Senior Manager, Governance, Risk, & Compliance (GRC)

1 Month ago • 6 Years +

Job Summary

Job Description

The Senior Manager of Governance, Risk, and Compliance (GRC) will spearhead the GRC program's advancement in a dynamic, rapidly expanding environment. This role encompasses both the design and execution of the GRC function, starting with establishing structure, implementing tools, and managing daily activities while simultaneously building a scalable team. The ideal candidate will collaborate with teams such as Legal, Security, and Product to ensure adherence to regulations, mitigate risks, and enhance operational resilience. Responsibilities include developing and implementing a comprehensive GRC program, managing the enterprise risk register, leading third-party risk management, and overseeing policy development and training. The role also involves serving as the primary contact for audits, improving GRC tools and processes, supporting incident response, and mentoring GRC analysts.
Must have:
  • 6+ years of experience in GRC, information security, audit, or compliance roles.
  • Deep understanding of regulations and standards including GDPR, ISO 27001, SOC 2, and NIST CSF.
  • Experience managing organizational risk registers and applying risk-informed decision-making.
  • Proven ability to lead third-party risk management in collaboration with internal stakeholders.
  • Familiarity with audit workflows, evidence collection, and control testing in fast-paced environments.
  • Experience managing or mentoring compliance, audit, or GRC professionals.
  • Proven ability to build scalable, process-driven programs in high-growth or rapidly evolving environments.
  • Highly organized and detail-oriented, with strong project execution and prioritization skills.
  • Demonstrated accountability to metrics, data-driven reporting, and outcome-based program management.
Good to have:
  • Relevant certifications such as CISA, CISSP, CIPP/E, CRISC, ISO Lead Auditor, HITRUST CCSFP, or PMP are a plus.
  • Strong commitment to embracing and leveraging AI tools in day-to-day tasks, ensuring AI-assisted work aligns with the same high-quality standards as personal contributions, with awareness of emerging governance and ethical considerations such as data privacy and model transparency.

Job Details

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. 

WHOOP is seeking a strategic and execution-oriented Senior Manager of Governance, Risk and Compliance to lead the next phase of the GRC program in a fast-paced, high-growth environment. This role will lead both the design and hands-on execution of the GRC function. Initially, this includes building structure, implementing tools, and guiding day-to-day activities while laying the foundation to scale team capabilities and delegate ownership over time. The ideal candidate will partner across Legal, Security, Product, and other teams to ensure alignment with regulatory frameworks, reduce enterprise risk, and strengthen operational resilience.

Responsibilities:

    • Lead the development, implementation, and evolution of a comprehensive governance, risk, and compliance program aligned with standards such as ISO 27001, SOC2, GDPR, and other global regulatory expectations
    • Own the enterprise risk register, delivering ongoing visibility, prioritization, and executive-level reporting across key risk domains
    • Drive the third-party risk management lifecycle, overseeing vendor risk assessments and due diligence in partnership with Legal, IT, and Security
    • Oversee the development and lifecycle of scalable policies, standards, and training programs that promote security awareness and strengthen organizational compliance
    • Serve as the lead point of contact for internal and external audits and assessments, managing evidence workflows and driving remediation to completion
    • Identify, implement, and improve GRC tools, processes, and metrics to support program scale, transparency, and accountability
    • Support incident response processes by ensuring regulatory alignment, breach documentation, and post-incident reviews are conducted and integrated into risk and compliance programs
    • Lead by doing - execute critical GRC workstreams directly while scaling team capabilities, maturing processes, and transitioning ownership to analysts over time
    • Manage and mentor GRC analysts, balancing direct execution with team enablement as the program grows

Qualifications:

