Senior Software Engineering Manager, Product Security

Senior Software Engineering Manager, Product Security

At WHOOP, we're on a mission to unlock human performance and healthspan. WHOOP empowers members to perform at a higher level and live longer through a deeper understanding of their bodies and daily lives. Protecting our members' data and ensuring our systems scale securely and reliably is core to this mission.

As a Senior Software Engineering Manager at WHOOP, you will play a critical leadership role as part of our cross-functional Platform organization. You will build, lead, and grow multiple teams responsible for protecting the security and privacy of our members by driving secure development practices, managing product-facing security programs, and building scalable security solutions.

In addition to core product security responsibilities, you will be responsible for collaborating closely with cross-functional partners across Product, Software, Legal, and Compliance to achieve and maintain HIPAA compliance across WHOOP's products and infrastructure. We are seeking a leader with prior experience helping an organization transition into HIPAA-compliant standards, capable of aligning technical execution with regulatory and business objectives.

On the people management side, you will manage and mentor a team of engineers, provide regular performance feedback, and ensure professional development and growth. You will work to foster a culture of innovation, teamwork, psychological safety, and continuous learning. You are responsible for promoting a positive work environment where all team members feel valued, supported, and empowered to do their best work.

Responsibilities:

• Build, lead, and grow multiple engineering teams executing on WHOOP's product security strategy, including member authentication, vulnerability management, cloud governance, privacy rights fulfillment, and threat modeling.
• Oversee and drive WHOOP's engineering readiness for HIPAA compliance, coordinating technical implementation, evidence collection, and ongoing governance activities across teams.
• Define and communicate long-term security strategy, architecture, and design principles for product-facing systems.
• Partner with engineering and compliance leadership to embed security and privacy by design across the software development lifecycle.
• Establish and enforce best practices, standards, and processes for secure software development, testing, and deployment.
• Drive continuous improvement initiatives that enhance team productivity, quality, and overall business impact.
• Provide mentorship, guidance, and career development for engineering managers and individual contributors.
• Foster a culture of innovation, teamwork, psychological safety, and continuous learning within the Product Security organization.

Qualifications:

• Proven experience as a technical leader managing multiple teams or a growing security engineering organization.
• Experience growing high level individual contributor career growth at the staff level or higher.
• Demonstrated success leading security or compliance initiatives in a regulated environment, preferably HIPAA or other health data compliance frameworks.
• Deep understanding of product security principles, including vulnerability management, data privacy, threat modeling, and secure software development.
• Experience building or integrating developer security tooling to improve secure-by-default practices.
• Strong technical background in software development, testing, and deployment processes.
• Excellent communication, interpersonal, and leadership skills with the ability to influence across teams and levels.

Bonus Qualifications:

• Experience with AWS cloud environments and data-driven decision-making.
• Hands-on experience with infrastructure and cloud security in containerized environments (e.g., Docker, Kubernetes).
• Background in incident response and post-mortem analysis for security events.
• Familiarity with automation frameworks for vulnerability scanning, compliance checks, or infrastructure security.
• Prior experience scaling a product security or compliance engineering organization through major regulatory transitions (e.g., SOC 2 → HIPAA, or HIPAA → HITRUST).

About You:

• You're a strategic and people-focused leader who thrives on balancing hands-on technical oversight with long-term organizational growth.
• You have experience building and scaling teams to meet new regulatory and business demands.
• You're passionate about creating secure, privacy-first systems that protect member data and enable innovation.
• You collaborate effectively across technical and non-technical teams and can operate confidently in both strategic and tactical domains.
• Above all, you believe that security and compliance are enablers of innovation, and you lead by fostering a culture that supports both speed and safety.