Security & IT Program Manager @ WHOOP

WHOOP Monitor your sleep, strain, recovery, and health with the most advanced fitness and health wearable available today.

WHOOP helps you discover data-driven insights for a healthier, more empowered life.

At WHOOP, we're on a mission to unlock human performance. WHOOP empowers members to perform at a higher level through a deeper understanding of their bodies and daily lives.

Ensure you read the information regarding this opportunity thoroughly before making an application.

WHOOP is seeking a Security & IT Operations Program Manager responsible for ensuring the organization's security posture aligns with its strategic objectives.

This role involves driving process improvements, managing projects and compliance initiatives, and delivering comprehensive reporting.

The Program Manager will bridge the gap between Security, IT, GRC, and other business units to facilitate effective collaboration and ensure a cohesive security approach.

RESPONSIBILITIES :

• Analyze existing Security, GRC, and IT operations processes to identify areas of opportunity.
• Collaborate with users and departments to understand needs, document requirements, and develop security controls.
• Develop and implement process improvements that enhance efficiency, reduce risk, and improve compliance.
• Develop and maintain documentation for security and IT operations processes, policies, and procedures.
• Manage security and IT operations projects from initiation to closure, ensuring timely delivery and adherence to project goals.
• Develop project plans, timelines, and resource requirements.
• Track project progress, identify risks, and implement mitigation strategies.
• Ensure compliance with relevant security and industry regulations, standards, and frameworks (e.g., ISO 27001, GDPR).
• Develop and implement policies and procedures related to new hires, employee terminations, and transfers, ensuring that all IT & Security requirements are met and compliance is maintained.
• Oversee the implementation and effectiveness of security awareness training programs.
• Monitor compliance activities and identify areas for improvement.
• Coordinate with relevant stakeholders to plan and execute regular risk assessments.
• Enhance and maintain a comprehensive risk register.
• Manage vulnerability remediation, ensuring timely and effective resolution.
• Enhance process for reviewing and approving or rejecting proposed risk mitigation or exception requests.
• Develop and deliver regular executive reports on the security and IT operations program's performance.
• Provide insights and recommendations to senior leadership based on data analysis and industry trends.
• Manage relationships with third-party IT & Security vendors.
• Develop deep knowledge of privacy and security obligations, processes, best practices, and solutions utilized across the organization.

QUALIFICATIONS :

• 3+ years of experience in Security, Compliance, or IT operations with a strong focus on process improvement and project management.
• Proven track record of successfully managing complex projects and delivering results in a fast-paced environment.
• Demonstrated experience in developing and implementing procedures and standards.
• Knowledge of frameworks such as ISO 27001, NIST Cybersecurity Framework, or GDPR preferred.
• Certifications such as Project Management Professional (PMP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) are preferred but not required.

This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.

Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience.

As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.

WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility.

J-18808-Ljbffr