Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
GRC Analyst (Cybersecurity): Managing third-party vendor risk assessments and operational compliance workflows with an accent on prioritization, tracking, and cross-functional coordination. Focus on identifying workflow trends, improving guidance, and ensuring adherence to security frameworks like ISO 27001 and SOC 2.
Location: Must be based in or be able to relocate to the Boston, MA office
Salary: $70,000 - $110,000
Company
WHOOP is a technology company focused on human performance through wearable health and fitness tracking.
What you will do
- Manage and triage third-party vendor risk assessment intakes through to resolution.
- Perform vendor risk reviews, reassessments, and remediation tracking.
- Coordinate with Security, Legal, Privacy, Procurement, IT, and Finance teams.
- Analyze intake and ticketing data to identify workflow trends and gaps.
- Improve guidance, templates, and automation for the GRC program.
- Assist with broader third-party risk program management activities.
Requirements
- 2+ years of experience in GRC, with third-party risk management preferred.
- Understanding of cybersecurity compliance frameworks including ISO 27001, NIST CSF, COSO, SOC 2, and PCI-DSS.
- Strong operational discipline and ability to provide informed recommendations to management.
- Bachelor’s degree in any discipline (Computer Science, Cybersecurity, or Risk preferred).
- Must be able to work on-site in Boston, MA.
Culture & Benefits
- Competitive base salary with a generous equity package.
- Comprehensive benefits package.
- Commitment to a diverse and inclusive work environment.
- Focus on long-term company growth and employee ownership.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →