Apply on Employer Site

WHOOP · 3 months ago

Security Program Specialist II

Boston, MA

Full-time

Onsite

Entry, Mid Level

2+ years exp

WHOOP is on a mission to unlock human performance and healthspan by empowering members to understand their bodies and daily lives. The Security Program Specialist II will help coordinate security and privacy requests, perform technical analysis, and ensure compliance with industry standards to protect member data.

Consumer ElectronicsFitnessSportsWearablesWellness

H1B Sponsor Likely

Responsibilities

Triage and evaluate bug bounty submissions, escalating valid vulnerabilities to engineering for remediation and coordinating response

Perform level 1 troubleshooting for member-reported privacy or security concerns, ensuring issues are routed appropriately

Coordinate responses to auditor and regulator requests, including gathering SOC and compliance evidence

Partner with Product Security Engineers to organize and document threat modeling sessions, leaning on technical experts for deep technical details

Track and communicate the status of security issues, ensuring timely follow-up and resolution

Support process improvements to make WHOOP’s security and privacy operations more efficient

Develop, maintain, and track KPIs that measure the effectiveness of product security programs and provide visibility into team performance and risk reduction

Work closely with software teams across the department to adopt and rollout new tooling and security process changes

Qualification

SecurityPrivacy conceptsTechnical analysisBug bounty platformsRegulatory complianceCloud environmentsInterest in security engineeringOrganizational skillsCommunication skills

Required

2–4 years of professional experience in a security, privacy, compliance, or technical support role

Familiarity with security and privacy concepts such as vulnerability reporting, data protection, and regulatory compliance (SOC 2, GDPR, etc.)

Strong organizational skills with the ability to coordinate across multiple teams and stakeholders

Technical aptitude to perform basic analysis of security reports (e.g., reviewing proof-of-concept exploits, testing reproduction steps)

Excellent written and verbal communication skills, with the ability to explain technical issues to non-technical stakeholders

Interest in growing your career in either engineering (security/product) or information security (governance, risk, and compliance)

Preferred

Experience with bug bounty platforms or security incident management

Ability to interpret existing code to validate bug bounty submissions, reproduce issues, and improve triage efficiency

Exposure to cloud environments (AWS preferred)

Company

WHOOP

Glassdoor3.4

WHOOP is a fitness tech company that offers wearables that track sleep, recovery, and performance.

Founded in 2012

Boston, Massachusetts, USA

501-1000 employees

http://www.whoop.com/

H1B Sponsorship

WHOOP has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (32)

2024 (18)

2023 (15)

2022 (5)

2021 (17)

2020 (6)

Funding

Current Stage

Late Stage

Total Funding

$404.75M

Key Investors

SoftBank Vision FundIVPFoundry Group

2021-08-30Series F· $200M

2020-10-28Series E· $100M

2019-11-12Series D· $55M

Leadership Team

Will Ahmed

Founder & CEO

Aurelian Nicolae

Co-Founder & Chief Hardware Engineer

Recent News

Inc42 Media

India Enters The Healthtech 2.0 Era

2026-01-12

MarketScreener

US FDA to limit regulation of health and fitness wearables, commissioner says

2026-01-07

LogisticsGulf

Wasl Group partners with WHOOP

2026-01-06

Company data provided by crunchbase