Program Manager - Cyber Security, 3rd Party Risk Management

Program Manager - Cyber Security, Third Party Risk Management

who we are

lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in. As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

About this team

The Governance, Risk, and Compliance (GRC) team are trusted cybersecurity experts and strategic advisors, driving riskmitigation, regulatory compliance, and operational resilience across the organization. We collaborate closely with keybusiness functions including Brand, Product, IT, and Finance to foster open dialogue, unlock creativity, and implementinnovative, forward-thinking solutions that strengthen our compliance posture and enhance operational resilience.

A day in the life :

• Support a culture of risk management, stakeholder risk awareness with measurable risk reduction througheffective governance and data-driven reporting.
• Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures.
• Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM / STAR, and ISO 31000 : 2018
• Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
• Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs,process metrics, Vendor Risk profiles and management dashboards.
• Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders.
• Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring,remediating and reporting risks.
• Identifies needs, develops and implements technology-related continuous improvement initiatives for thedepartment.

Qualifications

must haves

additional notes Authorization to work in the US is required for this role.

compensation and benefits package

lululemon’s compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and teamperformance. Thetypical hiring range for this positionis from $136,200-$178,700 annually ; the base pay offered is based on market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our competitive annual bonus program, subject to program eligibility requirements.

At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well. Recognizing our teams for their performance and dedication, other components of our total rewards offerings include support of career development, wellbeing, and personal growth :

Note : The incentive programs, benefits, and perks have certain eligibility requirements. The Company reserves the right to alter these incentive programs, benefits, and perks in whole or in part at any time without advance notice.

workplace arrangement

Hybrid

In-person collaboration and connection is important to our culture. Work is performed onsite, minimum 4 days per week.

Only those applicants under consideration will be contacted. Please accept our utmost appreciation for your interest. Lululemon is an Equal Employment Opportunity employer. Employment decisions are based on merit and business needs, and not on race, color, creed, age, sex, gender, sexual orientation, national origin, religion, marital status, medical condition, physical or mental disability, military service, pregnancy, childbirth and related medical conditions or any other classification protected by federal, state or provincial and local laws and ordinances. Reasonable accommodation is available for qualified individuals with disabilities, upon request. This Equal Employment Opportunity policy applies to all practices relating to recruitment and hiring, compensation, benefits, discipline, transfer, termination and all other terms and conditions of employment. While management is primarily responsible for seeing that Lululemon equal employment opportunity policies are implemented, you share in the responsibility for assuring that, by your personal actions, the policies are effective.

#J-18808-Ljbffr