Security Analyst

At WHOOP, we are on a mission to unlock human performance and extend healthspan. The security organization supports this mission by protecting the systems, data, and infrastructure that power the platform and enable trusted member experiences. WHOOP is seeking a Security Analyst to support day-to-day security operations and maintain operational visibility across the security environment. This role works closely with the internal security team and external security partners to investigate alerts, coordinate response activities, and ensure security issues are triaged and addressed efficiently. The ideal candidate combines strong analytical skills with operational discipline and enjoys working across security and engineering teams to investigate potential threats and improve security processes. This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office. Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply. WHOOP is an Equal Opportunity Employer and participates in E-verify to determine employment eligibility The WHOOP compensation philosophy is designed to attract, motivate, and retain exceptional talent by offering competitive base salaries, meaningful equity, and consistent pay practices that reflect our mission and core values. At WHOOP, we view total compensation as the combination of base salary, equity, and benefits, with equity serving as a key differentiator that aligns our employees with the long-term success of the company and allows every member of our corporate team to own part of WHOOP and share in the company’s long-term growth and success. The U.S. base salary range for this full-time position is $70,000 - $110,000. Salary ranges are determined by role, level, and location. Within each range, individual pay is based on factors such as job-related skills, experience, performance, and relevant education or training. In addition to the base salary, the successful candidate will also receive benefits and a generous equity package. These ranges may be modified in the future to reflect evolving market conditions and organizational needs. While most offers will typically fall toward the starting point of the range, total compensation will depend on the candidate’s specific qualifications, expertise, and alignment with the role’s requirements. RESPONSIBILITIES: Triage and investigate security alerts originating from internal security tooling as well as those escalated by external security monitoring partners. Monitor and manage the internal security operations ticket queue, ensuring alerts and investigations are prioritized, tracked, and resolved in a timely manner. Assist with investigation of security events across endpoint, identity, cloud, and SaaS platforms. Support incident response activities including investigation, containment coordination, documentation, and post-incident analysis. Respond to external threat intelligence and digital risk alerts related to potential brand abuse, impersonation, or exposed credentials. Collaborate with security engineering teams and external security partners to improve detection coverage and reduce false positives. Help identify gaps in logging, telemetry, or investigation workflows across security platforms. Assist with threat hunting and security investigations using data from SIEM and other security tools. Support vulnerability management workflows by assisting with triage, prioritization, and tracking of remediation activities. Own and manage the security operations queue while serving as a central intake point for security questions, alerts, and reports across the organization, ensuring items are triaged, prioritized, and driven through investigation or resolution. Operate the organization’s phishing simulation program to reduce susceptibility to social engineering threats, including managing phishing campaigns and coordinating targeted remediation training for users with repeated failures. Identify opportunities to improve security operations through process improvements, automation, and responsible use of AI to streamline investigation, triage, and reporting workflows. Maintain documentation for incident response procedures, investigation workflows, and operational playbooks. Participate in the security team’s on-call rotation to support investigation and response activities when needed. QUALIFICATIONS 3+ years of experience in security operations, incident response, threat detection, or a related cybersecurity role. Experience investigating security alerts or suspicious activity across environments such as endpoint, identity, cloud, or SaaS systems. Experience triaging and managing security investigation workflows, including ticket queues or incident tracking systems. Familiarity with SIEM platforms, log analysis, and security monitoring tools. Understanding of common attacker techniques and frameworks such as MITRE ATT&CK. Experience working with security tools such as EDR platforms, identity systems, cloud logging platforms, or similar technologies. Familiarity with modern AI-enabled tools used in enterprise environments and an understanding of risks associated. Experience improving security operations through automation, scripting, or responsible use of AI to increase operational efficiency. Strong analytical and investigative skills with the ability to evaluate security events and determine potential impact. Ability to coordinate investigations across multiple teams and communicate findings clearly to technical and non-technical stakeholders. Strong written documentation skills for incident records, investigation notes, and operational procedures. Relevant security certifications such as Security+, CySA+, SSCP, GSEC, or GCIH are a plus.

