Grc Analyst - Third Party Risk

Whoop Whoop · Consumer · Boston, MA · Information Security

This role supports the WHOOP Governance, Risk, and Compliance (GRC) program, focusing on managing third-party vendor risk reviews and operational requests within security compliance workflows. The analyst will track and complete vendor assessments, identify workflow trends, and suggest improvements for guidance, templates, reporting, automation, and stakeholder experience.

What you'd actually do

  1. help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows
  2. helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively
  3. use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience

Skills

Required

  • GRC
  • third-party vendor risk management
  • security compliance
  • risk assessment
  • workflow analysis
  • attention to detail
  • responsiveness
  • accountability

Nice to have

  • ticketing systems
  • automation
  • reporting

What the JD emphasized

  • Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment.