1

Grc Third Party Risk Analyst Jobs (NOW HIRING)

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

GRC Analyst - Third Party Risk

Boston, MA · On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

GRC Analyst - Third Party Risk

Boston, MA · On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

GRC Analyst - Third Party Risk

Boston, MA · On-site

$70K - $110K/yr

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security ...

In this highly visible role, the Third Party Risk Analyst will be responsible for identifying ... Attends daily SCRUM calls, weekly system support calls for GRC platform ensuring any system issues ...

Third-Party Risk Analyst

Mclean, VA · On-site

$45 - $47/hr

Third-Party Risk Analyst Location: McLean, VA (5 days - Onsite) Job Overview The Third-Party Risk Analyst will support Enterprise Operationally Critical Third Parties (EOCTP) and Enterprise ...

As our new Third Party Risk Analyst , you will play a critical role in protecting Anaplan by managing the risks associated with our third-party suppliers and reporting to our legal team. You will be ...

As our new Third Party Risk Analyst , you will play a critical role in protecting Anaplan by managing the risks associated with our third-party suppliers and reporting to our legal team. You will be ...

As our new Third Party Risk Analyst , you will play a critical role in protecting Anaplan by managing the risks associated with our third-party suppliers and reporting to our legal team. You will be ...

As our new Third Party Risk Analyst , you will play a critical role in protecting Anaplan by managing the risks associated with our third-party suppliers and reporting to our legal team. You will be ...

Third Party Risk Analyst

Columbus, OH · On-site

$30 - $32/hr

Robert Half Management Resources is currently looking for a Third Party Risk Analyst to support vendor due diligence efforts and help strengthen third-party oversight for a Financial Services client ...

Job Summary The Third-Party Risk Analyst supports the team in carrying out third-party risk management activities throughout the vendor lifecycle. This role supports ongoing monitoring of third ...

next page

Showing results 1-20

Grc Third Party Risk Analyst information

See salary details

$44.5K

$86.7K

$124.5K

How much do grc third party risk analyst jobs pay per year?

As of Jul 13, 2026, the average yearly pay for grc third party risk analyst in the United States is $86,688.00, according to ZipRecruiter salary data. Most workers in this role earn between $56,500.00 and $100,000.00 per year, depending on experience, location, and employer.

What are some typical challenges a GRC Third Party Risk Analyst may encounter when assessing vendors?

As a GRC Third Party Risk Analyst, you may face challenges such as obtaining timely and complete responses from vendors, especially when dealing with large or international organizations. Navigating varying levels of vendor maturity in risk management practices can also be difficult. Additionally, balancing the need for thorough risk assessments with fast-paced business timelines requires strong communication and prioritization skills. Collaborating closely with procurement, legal, and IT teams is essential to ensure all risks are properly identified and managed.

What are the key skills and qualifications needed to thrive as a GRC Third Party Risk Analyst, and why are they important?

To thrive as a GRC Third Party Risk Analyst, you need a strong understanding of risk management frameworks, compliance regulations, and vendor risk assessment methodologies, typically supported by a degree in information security, business, or a related field. Familiarity with GRC platforms (like Archer or ServiceNow), third-party risk management tools, and certifications such as CISA or CRISC is highly beneficial. Strong analytical thinking, attention to detail, and effective communication skills are essential soft skills for this role. These competencies ensure that organizations can accurately assess and mitigate third-party risks, maintaining compliance and protecting sensitive data.

What is a GRC Third Party Risk Analyst?

A GRC Third Party Risk Analyst is a professional who assesses and manages the risks associated with an organization’s external vendors, suppliers, or partners. Their role involves evaluating third-party compliance with regulatory standards and internal policies, identifying potential risks such as data breaches or non-compliance, and recommending mitigation strategies. They use frameworks like GRC (Governance, Risk, and Compliance) to help ensure that third-party relationships do not compromise the organization's security or reputation. This role often collaborates with procurement, legal, and IT teams to maintain robust risk management processes.