{
  "content_hash": "b4c3ded85d67ee43e7263c9df89862854238a0a7fbbf7861911dd2c03180f7dc",
  "source_hash": "fd4095347026c51ca84244bd216c3e32cf8ff4a03823d47fb72b7d4c6d4a8e88",
  "last_changed_at": "2026-06-06T07:57:37.966Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Boston, MA",
    "city": "Boston",
    "region": "MA",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.9
  },
  "salary_max": 110000,
  "salary_min": 70000,
  "inferred_at": "2026-06-06T07:57:37.757Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Boston, MA",
      "city": "Boston",
      "region": "MA",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": "year",
  "workplace_type": "on_site",
  "salary_currency": "USD"
}

{}

{
  "lists": [
    {
      "text": "RESPONSIBILITIES:",
      "content": "<div>\n\n<li>\n<p>Triage and investigate security alerts originating from internal security tooling as well as those escalated by external security monitoring partners.</p>\n</li>\n<li>\n<p>Monitor and manage the internal security operations ticket queue, ensuring alerts and investigations are prioritized, tracked, and resolved in a timely manner.</p>\n</li>\n<li>\n<p>Assist with investigation of security events across endpoint, identity, cloud, and SaaS platforms.</p>\n</li>\n<li>\n<p>Support incident response activities including investigation, containment coordination, documentation, and post-incident analysis.</p>\n</li>\n<li>\n<p>Respond to external threat intelligence and digital risk alerts related to potential brand abuse, impersonation, or exposed credentials.</p>\n</li>\n<li>\n<p>Collaborate with security engineering teams and external security partners to improve detection coverage and reduce false positives.</p>\n</li>\n<li>\n<p>Help identify gaps in logging, telemetry, or investigation workflows across security platforms.</p>\n</li>\n<li>\n<p>Assist with threat hunting and security investigations using data from SIEM and other security tools.</p>\n</li>\n<li>\n<p>Support vulnerability management workflows by assisting with triage, prioritization, and tracking of remediation activities.</p>\n</li>\n<li>\n<p>Own and manage the security operations queue while serving as a central intake point for security questions, alerts, and reports across the organization, ensuring items are triaged, prioritized, and driven through investigation or resolution.</p>\n</li>\n<li>\n<p>Operate the organization’s phishing simulation program to reduce susceptibility to social engineering threats, including managing phishing campaigns and coordinating targeted remediation training for users with repeated failures.</p>\n</li>\n<li>\n<p>Identify opportunities to improve security operations through process improvements, automation, and responsible use of AI to streamline investigation, triage, and reporting workflows.</p>\n</li>\n<li>\n<p>Maintain documentation for incident response procedures, investigation workflows, and operational playbooks.</p>\n</li>\n<li>\n<p>Participate in the security team’s on-call rotation to support investigation and response activities when needed.</p>\n</li>\n\n</div>"
    },
    {
      "text": "QUALIFICATIONS",
      "content": "<div>\n\n<li>\n<p>3+ years of experience in security operations, incident response, threat detection, or a related cybersecurity role.</p>\n</li>\n<li>\n<p>Experience investigating security alerts or suspicious activity across environments such as endpoint, identity, cloud, or SaaS systems.</p>\n</li>\n<li>\n<p>Experience triaging and managing security investigation workflows, including ticket queues or incident tracking systems.</p>\n</li>\n<li>\n<p>Familiarity with SIEM platforms, log analysis, and security monitoring tools.</p>\n</li>\n<li>\n<p>Understanding of common attacker techniques and frameworks such as MITRE ATT&amp;CK.</p>\n</li>\n<li>\n<p>Experience working with security tools such as EDR platforms, identity systems, cloud logging platforms, or similar technologies.</p>\n</li>\n<li>\n<p>Familiarity with modern AI-enabled tools used in enterprise environments and an understanding of risks associated.</p>\n</li>\n<li>\n<p>Experience improving security operations through automation, scripting, or responsible use of AI to increase operational efficiency.</p>\n</li>\n<li>\n<p>Strong analytical and investigative skills with the ability to evaluate security events and determine potential impact.</p>\n</li>\n<li>\n<p>Ability to coordinate investigations across multiple teams and communicate findings clearly to technical and non-technical stakeholders.</p>\n</li>\n<li>\n<p>Strong written documentation skills for incident records, investigation notes, and operational procedures.</p>\n</li>\n<li>\n<p>Relevant security certifications such as Security+, CySA+, SSCP, GSEC, or GCIH are a plus.</p>\n</li>\n\n</div>"
    }
  ],
  "country": "US",
  "createdAt": 1780598616860,
  "updatedAt": null,
  "categories": {
    "team": "Information Security",
    "location": "Boston, MA",
    "allLocations": [
      "Boston, MA"
    ]
  },
  "salaryRange": null,
  "workplaceType": "onsite"
}