whoop

GRC Analyst - Third Party Risk

Apply Now

At a Glance

Location
Boston, Massachusetts, United States
Work Regime
onsite
Experience
2+ years
Compensation
or this full-time position is $70,000 - $110,000. Salary ranges are determined
Posted
2026-07-07T20:31:59.646000+00:00

Key Requirements

Certifications

  • ISO

Domain Knowledge

  • Cybersecurity
  • Regulatory

Requirements

Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS

Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management

Responsibilities

Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution

Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners

Assist with third-party risk program management activities