<p style="margin: 12pt 0in; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">At WHOOP, we’re on a mission to unlock human performance and healthspan.

Our wearable technology provides personalized insights that help millions of members better understand their bodies and make smarter decisions about training, recovery, and lifestyle.</span>

<p style="margin: 12pt 0in; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Identity is foundational to securing modern cloud-native platforms, SaaS ecosystems, and enterprise systems.

We are seeking an IAM Security Engineer to support the design, implementation, and continuous improvement of identity and access management controls across workforce identity, SaaS platforms, and production cloud environments.</span>

<p style="margin: 12pt 0in; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">In this role, you will work closely with Security, IT, and Engineering teams to implement secure authentication and authorization patterns that protect critical systems and data.</span></br><b>Responsibilities</b></br><div>

<ul style="margin-top: 12.0pt; margin-bottom: .0001pt;">

<li style="margin: 12pt 0in 0.0001pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Implement authentication and authorization controls across SaaS platforms, cloud infrastructure, and internal applications</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Configure and maintain SSO, MFA, conditional access policies, and federation integrations</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Assist with the evolution of single sign-on (SSO), multi-factor authentication (MFA), conditional access, and zero trust access models</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Assist in design and enforce role-based and attribute-based access control models (RBAC/ABAC) across cloud and SaaS systems</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Validate identity provider integrations, including application onboarding and SCIM provisioning</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Partner with Engineering to secure application authentication flows, API access, service-to-service authentication, and token management</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Harden and optimize identity provider configurations, including lifecycle management, federation, and SCIM provisioning</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Support AWS IAM security, including policy implementation, role configuration, cross-account access management, and identity federation</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Implement privileged access and identity lifecycle controls, including provisioning, deprovisioning, access reviews, entitlement governance, least privilege enforcement, and just-in-time access mechanisms</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Secure APIs, service accounts, and non-human identities used in automation and CI/CD workflows</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Implement and improve identity monitoring and detection capabilities, including anomaly detection, session risk analysis, and identity threat response</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Partner with GRC to support identity-related audits, evidence collection, and control validation across frameworks such as ISO 27001, SOC 2, PCI DSS, and GDPR</span></li>

<li style="margin: 0in 0in 12pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Contribute to incident response efforts involving identity compromise, credential abuse, or unauthorized access events</span></li>

</ul></div></br><b>Qualifications</b></br><div>

<ul style="margin-top: 12.0pt; margin-bottom: .0001pt;">

<li style="margin: 12pt 0in 0.0001pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">3+ years of experience in IAM engineering or identity architecture</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Hands-on experience with enterprise identity providers such as Okta, Azure AD, or similar enterprise IAM platforms</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Strong understanding of modern authentication and authorization protocols, including SAML, OAuth 2.0, OIDC, SCIM, and JWT</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Experience designing and implementing RBAC and/or ABAC models in cloud-native environments</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Strong knowledge of AWS IAM, cross-account access models, and cloud identity federation</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Experience securing APIs, service accounts, machine identities, and CI/CD authentication workflows</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Experience with privileged access management concepts and least privilege enforcement</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Experience automating IAM tasks using scripting or infrastructure-as-code tools (i.e., Python, Terraform, or similar infrastructure-as-code tooling)</span></li>

<li style="margin: 0in 0in 0in 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Familiarity with identity threat detection and response methodologies</span></li>

<li style="margin: 0in 0in 12pt 0px; line-height: 115%; font-size: 11pt; font-family: Arial, sans-serif;"><span style="font-family: 'Proxima Nova';">Bachelor’s degree in Computer Science, Cybersecurity, or related field; relevant certifications (i.e., CISSP, CISM, GIAC, AWS Security Specialty, Okta Certified Professional) or equivalent practical experience will also be considered</span></li>

</ul></div></br><div>

<strong><em>This role is based in the WHOOP office located in Boston, MA.

The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office.</em></strong>

<em>Interested in the role, but don’t meet every qualification?

We encourage you to still apply!

At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience.

As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.</em>

<em>WHOOP is an Equal Opportunity Employer and participates in </em><a href="https://www.e-verify.gov/"><em>E-verify </em></a><em>to determine employment eligibility</em>

<em>The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values.</em>

<em>At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success.</em>

<em>The U.S. base salary range for this full-time position is $130,000 - $170,000.

Salary ranges are determined by role, level, and location.

Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training.&nbsp;</em>

<em>In addition to the base salary, the successful candidate will also receive benefits and a generous equity package.</em>

<em>These ranges may be modified in the future to reflect evolving market conditions and organizational needs.

While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements.</em>

</div>