whoop
GRC Analyst - Third Party Risk
Preview — apply on company site for full detailsApply Now
At a Glance
- Location
- Boston, Massachusetts, United States
- Work Regime
- onsite
- Experience
- 2+ years
- Compensation
- or this full-time position is $70,000 - $110,000. Salary ranges are determined
- Posted
- 2026-07-07T20:31:59.646000+00:00
Key Requirements
Certifications
- ISO
Domain Knowledge
- Cybersecurity
- Regulatory
Requirements
Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS
Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management
Responsibilities
Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution
Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners
Assist with third-party risk program management activities