About The Weather Company:
The Weather Company is the world’s leading weather provider, helping people and businesses make more informed decisions and take action in the face of weather. Together with advanced technology and AI, The Weather Company’s high-volume weather data, insights, advertising, and media solutions across the open web help people, businesses, and brands around the world prepare for and harness the power of weather in a scalable, privacy-forward way. The world’s most accurate forecaster globally, the company reaches hundreds of enterprise clients and more than 360 million monthly active users via its digital properties from The Weather Channel (weather.com) and Weather Underground (wunderground.com).
Job brief:
This role sits at the intersection of technology, risk, and compliance. As a GRC Analyst, you’ll help the organization proactively identify and manage risk across systems, platforms, and processes while ensuring alignment with key regulatory and security frameworks.
You’ll work closely with IT, security, and business teams to assess new and existing technologies, support audits, and strengthen governance practices. A big part of the role is also driving awareness and adoption, helping teams understand risk policies, change management guidelines, and compliance expectations through training and education.
Day to day, you’ll evaluate operational vulnerabilities, perform ongoing compliance and gap assessments, support disaster recovery and business continuity planning, and help ensure change and service transition controls are consistently followed. You’ll also contribute to broader GRC strategy and departmental priorities, helping the organization mature its risk posture over time.
The impact you'll make:
- Have a deep understanding of risk assessment, regulatory frameworks, and emerging trends in the cybersecurity and risk landscape
- Identify points of operational vulnerability and dependencies across technology services, systems, platforms, domains, teams, and activities
- Identify stability and performance trends that indicate the need for strategic and/or process changes to technology service and risk governance
- Understanding of change management guidelines
- Assist in creating a culture of risk and compliance awareness through developments of training and education on risk policies, practices, and industry guidelines
- Facilitate, govern, and measure organizational adoption and adherence to service transition/change-related controls and reporting
- Assist in the execution of departmental plans, including business, production, and/or organizational priorities and contribute to the Governance, Risk and Compliance functional strategy
- Work with IT and business teams to perform security and compliance assessments on new and existing systems, processes, and technology
- Support internal and external audit processes for relevant compliance concerns
- Participate in disaster recovery and business continuity planning and exercises, as appropriate
- Perform periodic gap assessments to validate compliance on an ongoing basis
- Other duties as assigned.
What you've accomplished:
- Bachelor’s degree in Information Technology or equivalent program
- 3+ years of experience in IT governance, risk management, audit, compliance, technology process design & control, or other related technology competencies
- Demonstrated ability to bring multiple stakeholders to agreement on an agreed course of action
- Experience auditing, managing, or implementing risk frameworks such as CMMC, NIST frameworks (i.e., NIST 800-171, 800-53, CSF), and/or SOC 2 Type I and II, or similar.
- Experience working on or with government agencies, defense teams, and organizations
- Excellent understanding of the interdependencies of multiple infrastructure technical
- Technical experience managing compliance activities in cloud environments, specifically AWS
- Direct experience managing and implementing a CMMC program
Base Salary: $70,000 – $80,000
The base salary offered will take into account internal equity and may vary depending on the candidate’s geographic region of work premises, job-related knowledge, skills, and experience, among other factors.
- Flexible Time Off program
- Hybrid work model
- Variety of medical insurance options, including a $0 cost premium employee coverage
- Benefits effective day 1 of employment include a competitive 401K match with no vesting requirement, national health, dental, and vision plans
- Progressive family plan benefits
- An opportunity to work for a global and industry-leading technology company
- Impactful work in a collaborative environment
Top Skills
Similar Jobs
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
