Lead Security Architect
Access SystemsSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
TechnologyIndustries
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related technical field
- 6+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
- Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
- Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
- Demonstrated leadership in security incident response, investigations, and root cause analysis
- Excellent communication and interpersonal skills with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
- Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
- Experience mentoring junior engineers and promoting best practices across teams
- Solid documentation and operational tracking skills with familiarity with ticketing systems such as Jira
Responsibilities
- Serve as a technical lead and subject matter expert on key security initiatives and cross-functional projects, collaborating with IT, GRC, Software, and other stakeholders to reduce risk across the organization
- Design, implement, and continuously improve security controls, automation, and monitoring solutions to protect WHOOP systems, infrastructure, and data at scale
- Lead and execute complex security assessments, vulnerability testing, and risk analysis efforts, providing recommendations and driving remediation plans
- Drive incident response efforts, including investigation, coordination, containment, remediation, root cause analysis, and post-incident reviews
- Lead cloud security governance, focusing on AWS security best practices including IAM, networking, encryption, and threat detection
- Collaborate on secure software development practices in partnership with Product Security and Software teams
- Oversee and enhance IAM architecture and policies, including SSO, SCIM, MFA, RBAC, and user lifecycle management
- Provide technical leadership in securing IaaS/PaaS and SaaS applications by defining best practices, conducting reviews, and hardening security controls
- Guide the deployment, integration, and tuning of security tools such as CASB, EDR, DLP, SIEM, CNAPP, and MDM solutions to maximize effectiveness and coverage
- Lead efforts to identify, triage, prioritize, and support the remediation of vulnerabilities across cloud environments, infrastructure, and SaaS platforms
- Lead and mentor team members by providing guidance on security best practices, project execution, work review, and knowledge sharing
- Promote a culture of security-first thinking across engineering, IT, and product teams by driving awareness, training, and secure development practices
- Track emerging threats, technologies, and regulatory changes; propose and drive forward-looking security strategies to ensure WHOOP maintains a resilient security posture
- Continuously assess and improve security operations, workflows, and tooling to meet evolving business and security requirements
- Participate in and help improve the on-call rotation to support critical security incidents, offering guidance and escalation support as needed
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What qualifications and experience are required for the Senior Information Security Engineer role?
A Bachelor’s degree in Computer Science, Information Security, or a related technical field is required, along with 6+ years of hands-on experience in Information Security, IT Security, or a related role.
What are the key responsibilities of this position?
Responsibilities include designing and implementing security controls, leading security assessments and incident response, overseeing IAM and cloud security in AWS, guiding security tools deployment, mentoring team members, and promoting security-first culture.
Is remote work an option for this role?
This information is not specified in the job description.
What is the salary or compensation for this position?
This information is not specified in the job description.
What leadership opportunities does this role offer?
The role involves serving as a technical lead, mentoring team members, providing guidance on security best practices, and participating in on-call rotation for critical incidents.
Whoop
Wearable fitness tracker with personalized insights
About Whoop
WHOOP offers a fitness membership that focuses on improving personal health and performance through a wearable device called the WHOOP Strap 3.0. This device continuously collects physiological data, including heart rate, sleep patterns, and recovery levels, to provide users with personalized recommendations on their daily activity, sleep needs, and readiness for performance. Unlike many competitors, WHOOP operates on a subscription model, where users pay a fee to access the membership, which includes the device and continuous insights through the WHOOP app. This model not only provides a steady revenue stream but also fosters a strong community among users, encouraging engagement through teams, challenges, and social features. The goal of WHOOP is to help users optimize their health and performance while minimizing injury risk.
Boston, MassachusettsHeadquarters
2012Year Founded
$393.7MTotal Funding
SERIES_FCompany Stage
Data & Analytics, HealthcareIndustries
501-1,000Employees
Benefits
Take Time Off: Time outside of the office is important for sleep, strain and recovery! Our PTO plan encourages members to take time off in order to come back refreshed.
Live a Healthy Lifestyle: Our competitive benefits package includes premium medical, dental, and vision coverage for employees and their dependents. Life and disability insurance are also available.
Feel Invested: In addition to a competitive base salary and 401k, you're eligible to receive stock options to share in the future of WHOOP. Work means more when you have personal stake. You have ownership in what we are building.
Eat Well: Keep hunger at bay with endless snacks in our fully stocked kitchen. Enjoy catered team lunches on Friday, and even a cold brew keg.
Know The Product: We want you to understand and experience the product firsthand. We offer you a WHOOP strap and membership at no cost.
Be Active: Take advantage of our office gym and on-site showers! WHOOP also offers a $500 yearly wellness perk for fitness classes and memberships.
Be Present: It’s important to be present when bringing home a new family member. Take care of your loved ones with 12 weeks paid parental leave, plus an additional 2 weeks to gradually return to work.
Love Where You Work: Sitting in the heart of Fenway, our beautiful office overlooks Fenway Park. A prime location for great food, not to mention catching a Sox game, too!
Work Hard, Play Harder: If we don't already have a club here that fits your lifestyle and interests, you're encouraged to start one. Share your passions with others at work, or discover new ones!
Risks
Increased competition from brands like Oura and Fitbit threatens market share.
Privacy concerns over data collection could lead to regulatory challenges.
Economic downturns may affect consumer willingness to pay subscription fees.
Differentiation
WHOOP offers 24/7 physiological data tracking with its WHOOP Strap 3.0.
The company provides personalized health insights for athletes and fitness enthusiasts.
WHOOP's subscription model includes a community aspect for user engagement.
Upsides
WHOOP's partnership with Cristiano Ronaldo boosts brand visibility and credibility.
Expansion into 56 markets enhances WHOOP's global presence and growth potential.
Collaborations with brands like Assos strengthen WHOOP's position in sports technology.
Related Jobs
RemoteRemotePrincipal Security Engineer
Eli Lilly and CompanySalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Cloud Security Engineer
PaytientSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSr. Information Security Analyst
ValonSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Security Operations Analyst
Vanta$139,000 - $164,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSr. IT & Cyber Operations Analyst (Remote)
CrowdstrikeSalary not specified
RemoteSenior Security Engineer
BraceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Program Manager
OpenAISalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Solutions Architect
Kojo$90,000 - $115,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSr Manager, Threat Intelligence
UltraViolet CyberSalary not specified
RemoteSenior Security Analyst, Vulnerability Management
VantaSalary not specified
RemoteSenior Incident Response Engineer
Snowflake$198,000 - $303,600/year
- Full Time
- Junior (1 to 2 years)
RemoteSenior Engineer, IT & Information Security Automation
SmithRxSalary not specified
RemoteSr. IAM DevOps Engineer (Remote)
CrowdstrikeSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteAssociate Theft Investigator
PanoptoSalary not specified
- Full Time
- Entry Level & New Grad, Junior (1 to 2 years)