Назад
2 дня назад

GRC Analyst (Cybersecurity)

70 000 - 110 000$
Формат работы
onsite
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Релокация
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

GRC Analyst (Cybersecurity): Managing third-party vendor risk assessments and operational compliance workflows with an accent on prioritization, tracking, and cross-functional coordination. Focus on identifying workflow trends, improving guidance, and ensuring adherence to security frameworks like ISO 27001 and SOC 2.

Location: Must be based in or be able to relocate to the Boston, MA office

Salary: $70,000 - $110,000

Company

WHOOP is a technology company focused on human performance through wearable health and fitness tracking.

What you will do

  • Manage and triage third-party vendor risk assessment intakes through to resolution.
  • Perform vendor risk reviews, reassessments, and remediation tracking.
  • Coordinate with Security, Legal, Privacy, Procurement, IT, and Finance teams.
  • Analyze intake and ticketing data to identify workflow trends and gaps.
  • Improve guidance, templates, and automation for the GRC program.
  • Assist with broader third-party risk program management activities.

Requirements

  • 2+ years of experience in GRC, with third-party risk management preferred.
  • Understanding of cybersecurity compliance frameworks including ISO 27001, NIST CSF, COSO, SOC 2, and PCI-DSS.
  • Strong operational discipline and ability to provide informed recommendations to management.
  • Bachelor’s degree in any discipline (Computer Science, Cybersecurity, or Risk preferred).
  • Must be able to work on-site in Boston, MA.

Culture & Benefits

  • Competitive base salary with a generous equity package.
  • Comprehensive benefits package.
  • Commitment to a diverse and inclusive work environment.
  • Focus on long-term company growth and employee ownership.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →