×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant IT Project Manager

Program Manager - Cyber Security, Third Party Risk Management

Job in Seattle, King County, Washington, 98127, USA
Listing for: lululemon
Full Time position
Listed on 2026-02-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, IT Project Manager
Salary/Wage Range or Industry Benchmark: 136200 - 170200 USD Yearly USD 136200.00 170200.00 YEAR
Job Description & How to Apply Below
Position: lululemon Program Manager - Cyber Security, Third Party Risk Management

Overview

lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. We focus on creating positive change to build a healthier, thriving future and an equitable, inclusive and growth-focused environment for our people.

About this team

The Governance, Risk, and Compliance (GRC) team are trusted cybersecurity experts and strategic advisors, driving risk mitigation, regulatory compliance, and operational resilience across the organization. We collaborate closely with key business functions including Brand, Product, IT, and Finance to foster open dialogue, unlock creativity, and implement innovative, forward-thinking solutions that strengthen our compliance posture and enhance operational resilience.

A day in the life
  • Support a culture of risk management, stakeholder risk awareness with measurable risk reduction through effective governance and data-driven reporting.
  • Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures.
  • Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM/STAR, and ISO 31000:2018
  • Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
  • Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs, process metrics, Vendor Risk profiles and management dashboards.
  • Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders.
  • Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring, remediating and reporting risks.
  • Collaborate in stakeholder management, risk articulation, communication, risk reviews, driving risk acceptance and facilitate risk treatment activities
  • Identifies needs, develops and implements technology-related continuous improvement initiatives for the department.
Qualifications
  • 5+ years of experience in Technology Risk, Third Party Risk, Cybersecurity, or GRC.
  • Bachelor's degree with proficiency in Management Information Systems, Technology Management or Cybersecurity
  • Strong program management and analytical skills; ability to translate complex data into insights.
  • Professional certification such as CISM, CRISC, CISSP or PMP are a plus
  • Knowledge/experience with data security and privacy regulations (e.g. NIST CSF, ISO 27001, PCI DSS, GDPR).
  • Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and solve complex problems
Must haves
  • Acknowledge the presence of choice in every moment and take personal responsibility for your life.
  • Possess an entrepreneurial spirit and continuously innovate to achieve great results.
  • Communicate with honesty and kindness and create the space for others to do the same.
  • Lead with courage, knowing the possibility of greatness is bigger than the fear of failure.
  • Foster connection by putting people first and building trusting relationships.
  • Integrate fun and joy as a way of being and working, aka doesn't take yourself too seriously.
Additional notes

Authorization to work in the US is required for this role.

Compensation and benefits package

lululemon's compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and team performance. The typical hiring range for this position is from $136,200-$170,200 USD; the base pay offered is based on market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our competitive annual bonus program, subject to program eligibility requirements.

At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well. Recognizing our teams for their…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search