WHOOP · 2 days ago
GRC Analyst
Boston, MA
Contract
Onsite
Entry, Mid Level
$85K/yr - $135K/yr
2+ years expWHOOP is on a mission to unlock human performance and healthspan. As a GRC Analyst, you will support the development, implementation, and maintenance of the Governance, Risk, and Compliance (GRC) program, assisting in various activities including policy development, risk assessments, and compliance monitoring.
Consumer ElectronicsFitnessSportsWearablesWellness
Responsibilities
Assist in the development and implementation of the GRC framework to support business objectives, aligned with industry best practices and regulatory requirements
Assist in conducting risk assessments, supporting the development and adherence of risk mitigation strategies, and maintaining the risk register
Support ongoing compliance monitoring activities to ensure adherence to internal policies, relevant regulations, standards, and contractual obligations
Assist in evaluating and managing risks associated with third-party vendors and service providers through vendor risk assessment processes
Provide support in incident response activities, including documentation, coordination, and post-incident analysis as directed
Assist in the development and delivery of security awareness and training programs to educate employees on security policies, procedures, and best practices
Support audit activities by gathering evidence, conducting preliminary assessments, and assisting in the remediation of audit findings
Manage and resolve GRC support tickets promptly and efficiently
Participate in the review, development, and maintenance of security policies, standards, and procedures to ensure compliance with regulatory mandates and industry standards
Maintain and update GRC standard operating procedures to ensure consistency and efficiency. Identify areas for process improvement within the GRC program and assist in implementing enhancements to improve effectiveness and efficiency
Qualification
Required
Bachelor's degree in Information Security, Computer Science, or relevant certifications
Minimum of 2 years of experience in information security, risk management, audit, or compliance roles
Strong understanding of GRC concepts, principles, and practices
Familiarity with relevant regulations, standards, and frameworks (e.g., GDPR, SOC2, ISO 27001, NIST Cybersecurity Framework)
Excellent analytical and problem-solving skills with attention to detail
Effective communication and interpersonal skills, with the ability to establish relationships and collaborate with cross-functional teams
Detail-oriented with superior organizational and time-management skills - balancing multiple projects, deadlines, and requests
Proven ability to navigate ambiguity and complexity, turning uncertainty into clarity and actionable insights
Driven with a pro-active and results-oriented approach, demonstrating a can-do attitude and determination to succeed
Preferred
Relevant certifications (e.g., CompTIA Security+, CISSP, CISA, CISM, GRC certifications) a plus
Benefits
Meaningful equity
Benefits
A generous equity package
Company
WHOOP
WHOOP is a fitness tech company that offers wearables that track sleep, recovery, and performance.
501-1000 employees
H1B Sponsorship
WHOOP has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (32)
2024 (18)
2023 (15)
2022 (5)
2021 (17)
2020 (6)
Funding
Current Stage
Late StageTotal Funding
$404.75MKey Investors
SoftBank Vision FundIVPFoundry Group
2021-08-30Series F· $200M
2020-10-28Series E· $100M
2019-11-12Series D· $55M
Leadership Team
Will Ahmed
Founder & CEO
Aurelian Nicolae
Co-Founder & Chief Hardware Engineer
Recent News
Mashable
2025-12-24
2025-12-08
Company data provided by crunchbase