GRC Analyst - Third Party Risk
$70k - $110kWhoop
As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment. The key focus of this role will be helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively. You will use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience.
RESPONSIBILITIES:
Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners Assist with third-party risk program management activitiesQUALIFICATIONS:
2+ years of experience in GRC - third-party risk management experience preferred Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management Being a team player and working to achieve common goal in a dynamic setting A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred. This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office. Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success. The U.S. base salary range for this full-time position is $70,000 - $110,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.$60k - $90k
As a GRC Analyst, Operations & Risk, you will support the WHOOP Governance, Risk, and Compliance program by helping manage GRC intake, coordinate third-party risk activities, strengthen operational workflows, and improve visibility across risk and compliance work. This...RiskFull timeWork at officeRelocation$80k - $140k
Third Party Risk Management (TPRM) is a global, cross-functional program spanning all business units and legal entities, requiring coordinated engagement across Procurement, the First Line of Defense (business), and the Second Line of Defense. Business units are responsible...RiskTemporary workWork at officeFlexible hours- ...stakeholders and driving accountability across supplier ecosystems. The ideal candidate will have senior leadership experience in third-party risk and proven delivery of supplier assurance programmes, possessing strong influencing skills and strategic mindset. #J-18808-...Risk
$60k - $90k
Whoop is searching for a GRC Analyst in Boston, MA, to enhance the Governance, Risk, and Compliance program. This role involves managing GRC intake processes, coordinating third-party risk reviews, and ensuring effective compliance operations. The ideal candidate will...Risk$29.61 per hour
Operational Due Diligence Analyst Cambridge Associates ("CA") is a leading... ...29.61 hourly Full‑time Senior Risk & Compliance Analyst Lead... ...: $65,000.00 yearly Full‑time GRC Program Operations Specialist... ...resolution. Perform and support third‑party risk management a... Full‑time...RiskHourly payFull timePart time- GE Vernova in Cambridge, Massachusetts is seeking a Staff Digital Auditor to perform security assessments of Third Parties using established IT risk assessment frameworks. The successful candidate will prepare assessment reports, present findings to diverse audiences, and...Risk
- Vertex is seeking a Manager, TPRM Workflow & Risk Orchestration in Boston, MA. You will drive the design of third-party risk management workflows to enhance supplier lifecycle processes while ensuring compliance and efficiency. The ideal candidate has over 6 years of procurement...Risk
- Forrester Research, based in Cambridge, MA, is seeking a Senior Analyst to deliver strategic advice and conduct research for risk management leaders. The ideal candidate will possess strong knowledge of risk practices, cyber risk quantification, and excellent communication...Risk
- Northeastern University is hiring a Governance, Risk and Compliance Analyst in Boston. This hybrid role involves supporting compliance initiatives and NIST frameworks in government and higher education environments. The ideal candidate will have a Bachelor's degree, 2-4...Risk
$170k - $252.5k
...PurposeThe Managing Director leads the firm’s global approach to third-party and supply chain resilience assurance, ensuring external... ...assurance activity, testing evidence and remediation actions are risk-based, consistent and regulator-ready. The role partners closely...RiskTemporary workFlexible hours- Vertex Pharmaceuticals is seeking a Manager for TPRM Workflow & Risk Orchestration in Boston. This role focuses on embedding third-party risk management into the sourcing lifecycle while ensuring strong collaboration across various functions. Key responsibilities include...Risk
$75 per hour
Job Description We’re looking for a hands‑on ServiceNow GRC Analyst to join a growing Security organization and support the implementation... ...compliance regulations Understanding of regulatory environments or risk frameworks is a plus Prior experience documenting control...Risk- ...profitability through effective program management and oversight of Third-Party Administrator (TPA) programs. The ideal candidate will have a Bachelor’s Degree and over 5 years of experience in claims or risk management, particularly in Commercial Lines General Liability....Risk
$80k - $140k
STATE STREET CORPORATION is seeking a Third Party Risk Management professional in Boston, MA, to oversee vendor onboarding and risk management across business units. You will support Third-Party Risk Management initiatives and ensure compliance with regulatory standards...Risk$70k - $80k
