Easy Apply
Easy Apply
Lead the Information Security function, manage security operations, ensure compliance with regulations, and develop a high-performing security team at WHOOP.
At WHOOP, we’re on a mission to unlock human performance and healthspan. Our wearable technology provides personalized insights that help millions of members better understand their bodies and make smarter decisions about training, recovery, and lifestyle.
WHOOP is seeking a Director of Information Security to lead the execution of the company’s security engineering and security operations capabilities. This role is accountable for delivering reliable, scalable security programs aligned with business and regulatory requirements in a growing, regulated technology environment.
The Director of Information Security will manage an existing security team, oversee the operating model for security engineering and ops, and partner closely with Product Security, Security Architecture, Engineering, IT, GRC, and Legal. This role carries direct accountability for team performance and operational outcomes and is expected to drive execution through metrics, documented processes, and automation.
RESPONSIBILITIES:
- Lead the Information Security function with accountability for security engineering delivery, day-to-day security operations, and the evolving operating model as WHOOP grows and regulatory and risk requirements change
- Translate regulatory, privacy, and risk requirements into effective, auditable technical controls, partnering with Security Architecture to ensure execution aligns with secure-by-design principles and target-state architecture
- Own security operations including detection, response, escalation, incident follow-up, and operational readiness, serving as Incident Commander during security events and acting as on-call executive escalation outside of business hours as needed, coordinating internal teams, external partners, and managed security service providers
- Establish and maintain standard operating procedures, metrics, automation, and process improvements to measure effectiveness, reduce risk, and scale security operations reliably
- Own the security posture for enterprise and internal use of AI technologies, including guardrails for access, data handling, monitoring, auditability, and the secure adoption of AI-enabled workflows in partnership with Architecture, Product Security, IT, and Legal
- Directly manage information security managers and senior individual contributors, setting clear expectations for performance, documentation, and accountability, and partnering with the CISO on hiring strategy, team growth, and capability development
- Partner with GRC and Legal to support audits, assessments, and regulatory obligations, providing technical evidence and subject-matter expertise, and communicate clearly with senior leadership on risk posture, priorities, and program progress
QUALIFICATIONS:
- 10+ years of experience in information security, security engineering, or security operations, including 5+ years managing managers and senior individual contributors; this role is not intended for first-time people managers
- Demonstrated experience hiring, developing, and holding high-performing security teams accountable through measurable goals, repeatable processes, and clear documentation
- Proven leadership during high-impact security incidents and crisis situations, including coordination across internal teams and external partners
- Experience partnering with managed security service providers to drive consistent, outcome-based security operations
- Strong ability to prioritize effectively and drive execution in complex, high-growth environments
- Experience designing, building, or scaling security programs grounded in metrics, automation, and operational rigor
- Familiarity with regulatory frameworks including HIPAA, GDPR, PCI, and emerging AI-related compliance requirements
- Experience supporting healthcare, biometric, or other health-adjacent data environments is preferred
- Background in high-growth technology organizations is preferred
- Security certifications such as CISSP, CISM, or equivalent are a plus
This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values.
At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success.
The U.S. base salary range for this full-time position is $190,000-$220,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training.
In addition to the base salary, the successful candidate will also receive benefits and a generous equity package.
These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.
Top Skills
Automation
Gdpr
Hipaa
Information Security
Pci
Regulatory Frameworks
Security Engineering
Security Metrics
Security Operations
WHOOP Boston, Massachusetts, USA Office
1 Kenmore Sq, Boston, MA, United States, 02215
Similar Jobs at WHOOP
Fitness • Hardware • Healthtech • Sports • Wearables
The Hardware Engineering Project Manager II will lead hardware projects from concept to launch, coordinating with cross-functional teams, managing risks and resources, and improving project execution processes.
Top Skills:
EngineeringFirmwareHardware DevelopmentManufacturingProject Management SoftwareSupply Chain
Fitness • Hardware • Healthtech • Sports • Wearables
The Staff DevOps Engineer will lead the design and operation of cloud infrastructure on AWS, implement best practices, mentor engineers, and ensure compliance with regulations like HIPAA and GDPR.
Top Skills:
AWSAws CdkCloudFormationEc2EksIamLambdaRdsS3TerraformVpc
Fitness • Hardware • Healthtech • Sports • Wearables
The Senior Director, Growth Marketing will oversee WHOOP's growth strategies, performance marketing investment, and forecasting, ensuring alignment across departments and capitalizing on data-driven decisions for sustainable growth.
Top Skills:
Ai ToolsBudget PacingData AnalysisPerformance Marketing
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
