Director Information Security

RESPONSIBILITIES:

• Lead the Information Security function with accountability for security engineering delivery day-to-day security operations and the evolving operating model as WHOOP grows and regulatory and risk requirements change
• Translate regulatory privacy and risk requirements into effective auditable technical controls partnering with Security Architecture to ensure execution aligns with secure-by-design principles and target-state architecture
• Own security operations including detection response escalation incident follow-up and operational readiness serving as Incident Commander during security events and acting as on-call executive escalation outside of business hours as needed coordinating internal teams external partners and managed security service providers
• Establish and maintain standard operating procedures metrics automation and process improvements to measure effectiveness reduce risk and scale security operations reliably
• Own the security posture for enterprise and internal use of AI technologies including guardrails for access data handling monitoring auditability and the secure adoption of AI-enabled workflows in partnership with Architecture Product Security IT and Legal
• Directly manage information security managers and senior individual contributors setting clear expectations for performance documentation and accountability and partnering with the CISO on hiring strategy team growth and capability development
• Partner with GRC and Legal to support audits assessments and regulatory obligations providing technical evidence and subject-matter expertise and communicate clearly with senior leadership on risk posture priorities and program progress

QUALIFICATIONS:

• 10+ years of experience in information security security engineering or security operations including 5+ years managing managers and senior individual contributors; this role is not intended for first-time people managers
• Demonstrated experience hiring developing and holding high-performing security teams accountable through measurable goals repeatable processes and clear documentation
• Proven leadership during high-impact security incidents and crisis situations including coordination across internal teams and external partners
• Experience partnering with managed security service providers to drive consistent outcome-based security operations
• Strong ability to prioritize effectively and drive execution in complex high-growth environments
• Experience designing building or scaling security programs grounded in metrics automation and operational rigor
• Familiarity with regulatory frameworks including HIPAA GDPR PCI and emerging AI-related compliance requirements
• Experience supporting healthcare biometric or other health-adjacent data environments is preferred
• Background in high-growth technology organizations is preferred
• Security certifications such as CISSP CISM or equivalent are a plus

What We Do

At WHOOP we’re on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives. Our wearable device and performance optimization platform has been adopted by many of the world's greatest athletes and consumers alike.

Why Work With Us

At WHOOP we’re focused on building an inclusive and equitable team with a strong sense of belonging for everyone—increasing representation in every way as our team grows. We believe that our differences are our source of strength—so much so it’s one of our core values.


Gallery