GRC Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

WHOOP · 1 day ago

GRC Analyst

positionBoston, MA
timeContract
remoteOnsite
seniorityMid Level
money$85K/yr - $135K/yr
date3+ years exp

WHOOP is on a mission to unlock human performance and healthspan, empowering members through a deeper understanding of their bodies. As a GRC Analyst II, you will support the development and maintenance of the Governance, Risk, and Compliance program, focusing on policy development, risk assessments, and compliance monitoring.

Consumer ElectronicsFitnessSportsWearablesWellness
check
H1B Sponsor Likelynote

Responsibilities

Assist in the development and implementation of GRC standards, frameworks and regulations (SOC2, ISO 27001, NIST Cybersecurity Framework, HIPAA, PCI DSS, etc.) to support business objectives, aligned with industry best practices and regulatory requirements
Assist in conducting risk assessments, supporting the development and adherence of risk mitigation strategies, and maintaining the risk register
Support ongoing compliance monitoring activities to ensure adherence to internal policies, relevant regulations, standards, and contractual obligations
Assist in evaluating and managing risks associated with third-party vendors and service providers through vendor risk assessment processes
Provide support in incident response activities, including documentation, coordination, and post-incident analysis as directed
Assist in the development and delivery of security awareness and training programs to educate employees on security policies, procedures, and best practices
Support audit activities by gathering evidence, conducting preliminary assessments, and assisting in the remediation of audit findings
Manage and resolve GRC support tickets promptly and efficiently
Participate in the review, development, and maintenance of security policies, standards, and procedures to ensure compliance with regulatory mandates and industry standards
Maintain and update GRC standard operating procedures to ensure consistency and efficiency. Identify areas for process improvement within the GRC program and assist in implementing enhancements to improve effectiveness and efficiency
Work cross-functionally with IT, Engineering, Legal, HR, and other stakeholders to document and validate compliance controls and support their implementation within the GRC platform
Leverage AI and automation tools to enhance compliance monitoring, reporting, evidence collection, and risk analysis

Qualification

GRC experienceCompliance certificationsRisk managementGRC tools familiarityRegulations knowledgeAnalytical skillsProject management toolsCommunication skillsOrganizational skillsProblem-solving skills

Required

Bachelor's degree in Information Security, Computer Science, or related field
Minimum of 3 years demonstrated experience in GRC is mandatory
Strong understanding of GRC concepts, principles, and practices
Demonstrated familiarity with relevant regulations, standards, and frameworks is required (e.g., GDPR, SOC2, ISO 27001, NIST Cybersecurity Framework, PCI DSS, HIPAA)
Excellent analytical and problem-solving skills with attention to detail
Effective communication and interpersonal skills, with the ability to establish relationships and collaborate with cross-functional teams
Detail-oriented with superior organizational and time-management skills - balancing multiple projects, deadlines, and requests
Proven ability to navigate ambiguity and complexity, turning uncertainty into clarity and actionable insights
Driven with a pro-active and results-oriented approach, demonstrating a can-do attitude and determination to succeed

Preferred

Compliance and security certifications (e.g., CompTIA Security+, CISSP, CISA, CISM, CRISC, other GRC certifications) a plus
Familiarity with using and or administrating GRC tools is a plus
Prior healthcare compliance experience and knowledge of HIPAA and or HITRUST is a plus
Familiarity with Jira or other project management tools for organizing and managing daily work and projects is preferred

Benefits

Competitive base salaries
Meaningful equity
Benefits
A generous equity package

Company

WHOOP

twittertwittertwitter
Glassdoor3.4
company-logo
WHOOP is a fitness tech company that offers wearables that track sleep, recovery, and performance.
dateFounded in 2012
location
Boston, Massachusetts, USA
people-size501-1000 employees
web-link
http://www.whoop.com/

H1B Sponsorship

WHOOP has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (32)
2024 (18)
2023 (15)
2022 (5)
2021 (17)
2020 (6)

Funding

Current Stage
Late Stage
Total Funding
$404.75M
Key Investors
SoftBank Vision FundIVPFoundry Group
2026-01-15Undisclosed
2021-08-30Series F· $200M
2020-10-28Series E· $100M

Leadership Team

leader-logo
Will Ahmed
Founder & CEO
linkedin
leader-logo
Aurelian Nicolae
Co-Founder & Chief Hardware Engineer
linkedin

Recent News

Boston Globe
At MIT, ‘a bunch of hard-core nerds’ celebrate Wikipedia’s 25th birthday
2026-01-21
Sportcal
F1 sponsorships: Ferrari secures Whoop, Audi partners Nexo
2026-01-20
Business Wire
WHOOP Becomes Official Health and Fitness Wearable Partner and Team Partner of Scuderia Ferrari HP
2026-01-19
Company data provided by crunchbase