Security Architect

Security Architect

At WHOOP, we're on a mission to unlock human performance and extend healthspan. Our wearable technology provides personalized insights that help millions of members better understand their bodies, and make smarter decisions about training, recovery, and lifestyle.

As we expand our platform, deepen our use of data, and scale globally, we're hiring a Security Architect to design and implement secure, scalable systems that keep our members safe and our business resilient. This is a hands-on role reporting to the CISO, partnering with Engineering, IT, Product Security, and others to embed security into the fabric of how WHOOP builds.

We're looking for a technically strong, delivery-oriented architect who can operate across cloud, application, and enterprise environments and who thrives in a fast-moving, mission-driven company.

You'll join a growing, execution-oriented security team with influence across the business. You'll help shape secure foundations for a global platform, driving technical excellence and clarity in every decision. We operate with urgency, ownership, and high standards, and expect the same from every team member.

Responsibilities :

• Design and document secure, scalable architectures across cloud, application, endpoint, and SaaS environments to support growth and innovation
• Lead the implementation and continuous improvement of security capabilities across areas such as threat detection, identity and access management, data protection, and vulnerability management
• Drive secure deployment practices through automation, documentation, and process standardization
• Lead security architecture and control design for WHOOP AI initiatives, including the secure use of third-party AI APIs, protection of sensitive data in AI-powered product features, governance of in-house models and MCP infrastructure, and responsible use of AI capabilities across internal and SaaS platforms
• Partner with Engineering, Product Security, and IT to review new systems and features, advise on tradeoffs, and deliver secure-by-default outcomes
• Serve as a trusted technical leader and mentor across the security and engineering organization
• Drive the architecture and evolution of vulnerability management capabilities, ensuring integration with development pipelines, infrastructure, and program-level visibility
• Align architectural decisions with applicable regulatory requirements and security standards, including GDPR, SOC 2, ISO 27001, PCI, NIST, laws governing health and biometric data, and emerging AI risk and governance frameworks
• Help integrate frameworks like NIST into secure development and operational practices
• Define technical success criteria and partner on security metrics and dashboards that drive accountability and visibility across the organization

Qualifications :

This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.

Interested in the role, but don't meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.

WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.