Senior Software Engineering Manager, Product Security
Boston, MAFull-TimeManagerSoftware Engineering
RESPONSIBILITIES:
- Build, lead, and grow multiple engineering teams executing on WHOOP’s product security strategy, including member authentication, vulnerability management, cloud governance, privacy rights fulfillment, and threat modeling.
- Oversee and drive WHOOP’s engineering readiness for HIPAA compliance, coordinating technical implementation, evidence collection, and ongoing governance activities across teams.
- Define and communicate long-term security strategy, architecture, and design principles for product-facing systems.
- Partner with engineering and compliance leadership to embed security and privacy by design across the software development lifecycle.
- Establish and enforce best practices, standards, and processes for secure software development, testing, and deployment.
- Drive continuous improvement initiatives that enhance team productivity, quality, and overall business impact.
- Provide mentorship, guidance, and career development for engineering managers and individual contributors.
- Foster a culture of innovation, teamwork, psychological safety, and continuous learning within the Product Security organization.
QUALIFICATIONS:
- Proven experience as a technical leader managing multiple teams or a growing security engineering organization.
- Experience growing high level individual contributor career growth at the staff level or higher.
- Demonstrated success leading security or compliance initiatives in a regulated environment, preferably HIPAA or other health data compliance frameworks.
- Deep understanding of product security principles, including vulnerability management, data privacy, threat modeling, and secure software development.
- Experience building or integrating developer security tooling to improve secure-by-default practices.
- Strong technical background in software development, testing, and deployment processes.
- Excellent communication, interpersonal, and leadership skills with the ability to influence across teams and levels.
BONUS QUALIFICATIONS:
- Experience with AWS cloud environments and data-driven decision-making.
- Hands-on experience with infrastructure and cloud security in containerized environments (e.g., Docker, Kubernetes).
- Background in incident response and post-mortem analysis for security events.
- Familiarity with automation frameworks for vulnerability scanning, compliance checks, or infrastructure security.
- Prior experience scaling a product security or compliance engineering organization through major regulatory transitions (e.g., SOC 2 → HIPAA, or HIPAA → HITRUST).
ABOUT YOU:
- You’re a strategic and people-focused leader who thrives on balancing hands-on technical oversight with long-term organizational growth.
- You have experience building and scaling teams to meet new regulatory and business demands.
- You’re passionate about creating secure, privacy-first systems that protect member data and enable innovation.
- You collaborate effectively across technical and non-technical teams and can operate confidently in both strategic and tactical domains.
- Above all, you believe that security and compliance are enablers of innovation, and you lead by fostering a culture that supports both speed and safety.