What is the difference between Grc Third Party Risk Analyst vs Grc Vendor Risk Analyst?

AspectGrc Third Party Risk AnalystGrc Vendor Risk Analyst
CertificationsCertifications like CRISC, CISA often preferredSame certifications commonly required
Work EnvironmentFocuses on third-party relationships and risk assessmentsPrimarily evaluates vendor-specific risks and compliance
Industry UsageUsed across finance, healthcare, and tech sectorsCommonly found in industries with extensive vendor networks

The Grc Third Party Risk Analyst and Grc Vendor Risk Analyst roles overlap significantly in certifications and work environment. The main difference lies in scope: the Third Party Risk Analyst assesses overall third-party relationships, while the Vendor Risk Analyst concentrates specifically on individual vendors. Both roles are vital for managing third-party risks in various industries.

More about Grc Third Party Risk Analyst jobs
What cities are hiring for Grc Third Party Risk Analyst jobs? Cities with the most Grc Third Party Risk Analyst job openings:
What states have the most Grc Third Party Risk Analyst jobs? States with the most job openings for Grc Third Party Risk Analyst jobs include:
What job categories do people searching Grc Third Party Risk Analyst jobs look for? The top searched job categories for Grc Third Party Risk Analyst jobs are:
Infographic showing various Grc Third Party Risk Analyst job openings in the United States as of July 2026, with employment types broken down into 1% Locum Tenens, 1% Internship, 86% Full Time, 6% Part Time, 1% Temporary, and 5% Contract. Highlights an 82% Physical, 5% Hybrid, and 13% Remote job distribution, with an average salary of $86,688 per year, or $41.7 per hour.
GRC Analyst - Third Party Risk

GRC Analyst - Third Party Risk

Whoop

Boston, MA

$70K - $110K/yr

Full-time

Posted 6 days ago


Job description

As a GRC Analyst, you will support the WHOOP Governance, Risk, and Compliance program. You will help manage third-party vendor risk reviews, and operational requests, in cross-functional security compliance workflows. Success in this role requires strong attention to detail, responsiveness and accountability through completion in a fast-paced environment.

The key focus of this role will be helping ensure third-party vendor assessment requests are reviewed, prioritized, routed, tracked, and completed effectively. You will use intake and ticketing data to identify workflow trends, recurring questions, handoff gaps, and opportunities to improve guidance, templates, reporting, automation, and stakeholder experience.

RESPONSIBILITIES:
  • Support day-to-day third-party vendor risk assessments – manage and triage GRC third-party vendor assessment intakes and accurate tracking through resolution

  • Perform vendor risk reviews, reassessments, partner coordination, remediation tracking, and cross-functional follow-up with Security, Legal, Privacy, Procurement, IT, Finance, and business owners

  • Assist with third-party risk program management activities

QUALIFICATIONS:
  • 2+ years of experience in GRC - third-party risk management experience preferred

  • Understanding of Cybersecurity compliance frameworks and cybersecurity compliance controls – ISO 27001, NIST CSF, COSO, SOC 2, PDI-DSS

  • Highly organized and strong operational discipline ensuring clear and expedient escalations with informed recommendations to management

  • Being a team player and working to achieve common goal in a dynamic setting

  • A minimum bachelor’s degree in any discipline. Computer science, cyber security and risk or technology degrees preferred.

This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.

Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.

WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility

The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values.

At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success.

The U.S. base salary range for this full-time position is $70,000 - $110,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. 

In addition to the base salary, the successful candidate will also receive benefits and a generous equity package.

These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.


Whoop logo

About Whoop

Sourced by ZipRecruiter

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers users (Olympians, Professional Athletes, Fitness Enthusiasts, etc) to perform at a higher level through a deeper understanding of their bodies and daily lives.

Industry

Fitness and sports centers

Company size

501 - 1,000 Employees

Headquarters location

Boston, MA, US

Year founded

2012