May 21, 2026 Melissa Kashouh

Whoop – Director, Information Security

  • Anywhere

● TALENT ONE MARKET INTELLIGENCE: WHOOP

🔥 TALENT LIQUIDITY:
High demand for security leaders who understand ‘DevSecOps’ rather than just ‘Security Policy’. Supply is tight for those with actual engineering backgrounds.

📈 ALPHA SIGNAL:
Securing a high-growth health-tech firm during a scaling phase provides equity upside that acts as a hedge against inflation; your ability to prevent a data breach is a direct insurance policy for your long-term financial stability.

EST. COMPENSATION
$220k – $275k Base + Equity + Performance Bonus
SECTOR HEAT
85.8/100
CANDIDATE PROTOCOL: Focus on your experience automating compliance and building ‘secure-by-design’ cultures. Don’t just talk about tools; talk about how you reduced friction between Engineering and Security.

Official Role Description: Whoop

At WHOOP, we’re on a mission to unlock human performance and healthspan. Our wearable technology provides personalized insights that help millions of members better understand their bodies and make smarter decisions about training, recovery, and lifestyle. WHOOP is seeking a Director of Information Security to lead the execution of the company’s security engineering and security operations capabilities. This role is accountable for delivering reliable, scalable security programs aligned with business and regulatory requirements in a growing, regulated technology environment. The Director of Information Security will manage an existing security team, oversee the operating model for security engineering and ops, and partner closely with Product Security, Security Architecture, Engineering, IT, GRC, and Legal. This role carries direct accountability for team performance and operational outcomes and is expected to drive execution through metrics, documented processes, and automation.RESPONSIBILITIES: Lead the Information Security function with accountability for security engineering delivery, day-to-day security operations, and the evolving operating model as WHOOP grows and regulatory and risk requirements changeTranslate regulatory, privacy, and risk requirements into effective, auditable technical controls, partnering with Security Architecture to ensure execution aligns with secure-by-design principles and target-state architectureOwn security operations including detection, response, escalation, incident follow-up, and operational readiness, serving as Incident Commander during security events and acting as on-call executive escalation outside of business hours as needed, coordinating internal teams, external partners, and managed security service providersEstablish and maintain standard operating procedures, metrics, automation, and process improvements to measure effectiveness, reduce risk, and scale security operations reliablyOwn the security posture for enterprise and internal use of AI technologies, including guardrails for access, data handling, monitoring, auditability, and the secure adoption of AI-enabled workflows in partnership with Architecture, Product Security, IT, and LegalDirectly manage information security managers and senior individual contributors, setting clear expectations for performance, documentation, and accountability, and partnering with the CISO on hiring strategy, team growth, and capability developmentPartner with GRC and Legal to support audits, assessments, and regulatory obligations, providing technical evidence and subject-matter expertise, and communicate clearly with senior leadership on risk posture, priorities, and program progressQUALIFICATIONS: 10+ years of experience in information security, security engineering, or security operations, including 5+ years managing managers and senior individual contributors; this role is not intended for first-time people managersDemonstrated experience hiring, developing, and holding high-performing security teams accountable through measurable goals, repeatable processes, and clear documentationProven leadership during high-impact security incidents and crisis situations, including coordination across internal teams and external partnersExperience partnering with managed security service providers to drive consistent, outcome-based security operationsStrong ability to prioritize effectively and drive execution in complex, high-growth environmentsExperience designing, building, or scaling security programs grounded in metrics, automation, and operational rigorFamiliarity with regulatory frameworks including HIPAA, GDPR, PCI, and emerging AI-related compliance requirementsExperience supporting healthcare, biometric, or other health-adjacent data environments is preferredBackground in high-growth technology organizations is preferredSecurity certifications such as CISSP, CISM, or equivalent are a plusThis role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office. Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility.  It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success. The U.S. base salary range for this full-time position is $190,000-$220,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training.  In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.

Melissa Kashouh

Founder of Talent One I help enterprise leaders and investors forecast hiring surges, talent shortages, and market friction up to six weeks in advance using our patent-pending predictive intelligence platform. As the founder of Talent One AI (the intelligence layer of The Talent One), I built a system that turns lagging recruiting data into actionable foresight — helping companies reduce technical debt, protect employer brand, and hire ahead of the curve. Based in Providence, Rhode Island.
Talent One ● Entity Alert

Our Proprietary Predictive Labor Market Intelligence is Now Patent-Pending.

The Talent One has officially filed for patent protection on our core predictive system. We have moved talent intelligence from reactive placement to true foresight, allowing us to forecast hiring bottlenecks 6 weeks early with 84.6% directional accuracy.

Verified Backtest Diagnostics
Emerging Defense Tech 86.1 HEAT
Specialized Biotech 84.9 HEAT
Advanced Energy 81.7 HEAT
Request Executive Brief
Request Full Pitch Deck

For qualified partners only. Quick form required — we review before granting access.