Responsibilities : • Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Responsibilities : • Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Quick apply
Senior Risk & Compliance Analyst
Boston, MA · On-site
$130K - $170K/yr
RESPONSIBILITIES: * Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control ...
Responsibilities : • Lead the transition of risk management from a cyber-centric model to an ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
Responsibilities : • Lead the transition of risk management from a cyber-centric model to an ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
Responsibilities : • Lead the transition of risk management from a cyber-centric model to an ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
Responsibilities : • Lead the transition of risk management from a cyber-centric model to an ... risk assessment into the internal and third-party risk programs • Operate as a second line of ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
Quick apply
... assessment, instrumenting controls, and applying AI as foundational infrastructure. You will ... Lead the transition of risk management from a cyber-centric model to an enterprise-wide framework ...
Head of Cyber & Information Security Oversight (SVP)
$120K - $163K/yr
The organization is going through a significant transformation, and you will lead key cyber risk assessments on material projects and ensure the identified risks are being prudently managed. This ...
Head of Cyber & Information Security Oversight (SVP)
$120K - $163K/yr
The organization is going through a significant transformation, and you will lead key cyber risk assessments on material projects and ensure the identified risks are being prudently managed. This ...
Head of Cyber & Information Security Oversight (SVP)
Boston, MA · On-site
$120K - $163K/yr
The organization is going through a significant transformation, and you will lead key cyber risk assessments on material projects and ensure the identified risks are being prudently managed. This ...
Head of Cyber & Information Security Oversight (SVP)
Boston, MA · On-site
$120K - $163K/yr
The organization is going through a significant transformation, and you will lead key cyber risk assessments on material projects and ensure the identified risks are being prudently managed. This ...
Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs. Business Partnership & Advisory * Act as a ...
Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs. Business Partnership & Advisory * Act as a ...
Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs. Business Partnership & Advisory * Act as a ...
Maintain visibility into detailed cyber risk assessments, advising business and technology leaders on prioritized mitigation strategies and risk tradeoffs. Business Partnership & Advisory * Act as a ...
Manage the internal sales process, including proposal development, competitive assessments, multi-discipline client presentations, and unified positioning of RSM's cyber and risk advisory ...
Manage the internal sales process, including proposal development, competitive assessments, multi-discipline client presentations, and unified positioning of RSM's cyber and risk advisory ...
Maintain the AI risk assessment methodology and risk criteria, maintain the consolidated AI risk ... Apply cyber risk quantification (expected loss, probability, and cost of remediation versus ...
New
Maintain the AI risk assessment methodology and risk criteria, maintain the consolidated AI risk ... Apply cyber risk quantification (expected loss, probability, and cost of remediation versus ...
New
Audit program development, risk assessment, documentation, and reporting * Coordination with ... Big 4 / advisory, corporate IT audit, cyber GRC, or ERP controls background * Strong ITGC / SOX ...
Quick apply
Audit program development, risk assessment, documentation, and reporting * Coordination with ... Big 4 / advisory, corporate IT audit, cyber GRC, or ERP controls background * Strong ITGC / SOX ...
Lead Senior / Manager, Technology Risk & IT Audit
Burlington, MA · On-site
$125K - $180K/yr
Audit program development, risk assessment, documentation, and reporting * Coordination with ... Big 4 / advisory, corporate IT audit, cyber GRC, or ERP controls background * Strong ITGC / SOX ...
Lead Senior / Manager, Technology Risk & IT Audit
Burlington, MA · On-site
$125K - $180K/yr
Audit program development, risk assessment, documentation, and reporting * Coordination with ... Big 4 / advisory, corporate IT audit, cyber GRC, or ERP controls background * Strong ITGC / SOX ...
Sr. Director, GRC, IT Controls & Cyber Culture, Orthopedics
Raynham, MA · On-site
$114K - $155K/yr
Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies. * Own the ...
New
Sr. Director, GRC, IT Controls & Cyber Culture, Orthopedics
Raynham, MA · On-site
$114K - $155K/yr
Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies. * Own the ...
New
Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies. * Own the ...
New
Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies. * Own the ...
New
Cyber Risk Assessment information
What is the difference between Cyber Risk Assessment vs Cyber Security Analyst?
| Aspect | Cyber Risk Assessment | Cyber Security Analyst |
|---|---|---|
| Primary Focus | Identifying and evaluating cybersecurity risks and vulnerabilities | Monitoring, detecting, and responding to security threats |
| Certifications | CompTIA Security+, CISSP, CISA | CompTIA Security+, CEH, CISSP |
| Work Environment | Risk management teams, consulting firms, security departments | Security operations centers, IT departments, incident response teams |
| Responsibilities | Risk analysis, vulnerability assessments, compliance | Threat detection, incident response, security monitoring |
While both roles involve cybersecurity, Cyber Risk Assessments focus on evaluating potential risks and vulnerabilities to inform security strategies, whereas Cyber Security Analysts actively monitor and respond to ongoing security threats. Understanding these differences helps organizations assign the right roles for comprehensive cybersecurity management.
How much does a cyber risk analyst make?
What is a cyber risk assessment?
What are some common challenges faced by professionals in Cyber Risk Assessment, and how can they be addressed?
What are the key skills and qualifications needed to thrive as a Cyber Risk Assessor, and why are they important?
Can you make $200,000 in cyber security?
Is SOC an entry level job?
Can you make $500,000 a year in cyber security?
Job description
WHOOP is on a mission to unlock human performance and extend healthspan. The Senior Risk & Compliance Analyst will support the design and execution of the cyber risk management program, leading risk assessments and collaborating with various stakeholders to identify and mitigate technology and cybersecurity risks.
Responsibilities:
• Lead cyber and technology risk assessments across systems, cloud environments, business processes, and major initiatives, evaluating threats, vulnerabilities, control effectiveness, and residual risk.
• Maintain and operate the enterprise cyber risk register, including drafting risk statements, tracking mitigation plans, and supporting governance and reporting processes.
• Translate technical findings, architectural concerns, and control gaps into clear business risk scenarios that support prioritization and decision-making.
• Support and help mature quantitative cyber risk analysis approaches such as FAIR to improve how risk is measured and communicated.
• Prepare materials and analysis to support the Cyber Risk Committee and executive risk reporting.
• Partner with Security Architecture to assess risk in system designs, cloud architecture, identity models, data flows, and platform changes.
• Collaborate with Security Engineering, Product Security, Legal, IT, and business teams to evaluate new initiatives, technology changes, artificial intelligence use cases, and third-party integrations through a risk lens.
• Conduct risk assessments for emerging technologies including artificial intelligence and machine learning systems, evaluating data usage, model behavior, external dependencies, and security implications.
• Evaluate risks associated with the use of artificial intelligence technologies, including model behavior, data exposure, prompt or input manipulation, and external model dependencies.
• Develop dashboards and reporting that provide leadership with visibility into key cybersecurity risks and trends.
• Track mitigation progress and risk treatment activities to ensure accountability and clear documentation of outcomes.
• Contribute to the continued development of cyber risk management processes, methodologies, and governance practices across the GRC program.
Qualifications:
Required:
• 6+ years of experience in cybersecurity risk management, information security, technology risk, or a related field.
• Demonstrated experience conducting structured cybersecurity or IT risk assessments.
• Experience maintaining risk registers and tracking risk mitigation or treatment activities.
• Strong understanding of security frameworks such as NIST CSF, ISO 27001, or PCI DSS, and familiarity with regulatory environments such as GDPR, HIPAA or other privacy and data protection requirements.
• Ability to translate technical findings into clear business risk for non-technical stakeholders.
• Strong written and verbal communication skills with experience presenting findings to cross-functional teams.
• Experience working with engineering, architecture, legal, compliance, and business stakeholders.
• Experience assessing risks related to artificial intelligence, machine learning systems, or emerging technologies, including familiarity with emerging AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or similar standards.
Preferred:
• Professional certifications such as CRISC, CISSP, CISM, CISA, or CGRC are a plus.
Company:
WHOOP provides wearable fitness technology and a subscription platform that tracks physiological data for health and performance insights. Founded in 2012, the company is headquartered in Boston, USA, with a team of 501-1000 employees. The company is currently Late Stage.
About Whoop
Sourced by ZipRecruiter
At WHOOP, we're on a mission to unlock human performance. WHOOP empowers users (Olympians, Professional Athletes, Fitness Enthusiasts, etc) to perform at a higher level through a deeper understanding of their bodies and daily lives.
Industry
Fitness and sports centers
Company size
501 - 1,000 Employees
Headquarters location
Boston, MA, US
Year founded
2012