submissions... 
    Senior

    EY

    Boston, MA
    17 hours ago
  • Initial Therapeutics, Inc. is seeking a seasoned professional for a role in Global Regulatory Affairs, focusing on Chemistry Manufacturing & Controls. The successful candidate will lead the development of regulatory CMC strategies and manage submissions critical to product...
    Senior

    Initial Therapeutics, Inc.

    Boston, MA
    17 hours ago
  • A medical device company in Cambridge, MA, is seeking a Regulatory Affairs professional to lead regulatory strategies for Class II medical devices. Responsibilities include managing FDA submissions, ensuring regulatory compliance throughout product development, and collaborating...
    Senior

    Medella Life

    Cambridge, MA
    4 days ago
  • A leading healthcare institution in Boston seeks a Sr. Principal Scientist to oversee operations in a GMP lab, focusing on the production and quality control of radiopharmaceuticals. The ideal candidate will have extensive experience in aseptic operations, knowledge of...
    Senior

    The University of Texas MD Anderson Cancer Center

    Boston, MA
    4 days ago
  •  ...with LMI Investment Business Units (IBUs) portfolio managers and analysts to support new investment reviews and portfolio changes,...  ...constraints. Produce monthly and quarterly portfolio risk reviews for senior stakeholders and committees; provide ad hoc deep dives to... 
    Senior
    Work experience placement

    Liberty Mutual Insurance

    Boston, MA
    17 hours ago
  •  ...A global investment firm in Boston is seeking a Senior Principal to lead Talent Management. This role focuses on strategic and hands-on talent lifecycle management, fostering a high-performance culture. Candidates should have 10-15 years of experience across various human... 
    Senior

    Partners Capital

    Boston, MA
    17 hours ago
  • $160k - $180k

     ...Governance Risk Audit & Compliance (GRAC) team as a Technology Senior Risk Analyst. In this newly created role, the Technology Senior Risk...  ...experience in Technology risk, Technology audit/compliance, or cyber GRC. Experience running RCSAs, defining KRIs/KPIs, and... 
    Senior
    Temporary work
    Flexible hours

    BHSI

    Boston, MA
    17 hours ago
  •  ...A leading technology firm in Boston seeks a Senior Industry Principal to advise C-suite stakeholders on supply chain transformation. This remote position requires 10-15 years of experience in consulting or industry leadership. The ideal candidate will possess deep expertise... 
    Senior
    Remote work

    Kinaxis

    Boston, MA
    17 hours ago
  •  ...Senior Director, Principal Gifts About the Company Philanthropic organization supporting Indigenous culture & individuals Industry Non-Profit Organization Management Type Non Profit Founded 2017 Employees 11-50 Categories... 
    Senior

    Confidential

    Boston, MA
    17 hours ago
  •  ...Join to apply for the Senior Regulatory Affairs Manager role at Katalyst CRO . Location: Cambridge, MA Responsibilities Lead the development, integration, execution and maintenance of the global nonclinical and clinical regulatory strategy for the Global Regulatory Plan... 
    Senior
    Contract work

    Katalyst CRO

    Boston, MA
    1 day ago
  • $95.6k - $143.4k

     ...HubSpot is seeking a Senior Third Party Risk & Integration Security Engineer t o join our expanding IAM, Third Party Risk Management, and Enterprise Application Management team. This role is based on the idea of "external party security" and combines technical security... 
    Senior
    For contractors
    Live out
    Work at office
    Remote work

    HubSpot

    Cambridge, MA
    3 days ago
  •  ...Senior Manager – Regulatory Affairs Operations Location - Cambridge, MA (Hybrid) Oncology Biotech | Global Clinical Programs I’m currently supporting an innovative clinical-stage biotechnology company developing next-generation therapies in oncology. With multiple clinical... 
    Senior

    Meet Life Sciences

    Boston, MA
    2 days ago
  •  ...manufacturing — with strategic partners including NVIDIA, Databricks, Thermo Fisher, Snowflake, Google, and Microsoft. The Role This is a senior IC role at the intersection of regulatory compliance, customer‑facing authority, and cross‑functional product partnership. You will... 
    Senior

    Insilico Search Partners

    Boston, MA
    2 days ago
  • $70k - $80k

     ...Overview First Line Senior Risk Analyst. As the First Line Sr. Risk Analyst, you will participate, along with the first line risk teams, to define the target state for monitoring and testing for assigned products, processes and services. You will be responsible for assessing... 
    Senior
    Work experience placement
    Local area
    Monday to Friday
    Flexible hours

    Citizens

    Boston, MA
    2 days ago
  • EY in the United States is seeking a Senior Consultant to lead risk and controls projects in the Power & Utilities sector, focusing on regulatory compliance and operational efficiency. You will analyze information systems, conduct fieldwork, mentor junior staff, and collaborate... 
    Senior
    Flexible hours

    EY

    Boston, MA
    3 days ago
  • Wellington Management is seeking a Principal Business Analyst in Boston to lead the evolution of their risk platform. This role focuses on enhancing risk modeling and reporting capabilities, requiring a strong background in risk management and financial services and collaboration... 
    Senior

    Wellington Management

    Boston, MA
    3 days ago
  • $120k - $225k

    Wellington Management Company is seeking a Principal Business Analyst in Risk Technology, located in Boston. This role involves leading the risk platform by enhancing risk data quality and collaborating with analytics teams to ensure effective risk management. The ideal... 
    Senior

    Wellington Management Company

    Boston, MA
    3 days ago
  • Apnimed, a pharmaceutical company based in Cambridge, is hiring a Senior Director of Regulatory Affairs Advertising/Promotion. This leadership position will guide the FDA promotional strategy and ensure compliance while paving the way for innovative product launches. The... 
    Senior

    Apnimed

    Cambridge, MA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior GRC Analyst. Be the first to apply!