...As a GRC Cybersecurity Analyst (CA), you will play a pivotal role securing our clients’ infrastructure, data and software. Beyond helping our clients... ...a vCISO to provide cybersecurity leadership in Governance, Risk, and Compliance (GRC) directly to our clients. You will...RiskFull timeWork at office- ...Job Description Job Description As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage risk reviews... ...tracking through resolution Perform and support third-party risk management activities, including vendor reviews...Risk
$130k - $170k
Assurance Experienced Manager, Third Party Attestation Job Description Job Summary: The Assurance Experienced Manager, Third Party Attestation... ...-party attestation reports to understand the entire technology risk umbrella rather than maintaining overall knowledge in...RiskWork at office$132.42k - $217.55k
...As the Head of Risk & Resiliency, you will execute the Risk & Resiliency frameworks for Financial Protection & Retirement Solutions... ...risk across domains (Technology, Cyber, Data, Model, Compliance, Third Party, etc) and ensuring alignment to Guardian’s risk appetite and...RiskFull timeWork at officeWork from homeVisa sponsorshipWork visaFlexible hours$95.8k - $148.7k
..., high deductible, and self-insured retention basis handled by third party administrators. Position Responsibilities Provide technical expertise... ...needs on an ongoing basis. Collaborate with Underwriting, Risk Management, Actuarial, and other stakeholders to ensure...RiskTemporary work$160k - $200k
...rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by... ...technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance...Risk- ...detail-oriented and collaborative Reporting Analyst to join our Data & Analytics team. The... ...global knowledge, taking calculated risks aligned with our convictions to exceed expectations... ...diversity. No calls or emails from third parties at this time please. #J-18808-Ljbffr...RiskWork at officeLocal area
$90k - $110k
...ABOUT BLACK KITE Black Kite is the global leader in third-party cyber risk intelligence, trusted by more than 3,000 organizations worldwide... ...earned consistent recognition from customers and industry analysts alike. WHY BLACK KITE We’re a fast-moving, high-...RiskWorldwideFlexible hours$148.7k - $201.2k
...Amazon new workers a year in over 60 countries. We do not depend on third party monolithic HR systems. Our software uses Amazon Web Services to... ...escalates issues effectively when teams are blocked. Analyze risks, develop mitigation strategies, and proactively identify and...RiskTemporary workFlexible hours- ...it management cyber insurance cyber resilience cyber risk vendor risk management risk scoring vulnerability management... ...scoring security risk ratings vendor risk monitoring third-party risk management cyber vrm vrm vendor questionnaires...RiskLocal area
- ...of 6.2 GW of wind and solar projects on behalf of Longroad and third parties. Our vision is to create lasting value for our shareholders,... ...project execution plans, including scope, schedule, budget, and risk management. Establishes and manages project budgets and...RiskWork experience placementRemote workVisa sponsorshipWork visa
$160k - $185k
...rated, operating in 64 countries. Founded in 2013 by security and risk experts Dr. Alex Yampolskiy and Sam Kassoumeh and funded by... ...technology is used by over 25,000 organizations for self‑monitoring, third‑party risk management, board reporting, and cyber insurance...Risk$64.8k - $81k
Bitsight is a cyber risk management leader transforming how companies manage exposure... ...performance, and risk for themselves and their third parties. Companies rely on Bitsight to... ...Singapore, and remote Join our team as an IT Analyst and become a key player in designing,...RiskFull timeWork at officeRemote workFlexible hours3 days per week$160k - $200k
Come join the leader in cyber third-party risk intelligence! Black Kite gives organizations a comprehensive, real-time view into cyber ecosystem risk so they can make informed risk decisions and improve business resilience while continuously monitoring more vendors, partners...RiskRemote job$170k - $252.5k
...Managing Director) is an important role within State Street’s Global Third Party Management team. This role will lead a team that creates and... ...will partner with the businesses as well as the legal and risk organizations to ensure current and future business needs are met...RiskContract workTemporary workFlexible hours$280k - $375k
...Bitsight is a cyber risk management leader transforming how companies... ...for themselves and their third parties. Companies rely on Bitsight... ...Product, Engineering, Legal, IT, GRC, People, and customer-facing... ...with customers, partners, analysts, media, and the broader cybersecurity...RiskFull timeLocal areaRemote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Analyst - Third Party Risk. Be the first to apply!
- risk officer Boston, MA
- information risk analyst Boston, MA
- it risk analyst Boston, MA
- risk analyst Boston, MA
- senior quantitative risk analyst Boston, MA
- risk consultant Boston, MA
- risk compliance officer Boston, MA
- operational risk specialist Boston, MA
- governance risk & compliance analyst Boston, MA
- transaction risk analyst Boston, MA

