Job Details
**Information Security Officer**
Boston, MA / Information Technology / At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives.
As the Information Security Officer at WHOOP, you will report to our General Counsel and be responsible for managing our information security risk program. You must be creative and have a passion for and implementing and supporting cyber security standards to keep our customers and our companys data safe. You will be involved in all facets of information security and work across departments in a fast-paced environment, wearing multiple hats and managing large initiatives such as security audits. **RESPONSIBILITIES:**
+ Develop and implement a comprehensive and strategic information security program designed to ensure the privacy and security of our customers and our companys data
+ Work with leadership team to facilitate risk assessment and risk management processes
+ Prioritize adherence to compliance obligations relevant to a global company with health and wellness data (e.g., GDPR, CCPA, CPRA, etc.)
+ Lead compliance initiatives and certifications (e.g., HIPAA, ISO 27001, SOC2, etc.)
+ Create and support a security culture through education and awareness programs
+ Oversee incident response planning as well as information security investigations
+ Respond to RFPs, security questionnaires, and participate in security related meetings with clients
**QUALIFICATIONS:**
+ 10+ years of experience in an information security related role, ideally with relevant professional certifications (CISSP, SSCP, CISM, CISA etc.)
+ Exceptional understanding of risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
+ Must be an intelligent and persuasive leader able to communicate security-related concepts to a broad range of technical and non-technical staff at all levels at WHOOP
+ Experience with incident response, business continuity planning, auditing, and risk management
+ Bonus: experience with FedRamp authorization and HIPAA, ISO 27001, NIST 800-53, PCI DSS and/or other risk frameworks
**This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.**
**WHOOP is an Equal Opportunity Employer and participates in to determine employment eligibility.**