Manager And Senior Manager: Governance, Risk, & Compliance (HealthTech)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Manager And Senior Manager: Governance, Risk, & Compliance (HealthTech): Leading the execution and enhancement of the GRC program with an accent on regulatory compliance and enterprise risk reduction. Focus on designing scalable security control frameworks, overseeing complex risk assessments, and managing the third-party risk lifecycle.
Location: On-site in Boston, MA. Must be prepared to relocate if necessary.
Salary: $155,000–$205,000
Company
WHOOP is a health technology company on a mission to unlock human performance through deeper understanding of bodies and daily lives.
What you will do
- Drive the strategy and hands-on execution of the governance program to maintain alignment with ISO 27001, SOC 2, GDPR, and other frameworks.
- Develop and manage scalable security control frameworks, policies, standards, and security awareness programs.
- Manage the enterprise risk register, driving prioritization and delivering executive-level reporting.
- Lead the third-party risk management lifecycle, including vendor risk assessments and due diligence.
- Coach, mentor, and develop GRC analysts while scaling the program.
- Own the operational intake and triage process for all GRC requests, including security questionnaires and SDLC reviews.
Requirements
- 8+ years of experience in GRC or information security (HealthTech or SaaS preferred) with 4+ years managing cybersecurity professionals.
- Deep understanding of ISO 27001, SOC 2, GDPR, PCI, NIST CSF, and HIPAA.
- Proven ability to build scalable, process-driven programs in high-growth environments.
- Must be based in or able to relocate to Boston, MA.
- Relevant certifications such as CISA, CISSP, CRISC, CIPP/E, or ISO Lead Auditor are strongly preferred.
- Bachelor’s degree in Computer Science, Cybersecurity, Risk, or a related technology field.
Culture & Benefits
- Competitive base salary combined with a generous equity package.
- Total compensation approach aligning employees with long-term company success.
- Inclusive environment that values character and diversity.
- Equal Opportunity Employer participating in E-verify.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →