×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Information Security IT Business Analyst

Program Manager - Cyber Security, Third Party Risk Management

Job in Seattle, King County, Washington, 98127, USA
Listing for: lululemon
Full Time position
Listed on 2025-12-25
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Information Security, IT Business Analyst
Job Description & How to Apply Below
Position: lululemon Program Manager - Cyber Security, Third Party Risk Management

Description & Requirements

Lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in.

As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

who we are

Lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in.

As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

About this team

The Governance, Risk, and Compliance (GRC) team are trusted cybersecurity experts and strategic advisors, driving risk mitigation, regulatory compliance, and operational resilience across the organization. We collaborate closely with key business functions including Brand, Product, IT, and Finance to foster open dialogue, unlock creativity, and implement innovative, forward-thinking solutions that strengthen our compliance posture and enhance operational resilience.

A day in the life
  • Support a culture of risk management, stakeholder risk awareness with measurable risk reduction through effective governance and data-driven reporting.
  • Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures.
  • Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM/STAR, and ISO 31000:2018
  • Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
  • Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs, process metrics, Vendor Risk profiles and management dashboards.
  • Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders.
  • Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring, remediating and reporting risks.
  • Collaborate in stakeholder management, risk articulation, communication, risk reviews, driving risk acceptance and facilitate risk treatment activities
  • Identifies needs, develops and implements technology-related continuous improvement initiatives for the department.
Qualifications
  • 5+ years of experience in Technology Risk, Third Party Risk, Cybersecurity, or GRC.
  • Bachelor's degree with proficiency in Management Information Systems, Technology Management or Cybersecurity
  • Strong program management and analytical skills; ability to translate complex data into insights.
  • Professional certification such as CISM, CRISC, CISSP or PMP are a plus
  • Knowledge/experience with data security and privacy regulations (e.g. NIST CSF, ISO 27001, PCI DSS, GDPR).
  • Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and solve complex problems
must haves
  • Acknowledge the presence of choice in every moment and take personal responsibility for your life.
  • Possess an entrepreneurial spirit and continuously innovate to achieve great results.
  • Communicate with honesty and kindness and create the space for others to do the same.
  • Lead with courage, knowing the possibility of greatness is bigger than the…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search