lululemon · 3 days ago
Program Manager - Cyber Security, Third Party Risk Management
Seattle, WA
Full-time
Hybrid
Senior Level
$136K/yr - $179K/yr
5+ years explululemon is an innovative performance apparel company focused on creating transformational products and experiences. The Program Manager for Cyber Security and Third Party Risk Management will support risk management initiatives, develop assessment lifecycles, and lead strategic programs to enhance compliance and operational resilience.
ApparelE-CommerceFitnessLifestyleSporting GoodsWellness
Responsibilities
Support a culture of risk management, stakeholder risk awareness with measurable risk reduction through effective governance and data-driven reporting
Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures
Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM/STAR, and ISO 31000:2018
Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs, process metrics, Vendor Risk profiles and management dashboards
Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders
Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring, remediating and reporting risks
Collaborate in stakeholder management, risk articulation, communication, risk reviews, driving risk acceptance and facilitate risk treatment activities
Identifies needs, develops and implements technology-related continuous improvement initiatives for the department
Qualification
Required
5+ years of experience in Technology Risk, Third Party Risk, Cybersecurity, or GRC
Bachelor's degree with proficiency in Management Information Systems, Technology Management or Cybersecurity
Strong program management and analytical skills; ability to translate complex data into insights
Knowledge/experience with data security and privacy regulations (e.g. NIST CSF, ISO 27001, PCI DSS, GDPR)
Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and solve complex problems
Authorization to work in the US is required for this role
Preferred
Professional certification such as CISM, CRISC, CISSP or PMP are a plus
Benefits
Extended health and dental benefits, and mental health plans
Paid time off
Savings and retirement plan matching
Generous employee discount
Fitness & yoga classes
Parenthood top-up
Extensive catalog of development course offerings
People networks, mentorship programs, and leadership series (to name a few)
Company
lululemon
Lululemon is a technical athletic apparel company for yoga, running, training, and other sweaty pursuits.
10001+ employees
H1B Sponsorship
lululemon has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (43)
2024 (44)
2023 (43)
2022 (61)
2021 (42)
2020 (19)
Funding
Current Stage
Public CompanyTotal Funding
unknownKey Investors
STORY3 Capital PartnersAdvent International
2021-06-01Post Ipo Secondary
2014-08-08Post Ipo Equity
2007-07-27IPO
Leadership Team
Calvin McDonald
CEO
Meghan Frank
Chief Financial Officer
Recent News
Digital Commerce 360
2026-01-07
The Motley Fool
2026-01-06
Benzinga.com
2026-01-06
Company data provided by crunchbase