    • 6+ years of experience in GRC, information security, audit, or compliance roles, preferably in health tech, SaaS, or regulated environments
    • Deep understanding of regulations and standards including GDPR, ISO 27001, SOC 2, and NIST CSF
    • Experience managing organizational risk registers and applying risk-informed decision-making
    • Proven ability to lead third-party risk management in collaboration with internal stakeholders
    • Familiarity with audit workflows, evidence collection, and control testing in fast-paced or audit-intensive environments
    • Experience managing or mentoring compliance, audit, or GRC professionals
    • Relevant certifications such as CISA, CISSP, CIPP/E, CRISC, ISO Lead Auditor, HITRUST CCSFP, or PMP are a plus
    • Proven ability to build scalable, process-driven programs in high-growth or rapidly evolving environments
    • Highly organized and detail-oriented, with strong project execution and prioritization skills across competing deadlines
    • Demonstrated accountability to metrics, data-driven reporting, and outcome-based program management
    • Strong commitment to embracing and leveraging AI tools in day-to-day tasks, ensuring AI-assisted work aligns with the same high-quality standards as personal contributions, with awareness of emerging governance and ethical considerations such as data privacy and model transparency
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.

WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility.  It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Similar Jobs

Playtika - Game Designer Expert- Redecor

Playtika

Berlin, Berlin, Germany (On-Site)
6 Months ago
Fluence - Principal Systems Engineer - Product Development

Fluence

Houston, Texas, United States (Hybrid)
5 Months ago
Nasdaq - Product Owner - Specialist

Nasdaq

Bengaluru, Karnataka, India (Hybrid)
19 Hours ago
Google - Data and Measurement Specialist

Google

Amsterdam, North Holland, Netherlands (On-Site)
2 Days ago
Patel greene - PD&E Project Manager

Patel greene

Temple Terrace, Florida, United States (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Playtika - Java Tech Lead

Playtika

Poland (Hybrid)
6 Months ago
Microsoft - Critical Environment Mechanical Engineer

Microsoft

Atlanta, Georgia, United States (On-Site)
3 Days ago
Scout - Facilities & Construction Project Manager

Scout

Columbia, South Carolina, United States (On-Site)
1 Day ago
ByteDance - Software Engineer - Spatial Web

ByteDance

San Jose, California, United States (On-Site)
2 Weeks ago
Disney - Senior Compositor

Disney

Sydney, New South Wales, Australia (On-Site)
1 Year ago
Scale AI - Machine Learning Engineer, GenAI Quality

Scale AI

San Francisco, California, United States (On-Site)
1 Day ago
Google - Senior Technical Program Manager II, Enterprise Architecture, Core

Google

Sunnyvale, California, United States (On-Site)
2 Weeks ago
ByteDance - Research Engineer in Large Model System

ByteDance

San Jose, California, United States (On-Site)
6 Months ago
Assystems - Sr Design Engineers - Buildings

Assystems

Navi Mumbai, Maharashtra, India (On-Site)
6 Months ago
SOFTSWISS - Data Security Specialist

SOFTSWISS

(Remote)
2 Days ago

Get notifed when new similar jobs are uploaded

Jobs in Boston, Massachusetts, United States

Fandom - Senior Client Strategist, Gaming

Fandom

United States (Remote)
1 Month ago
Epic Games - Senior UI Artist

Epic Games

Bellevue, Washington, United States (On-Site)
3 Months ago
Google - Software Engineering Manager II

Google

San Bruno, California, United States (On-Site)
2 Weeks ago
Google - Software Engineering Manager II, Google Cloud Compute

Google

Kirkland, Washington, United States (On-Site)
2 Weeks ago
Netflix - Machine Learning Manager - Promotional Media

Netflix

Los Gatos, California, United States (On-Site)
3 Months ago
Logrhytm - Security Operations Analyst

Logrhytm

United States (On-Site)
10 Hours ago
Sail Point - Sales Operations Analyst - Strategic

Sail Point

Austin, Texas, United States (On-Site)
4 Hours ago
ByteDance - Finance Business Partner - Global Monetization

ByteDance

San Jose, California, United States (On-Site)
3 Days ago
ByteDance - Machine Learning Engineer Intern (Search-TikTok Recommendation)

ByteDance

San Jose, California, United States (On-Site)
1 Month ago
BrightEdge - Sales Development Representative (Miami Uni Students)

BrightEdge

Cleveland, Ohio, United States (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Boston, Massachusetts, United States (Hybrid)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

Boston, Massachusetts, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Whoop

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug