Manager of Security Governance, Risk, and Compliance

Who We AreAt CarGurus (NASDAQ: CARG), we empower people by simplifying their journey to car ownership. Our story began with a passionate team of developers dedicated to bringing trust and transparency to the automotive marketplace. Over the years, our innovative approach and rapid market growth have positioned us as the largest and fastest-growing automotive…

At WHOOP, our mission is to unlock human performance and enhance healthspan through cutting-edge wearable technology. We provide personalized insights that empower millions of members to better understand their bodies and make informed decisions regarding training, recovery, and lifestyle choices.We are currently looking for a skilled Director of Governance, Risk & Compliance to spearhead and evolve the WHOOP enterprise GRC program. In this critical role, reporting directly to the Chief Information Security Officer (CISO), you will be accountable for defining and implementing the governance, risk management, and compliance strategy across the organization, ensuring that strategic objectives are translated into scalable programs, robust controls, and measurable results.This senior leadership position involves enhancing and expanding a top-tier GRC function that allows WHOOP to operate swiftly while upholding the highest standards of security, privacy, and regulatory compliance.

Join Whoop as a Senior Risk & Compliance Analyst, where you will play a crucial role in developing robust risk management strategies and ensuring compliance across our operations. You will collaborate with cross-functional teams to identify potential risks and implement effective solutions. Your expertise will directly contribute to maintaining our commitment to integrity and excellence.

At WHOOP, we are dedicated to enhancing human performance and healthspan through our innovative wearable technology. Our devices provide personalized insights that empower millions of members to gain a deeper understanding of their bodies and make informed choices regarding training, recovery, and overall lifestyle.As artificial intelligence continues to integrate into our platform, it is essential to implement robust governance, risk management, and compliance strategies to protect member data, maintain regulatory compliance, and foster secure innovation.We are looking for a talented AI Risk & Compliance Analyst to collaborate with our Security, Product, Engineering, Legal, and Privacy teams. This role will focus on assessing AI-related risks, conducting vendor evaluations, overseeing policy governance, coordinating audits, and ensuring adherence to new AI regulatory frameworks.This position is a senior individual contributor role within the Governance, Risk, and Compliance (GRC) team, offering extensive influence across risk domains and opportunities for collaboration with both technical and business stakeholders.

Join Whoop as a Senior Program Specialist in our Risk & Compliance Operations team. In this pivotal role, you will be responsible for developing and implementing compliance strategies that align with regulatory requirements while driving operational excellence. You will collaborate with cross-functional teams to ensure that compliance practices are effectively integrated into our workflows, safeguarding our organization’s integrity and reputation.

We are seeking a proactive and detail-oriented Risk Manager II to join our dynamic team at dstaff in Boston. In this role, you will be responsible for identifying, assessing, and mitigating risks that could hinder the reputation, safety, security, or financial prosperity of the organization. You will collaborate with various departments to develop risk management strategies and ensure compliance with regulatory requirements.

Join Our Team as the Director of Fraud RiskAt Flywire, we are seeking a strategic leader to shape our fraud risk management framework within our dynamic ecosystem. As the Fraud Risk Director, you will proactively design and implement a comprehensive global fraud prevention strategy rather than merely reacting to emerging threats. Your leadership will be pivotal in ensuring that we maintain robust security while providing a seamless customer experience as we expand into new markets and adopt advanced payment methods. We are searching for an individual who combines expertise in machine learning with operational acumen and high-level strategic vision.Key Responsibilities:Strategy Ownership: Develop, execute, and continually refine a global fraud risk framework that addresses various attack vectors across our core sectors, including Education, Healthcare, Travel, and B2B.Fraud Detection and Analysis: Manage the fraud evaluation process for both new and existing accounts, concentrating on merchant fraud, Account Takeover (ATO), and advanced social engineering tactics.Data-Driven Decision Making: Collaborate with Analytics and Engineering teams to enhance real-time fraud decision-making and automated rulesets, utilizing Flywire's distinctive global payment data.Incident Management: Design a proactive, real-time fraud monitoring and response program. You will lead critical response efforts during high-stakes fraud incidents, coordinating rapid remediation, loss recovery, and thorough post-event analyses to bolster our defense mechanisms.Global Market Entry: Support Flywire’s expansion by evaluating localized fraud trends, risks associated with regional payment methods, and evolving regulatory landscapes.Cross-Functional Leadership: Serve as a strategic advisor to Product and Engineering teams, integrating fraud prevention measures into the user journey through tools like 3DS, biometrics, and behavioral analytics without compromising payment experiences.

Join our dynamic team at dstaff as a Risk Associate. In this role, you will be instrumental in identifying, analyzing, and mitigating risks that may affect our organization. Your analytical skills and attention to detail will help ensure that we maintain a robust risk management framework. You will collaborate with various departments to assess potential risks and develop strategies to address them effectively.

At WHOOP, we are dedicated to revolutionizing human performance and enhancing healthspan. Our mission is to empower our members to achieve optimal performance and longevity through an in-depth understanding of their health and daily activities. Central to this mission is the protection of our members’ data and ensuring that our systems scale securely and reliably.As a Senior Software Engineering Manager within WHOOP, you will assume a pivotal leadership role in our dynamic Platform organization. You will spearhead, develop, and nurture multiple teams focused on safeguarding the security and privacy of our members. This will involve championing secure development practices, overseeing product-facing security initiatives, and architecting scalable security solutions.Beyond core product security functions, you will collaborate closely with cross-functional stakeholders in Product, Software, Legal, and Compliance to secure and uphold HIPAA compliance across WHOOP’s offerings and infrastructure. We are in search of a leader with proven experience in guiding organizations through the transition to HIPAA-compliant frameworks, adept at aligning technical strategies with regulatory and business objectives.In your role as a people manager, you will mentor and guide a talented team of engineers, provide constructive performance feedback, and champion professional development and growth. You will cultivate a culture of innovation, collaboration, psychological safety, and ongoing learning. Your leadership will promote a positive work atmosphere where every team member feels valued, supported, and empowered to excel in their roles.

SimpliSafe is dedicated to home security, with a mission to help customers protect what matters most. The company encourages employees to grow their careers while working together to support those who depend on its products. Work Model This Compliance Specialist position follows a hybrid schedule based in Boston, MA. Teams gather in the Boston office for two core days each week, typically Tuesday, Wednesday, or Thursday, to collaborate in person. For the remaining days, employees have the option to work remotely or from the office, offering a mix of flexibility and face-to-face teamwork.

Role: Information Security AnalystLocation: Boston, MAContract Duration: 6 to 12+ Months!! Open to Green Card Holders and U.S. Citizens Only !!Required Qualifications:Bachelor's degree in Business with IT audit or compliance experience, or a degree in Computer Science with a focus on business and IT Audit/Compliance is preferred.5-7 years of overall IT experience.A minimum of 3 years of experience in a Security Analyst role.Familiarity with regulatory standards such as SOC, ISO, and Privacy Shield is advantageous.Experience with diverse technologies, including SharePoint, various networks, platforms, and applications. Understanding of IT audit methodologies and control frameworks is essential.Knowledge of Linux systems is a plus.Familiarity with security scanning and penetration testing tools (e.g., OpenVAS, Qualys, Acunetix) is beneficial; CISSP certification is preferred.Job Responsibilities:Provide expertise in information security to support compliance with information systems (SOC2 Type 2, ISO27K). Engage with pre-sales, sales, and post-sales activities at eFront.Propose and implement business processes to enhance overall security posture at eFront.Conduct regular reviews of security and privacy policies.Stay abreast of evolving security and privacy landscapes and propose relevant initiatives.Collaborate with both internal and external stakeholders on security audits and remediation processes.Monitor compliance against information security policies and standards through testing, internal control reviews, and risk assessments.Maintain awareness of external regulations and new requirements within IT, and identify industry standards that inform core IT processes (e.g., ISO27001, NIST, SSAE16).This role represents the company’s interests with customers, auditors, and third-party service providers.Facilitate internal and external audits within IT and conduct periodic assessments to address specific risks.Review IT audit findings with various IT functions, providing observations and recommendations while assisting in identifying control gaps and evaluating management action plans.

InterSystems stands at the forefront of healthcare data management and interoperability, delivering essential technology that underpins hospitals, health systems, and national infrastructures globally. Our solutions are integral to some of the most reliable healthcare and financial frameworks in the industry, where availability and security are paramount. As the Security Product Manager, you will play a pivotal role in safeguarding the integrity of these vital infrastructures by ensuring that our platforms, data services, and innovations are grounded in secure, standards-compliant foundations. You will define and lead product strategy at the intersection of database security, cloud infrastructure, and AI integration, driving our products to deliver innovation, resilience, and reliability. At InterSystems, security is a core capability that influences every aspect of our technology stack. This position involves close collaboration with engineering teams and product managers across various domains to ensure that security is consistently designed, implemented, and communicated throughout all products and services.

Role Overview Flywire is hiring a Director of Credit Risk in Boston. This leader sets the direction for credit risk strategy and helps protect the company’s financial stability. The Director manages a team focused on assessing and reducing credit risk, builds and refines risk evaluation methods, and works closely with important stakeholders across the business. Decisions and guidance from this role help maintain strong financial standards and support Flywire’s long-term goals.

About SimpliSafeAt SimpliSafe, we are dedicated to redefining the home security landscape with cutting-edge technology and a commitment to safeguarding the lives of our customers. Our culture values collaboration, humility, and innovation, providing a supportive environment where you can thrive and advance your career. Join us as we continue to make every home secure.We embrace a hybrid work model that allows our teams to work both in our state-of-the-art office and from home. Our hybrid approach encourages in-person collaboration on core days, typically Tuesday, Wednesday, or Thursday, while allowing flexibility for the remainder of the week.

Role overview The Manager of Security Engineering at Contentful leads efforts to safeguard digital assets and maintain secure systems. This leadership role is based in Boston, Massachusetts. What you will do Guide a security engineering team dedicated to protecting company systems and sensitive data. Direct the design and implementation of security architecture to address new and emerging threats. Encourage security awareness and support compliance initiatives across the organization. Location This position is located in Boston, Massachusetts, United States.

About Man Group Man Group is a global alternative investment management firm with headquarters in London and offices worldwide, including Boston, Massachusetts. The firm manages $227.6 billion* in assets as of 31 December 2025, offering Systematic, Discretionary, and Solutions investment strategies. Man Group plc is listed on the London Stock Exchange (EMG.LN) and is a FTSE 250 member. For more details, see www.man.com. *As at 31 December 2025 Role Overview: Portfolio Risk Analyst This position sits within the Financial Risk team, which oversees business, credit, market, and liquidity risks for Man Group itself (not for third-party investors in managed products). Main Responsibilities Identify, measure, and mitigate business, credit, market, and liquidity risks. Provide independent risk oversight for FRM, AHL, and Structured Products. Develop risk appetite and limit frameworks, and monitor risks against these standards. Conduct economic capital reporting and analysis, including ICAAP submissions. Develop and maintain methodologies, models, systems, and policies to support risk management, including the operational risk model. Oversee structured products by monitoring risks related to Loans to Funds, ensuring transparency in monthly rebalances, assessing impacts on the illiquid buyout pipeline, and reviewing liquidity requirements for new products. Perform investment risk analysis and reporting. Location Boston, Massachusetts

Join the innovative team at DigitalOcean as the Manager of Security Defense Engineering. In this pivotal role, you will lead a dynamic group of engineers dedicated to fortifying our security posture and ensuring the integrity of our systems. Your expertise in security defense will be crucial as you develop strategies to mitigate risks and enhance our security infrastructure.As a manager, you will mentor team members, fostering an environment of growth and collaboration. You will also work closely with cross-functional teams to ensure comprehensive security measures are integrated into our workflows. If you are passionate about cybersecurity and thrive in a fast-paced environment, we want to hear from you!

Join Olema Pharmaceuticals as a Senior Manager, Clinical Compliance & Inspection Readiness, where you will play a pivotal role in ensuring our clinical operations meet the highest standards of compliance and readiness for inspections. You will lead initiatives that drive adherence to regulatory requirements and best practices, helping us bring innovative therapies to patients efficiently and safely.

At Olema Oncology, we are committed to innovating and advancing the field of breast cancer treatment and beyond. Our flagship program, palazestrant (OP-1250), is a pioneering complete estrogen receptor antagonist (CERAN) currently in development for metastatic breast cancer, showcasing significant potential as both a standalone therapy and in combination with other treatments for ER+/HER2- metastatic breast cancer. Additionally, our subsequent product candidate, OP-3136, is a KAT6 inhibitor that stands out as best-in-class.We believe that our scientific achievements are propelled by a collaborative environment where we support, inspire, and challenge each other. At Olema, prioritizing the well-being of our team translates into exceptional results. If you are ready to be part of a transformative journey that deeply impacts the lives of our patients and enhances your career, we invite you to join us.For more insights, please check our latest corporate presentations here.About the Role: Senior Manager, Quality Document Control and ComplianceThe Senior Manager of Quality Document Control and Compliance will be a key player in our operations, reporting directly to the Director of Quality Systems. This role will oversee the daily operations of Veeva Vault QDocs, leading document management processes and ensuring compliance standards are met. Responsibilities include but are not limited to the creation and processing of document change control documentation in Veeva QDocs, management of standard operating procedures (SOPs), and GXP documentation, as well as overseeing GXP record processing and archival. You will also be responsible for maintaining document control compliance KPIs and generating metrics for management review.This position is based in our Boston, Massachusetts office and may require approximately 15% travel.Your primary responsibilities will encompass:Acting as the Veeva Vault QDocs Administrator and document control manager.Processing document change control (DCC) for GxP controlled documents in Veeva.Formatting finalized documents to adhere to effective templates.Proofreading and finalizing documents for processing in Veeva QDocs.Collaborating closely with various functional areas to develop, update, manage, and maintain GxP controlled documents.

Axon Enterprise, Inc. is hiring a Senior Manager, Government Affairs for the Northeast Region. This Boston-based position centers on policy development and advocacy that supports both the company and the communities it serves. Key responsibilities Create and implement strategies to shape legislation and regulatory decisions important to Axon. Establish and strengthen relationships with government officials and other influential stakeholders across the Northeast. Lead advocacy work to ensure Axon's interests are considered in public policy debates. Requirements Experience in public policy or government affairs with a strategic approach to complex issues. Demonstrated ability to engage government stakeholders and build productive partnerships. A solid background in advocacy or influencing legislative outcomes.