lululemon · 5 days ago
Program Manager - Cyber Security, Third Party Risk Management
Seattle, WA
Full-time
Hybrid
Senior Level
$143K/yr - $187K/yr
5+ years explululemon is an innovative performance apparel company focused on creating transformational products and experiences. They are seeking a Program Manager to support risk management and compliance initiatives, develop Third Party Risk Management policies, and enhance operational resilience across the organization.
ApparelE-CommerceFitnessLifestyleSporting GoodsWellness
No H1B
Responsibilities
Support a culture of risk management, stakeholder risk awareness with measurable risk reduction through effective governance and data-driven reporting
Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures
Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM/STAR, and ISO 31000:2018
Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs, process metrics, Vendor Risk profiles and management dashboards
Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders
Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring, remediating and reporting risks
Collaborate in stakeholder management, risk articulation, communication, risk reviews, driving risk acceptance and facilitate risk treatment activities
Identifies needs, develops and implements technology-related continuous improvement initiatives for the department
Qualification
Required
5+ years of experience in Technology Risk, Third Party Risk, Cybersecurity, or GRC
Bachelor's degree with proficiency in Management Information Systems, Technology Management or Cybersecurity
Strong program management and analytical skills; ability to translate complex data into insights
Knowledge/experience with data security and privacy regulations (e.g. NIST CSF, ISO 27001, PCI DSS, GDPR)
Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and solve complex problems
Authorization to work in the US is required for this role
Preferred
Professional certification such as CISM, CRISC, CISSP or PMP are a plus
Benefits
Extended health and dental benefits, and mental health plans
Paid time off
Savings and retirement plan matching
Generous employee discount
Fitness & yoga classes
Parenthood top-up
Extensive catalog of development course offerings
People networks, mentorship programs, and leadership series (to name a few)
Company
lululemon
Lululemon is a technical athletic apparel company for yoga, running, training, and other sweaty pursuits.
10001+ employees
Funding
Current Stage
Public CompanyTotal Funding
unknownKey Investors
STORY3 Capital PartnersAdvent International
2021-06-01Post Ipo Secondary
2014-08-08Post Ipo Equity
2007-07-27IPO
Leadership Team
Calvin McDonald
CEO
Meghan Frank
Chief Financial Officer
Recent News
2026-01-24
legacy.thefly.com
2026-01-23
Business – Latest Financial & Stock Market News | New York Post
2026-01-23
Company data provided by crunchbase