Easy Apply
Easy Apply
Design secure architectures for WHOOP's platforms, lead security implementation, and ensure compliance with industry standards while mentoring team members.
At WHOOP, we’re on a mission to unlock human performance and extend healthspan. Our wearable technology provides personalized insights that help millions of members better understand their bodies, and make smarter decisions about training, recovery, and lifestyle.
As we expand our platform, deepen our use of data, and scale globally, we’re hiring a Security Architect to design and implement secure, scalable systems that keep our members safe and our business resilient. This is a hands-on role reporting to the CISO, partnering with Engineering, IT, Product Security, and others to embed security into the fabric of how WHOOP builds.
We’re looking for a technically strong, delivery-oriented architect who can operate across cloud, application, and enterprise environments and who thrives in a fast-moving, mission-driven company.
You’ll join a growing, execution-oriented security team with influence across the business. You’ll help shape secure foundations for a global platform, driving technical excellence and clarity in every decision. We operate with urgency, ownership, and high standards, and expect the same from every team member.
RESPONSIBILITIES:
- Design and document secure, scalable architectures across cloud, application, endpoint, and SaaS environments to support growth and innovation
- Lead the implementation and continuous improvement of security capabilities across areas such as threat detection, identity and access management, data protection, and vulnerability management
- Drive secure deployment practices through automation, documentation, and process standardization
- Lead security architecture and control design for WHOOP AI initiatives, including the secure use of third-party AI APIs, protection of sensitive data in AI-powered product features, governance of in-house models and MCP infrastructure, and responsible use of AI capabilities across internal and SaaS platforms
- Partner with Engineering, Product Security, and IT to review new systems and features, advise on tradeoffs, and deliver secure-by-default outcomes
- Serve as a trusted technical leader and mentor across the security and engineering organization
- Drive the architecture and evolution of vulnerability management capabilities, ensuring integration with development pipelines, infrastructure, and program-level visibility
- Align architectural decisions with applicable regulatory requirements and security standards, including GDPR, SOC 2, ISO 27001, PCI, NIST, laws governing health and biometric data, and emerging AI risk and governance frameworks
- Help integrate frameworks like NIST into secure development and operational practices
- Define technical success criteria and partner on security metrics and dashboards that drive accountability and visibility across the organization
QUALIFICATIONS:
- 7–10 years of experience in security architecture, security engineering, or technical security leadership roles supporting complex, distributed systems
- Certifications such as AWS Security Specialty, CCSK,OSCP, or CISSP are strongly valued, but not required.
- Demonstrated expertise in cloud security, particularly in AWS environments and modern cloud-native architectures
- Ability to operate across technical depths, from threat modeling and system design to secure implementation guidance and risk tradeoff discussions
- Proven success collaborating with Engineering, Product, and Infrastructure teams to drive secure outcomes in fast-paced, product-led environments
- Direct experience with AI/ML security and governance, including secure implementation of third-party AI services, protection of sensitive data across internal models and AI-powered features, and support for policy development, auditability, and control across enterprise and SaaS AI tools, including MCP infrastructure, model access, and responsible use
- Experience aligning security programs and architecture with industry frameworks and compliance obligations such as GDPR, SOC 2, ISO 27001, PCI, and NIST
- Strong written and verbal communication skills, with a focus on documentation, stakeholder alignment, and clarity under pressure and the emotional intelligence to collaborate without ego
- High degree of ownership, autonomy, and a proactive, solution-oriented mindset
- Passion for mentorship, process maturity, operational rigor, and helping security functions scale through automation and shared accountability
This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Top Skills
Ai/Ml Security
AWS
Data Protection
Gdpr
Identity And Access Management
Iso 27001
Nist
Pci
Security Architecture
Soc 2
Vulnerability Management
WHOOP Boston, Massachusetts, USA Office
1 Kenmore Sq, Boston, MA, United States, 02215
Similar Jobs at WHOOP
Fitness • Hardware • Healthtech • Sports • Wearables
Lead the development of business systems capabilities while improving processes, performance metrics, and collaborating with cross-functional teams.
Top Skills:
AmplitudeNetSuiteSalesforceSigmaSQL
Fitness • Hardware • Healthtech • Sports • Wearables
As a Sensor Intelligence Engineer, you will design and optimize machine learning algorithms for embedded devices, enhancing diagnostic tools and ensuring accurate physiological data analysis.
Top Skills:
CPythonPyTorchScikit-LearnTensorflow LiteTinyml Frameworks
Fitness • Hardware • Healthtech • Sports • Wearables
As a Senior Software Engineer on the Coaching Team, you will architect LLM-powered coaching features, develop backend systems, and mentor developers.
Top Skills:
AWSJavaPostgres
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
