Senior Risk & Compliance Analyst

Whoop Whoop · Consumer · Boston, MA · Information Security

This role focuses on managing technology and cybersecurity risks within an organization, involving risk assessments, maintaining a risk register, and supporting risk governance. It requires strong analytical skills and clear communication of complex risk scenarios to both technical and non-technical stakeholders.

What you'd actually do

  1. lead structured risk assessments
  2. maintain the cyber risk register
  3. support risk governance through the Cyber Risk Committee
  4. partnering with Security Architecture, Security Engineering, Product Security, Legal, IT, and business stakeholders to identify and assess technology and cybersecurity risks across systems, infrastructure, and business operations
  5. translate technical findings into clear business risk and contribute to effective risk mitigation strategies

Skills

Required

  • risk assessments
  • risk register management
  • risk governance
  • cybersecurity risk identification and assessment
  • risk mitigation strategies
  • analytical thinking
  • communication of complex risk scenarios

Nice to have

  • experience in regulated environments

What the JD emphasized

  • lead structured risk assessments
  • maintain the cyber risk register
  • support risk governance
  • identify and assess technology and cybersecurity risks
  • translate technical findings into clear business risk