Senior Software Engineering Manager, Product Security

RESPONSIBILITIES:

• Build, lead, and grow multiple engineering teams executing on WHOOP’s product security strategy, including member authentication, vulnerability management, cloud governance, privacy rights fulfillment, and threat modeling.
• Oversee and drive WHOOP’s engineering readiness for HIPAA compliance, coordinating technical implementation, evidence collection, and ongoing governance activities across teams.
• Define and communicate long-term security strategy, architecture, and design principles for product-facing systems.
• Partner with engineering and compliance leadership to embed security and privacy by design across the software development lifecycle.
• Establish and enforce best practices, standards, and processes for secure software development, testing, and deployment.
• Drive continuous improvement initiatives that enhance team productivity, quality, and overall business impact.
• Provide mentorship, guidance, and career development for engineering managers and individual contributors.
• Foster a culture of innovation, teamwork, psychological safety, and continuous learning within the Product Security organization.

QUALIFICATIONS:

• Proven experience as a technical leader managing multiple teams or a growing security engineering organization.
• Experience growing high level individual contributor career growth at the staff level or higher. 
• Demonstrated success leading security or compliance initiatives in a regulated environment, preferably HIPAA or other health data compliance frameworks.
• Deep understanding of product security principles, including vulnerability management, data privacy, threat modeling, and secure software development.
• Experience building or integrating developer security tooling to improve secure-by-default practices.
• Strong technical background in software development, testing, and deployment processes.
• Excellent communication, interpersonal, and leadership skills with the ability to influence across teams and levels.

BONUS QUALIFICATIONS:

• Experience with AWS cloud environments and data-driven decision-making.
• Hands-on experience with infrastructure and cloud security in containerized environments (e.g., Docker, Kubernetes).
• Background in incident response and post-mortem analysis for security events.
• Familiarity with automation frameworks for vulnerability scanning, compliance checks, or infrastructure security.
• Prior experience scaling a product security or compliance engineering organization through major regulatory transitions (e.g., SOC 2 → HIPAA, or HIPAA → HITRUST).

ABOUT YOU:

• You’re a strategic and people-focused leader who thrives on balancing hands-on technical oversight with long-term organizational growth.
• You have experience building and scaling teams to meet new regulatory and business demands.
• You’re passionate about creating secure, privacy-first systems that protect member data and enable innovation.
• You collaborate effectively across technical and non-technical teams and can operate confidently in both strategic and tactical domains.
• Above all, you believe that security and compliance are enablers of innovation, and you lead by fostering a culture that supports both speed and safety.