Senior Information Security Engineer
Job Summary
Job Description
WHOOP is seeking a Senior Information Security Engineer to design, implement, and monitor security measures to protect its systems, networks, and data. The role involves serving as a technical lead on security initiatives, collaborating with various teams to reduce risk, and improving security controls and automation. Responsibilities include leading complex security assessments, vulnerability testing, and incident response efforts. The engineer will also lead cloud security governance, focusing on AWS best practices, and collaborate on secure software development. Key tasks include overseeing IAM architecture, securing applications, guiding the deployment of security tools, and leading vulnerability remediation. Additionally, the role involves mentoring team members, promoting a security-first culture, tracking emerging threats, and continuously improving security operations. This position requires continuous learning and adaptation to evolving security threats.
Must have:
- Technical lead for security initiatives
- Design, implement, and improve security controls
- Lead security assessments and vulnerability testing
- Drive incident response efforts
- Lead cloud security governance (AWS)
- Oversee IAM architecture and policies
- Guide security tool deployment
- Lead vulnerability remediation
- Mentor team members
- Promote security-first culture
- Track emerging threats and strategies
- Bachelor's degree in CS or related field
- 6+ years in Information Security
- 2+ years in senior/lead capacity
- Experience with advanced security technologies
- Strong cloud security architecture understanding
- Demonstrated leadership in incident response
- Excellent communication and interpersonal skills
- Strong project management skills
Good to have:
- Experience with CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG
- Experience with Azure, GCP
- Experience performing threat modeling
- Experience in a fast-paced environment
- Familiarity with ticketing systems like Jira
- Solid documentation and operational tracking skills
10 skills required
Job Details
At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives.
WHOOP is seeking a Senior Information Security Engineer to join our team, reporting to our Information Security Manager. In this role you will design, implement, administer, and monitor security measures to protect WHOOP systems, networks, and data from security threats. Success in this role requires continuous learning and adaptation to guard against ever-evolving security threats.
RESPONSIBILITIES:
- Serve as a technical lead and subject matter expert on key security initiatives and cross-functional projects, collaborating with IT, GRC, Software, and other stakeholders to reduce risk across the organization.
- Design, implement, and continuously improve security controls, automation, and monitoring solutions to protect WHOOP systems, infrastructure, and data at scale.
- Lead and execute complex security assessments, vulnerability testing, and risk analysis efforts, providing recommendations and driving remediation plans.
- Drive incident response efforts, including investigation, coordination, containment, remediation, root cause analysis, and post-incident reviews.
- Lead cloud security governance, focusing on AWS security best practices including IAM, networking, encryption, and threat detection.
- Collaborate on secure software development practices in partnership with Product Security and Software teams.
- Oversee and enhance IAM architecture and policies, including SSO, SCIM, MFA, RBAC, and user lifecycle management.
- Provide technical leadership in securing IaaS/PaaS and SaaS applications by defining best practices, conducting reviews, and hardening security controls.
- Guide the deployment, integration, and tuning of security tools such as CASB, EDR, DLP, SIEM, CNAPP, and MDM solutions to maximize effectiveness and coverage.
- Lead efforts to identify, triage, prioritize, and support the remediation of vulnerabilities across cloud environments, infrastructure, and SaaS platforms.
- Lead and mentor team members by providing guidance on security best practices, project execution, work review, and knowledge sharing.
- Promote a culture of security-first thinking across engineering, IT, and product teams by driving awareness, training, and secure development practices.
- Track emerging threats, technologies, and regulatory changes; propose and drive forward-looking security strategies to ensure WHOOP maintains a resilient security posture.
- Continuously assess and improve security operations, workflows, and tooling to meet evolving business and security requirements.
- Participate in and help improve the on-call rotation to support critical security incidents, offering guidance and escalation support as needed.
QUALIFICATIONS:
- Bachelor’s degree in Computer Science, Information Security, or a related technical field.
- 6+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity.
- Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG).
- Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems.
- Demonstrated leadership in security incident response, investigations, and root cause analysis.
- Excellent communication and interpersonal skills with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences.
- Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment.
- Experience mentoring junior engineers and promoting best practices across teams.
- Solid documentation and operational tracking skills with familiarity with ticketing systems such as Jira.
Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Similar Jobs
Cognite
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Remote)
• 3 Months ago
HHA Exchange
Minneapolis, Minnesota, United States (Hybrid)
• 1 Month ago
Rippling
San Francisco, California, United States (On-Site)
• 2 Months ago
Aera Technology
Bucharest, Bucharest, Romania (Hybrid)
• 7 Months ago
Imanage
Chicago, Illinois, United States (Remote)
• 3 Weeks ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
EveryMatrix
Cape Town, Western Cape, South Africa (Hybrid)
• 3 Months ago
ISS Stoxx
Makati City, Metro Manila, Philippines (Hybrid)
• 2 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Boston, Massachusetts, United States
Shield AI
San Diego, California, United States (Remote)
• 3 Weeks ago
Apple
Sunnyvale, California, United States (On-Site)
• 2 Months ago
Atlanta, Georgia, United States (On-Site)
• 3 Months ago
bytedance
Seattle, Washington, United States (On-Site)
• 3 Months ago
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
Epic Games
Porto Alegre, State Of Rio Grande Do Sul, Brazil (On-Site)
• 4 Months ago
Epic Games
Porto Alegre, State Of Rio Grande Do Sul, Brazil (On-Site)
• 4 Months ago
.png%3F1676067498&w=256&q=50)
Get notifed when new similar jobs are uploaded
