Job Description

Description & Requirements

who we are

lululemon is an innovative performance apparel company for yoga, running, training, and other athletic pursuits. Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well. We owe our success to our innovative product, emphasis on stores, commitment to our people, and the incredible connections we make in every community we're in. As a company, we focus on creating positive change to build a healthier, thriving future. In particular, that includes creating an equitable, inclusive and growth-focused environment for our people.

About this team

The Governance, Risk, and Compliance (GRC) team are trusted cybersecurity experts and strategic advisors, driving risk mitigation, regulatory compliance, and operational resilience across the organization. We collaborate closely with key business functions including Brand, Product, IT, and Finance to foster open dialogue, unlock creativity, and implement innovative, forward-thinking solutions that strengthen our compliance posture and enhance operational resilience.

A day in the life:

• Support a culture of risk management, stakeholder risk awareness with measurable risk reduction through effective governance and data-driven reporting.
• Develop & mature a Third Party Risk Management assessment lifecycle, policies, standards and procedures.
• Establish & maintain a Technology Risk Management methodology aligned with industry frameworks such as NIST RMF (SP800-37), CIS v8.1, CSA CCM/STAR, and ISO 31000:2018
• Lead strategic, cross-functional initiatives to strengthen Third Party Management program goals & capabilities
• Measure, Manage & Mature the program, track progress, drive improvements, develop and report KPIs, KRAs, process metrics, Vendor Risk profiles and management dashboards.
• Lead & execute deep-dive risk assessments of Tier0 & 1 vendors, analyze complex risk issues, manage Vendor Incident Investigations and deliver clear, actionable reporting to Executive stakeholders.
• Drive automation and AI adoption in GRC workflows to streamline risk lifecycle management, monitoring, remediating and reporting risks.
• Collaborate in stakeholder management, risk articulation, communication, risk reviews, driving risk acceptance and facilitate risk treatment activities
• Identifies needs, develops and implements technology-related continuous improvement initiatives for the department.

Qualifications

• 5+ years of experience in Technology Risk, Third Party Risk, Cybersecurity, or GRC.
• Bachelor's degree with proficiency in Management Information Systems, Technology Management or Cybersecurity
• Strong program management and analytical skills; ability to translate complex data into insights.
• Professional certification such as CISM, CRISC, CISSP or PMP are a plus
• Knowledge/experience with data security and privacy regulations (e.g. NIST CSF, ISO 27001, PCI DSS, GDPR).
• Effective communication and relationship-building skills, a natural affinity for being curious and inquisitive, and an ability to work with ambiguity, analyze situations and solve complex problems

must haves

• Acknowledge the presence of choice in every moment and take personal responsibility for your life.
• Possess an entrepreneurial spirit and continuously innovate to achieve great results.
• Communicate with honesty and kindness and create the space for others to do the same.
• Lead with courage, knowing the possibility of greatness is bigger than the fear of failure.
• Foster connection by putting people first and building trusting relationships.
• Integrate fun and joy as a way of being and working, aka doesn't take yourself too seriously.

additional notes
Authorization to work in the US is required for this role.

compensation and benefits package

lululemon's compensation offerings are grounded in a pay-for-performance philosophy that recognizes exceptional individual and teamperformance. Thetypical hiring range for this position is from $136,200-$178,700 annually ; the base pay offered is based on market location and may vary depending on job-related knowledge, skills, experience, and internal equity. As part of our total rewards offering, permanent employees in this position may be eligible for our competitive annual bonus program, subject to program eligibility requirements.

At lululemon, investing in our people is a top priority. We believe that when life works, work works. We strive to be the place where inclusive leaders come to develop and enable all to be well. Recognizing our teams for their performance and dedication, other components of our total rewards offerings include support of career development, wellbeing, and personal growth:

• Extended health and dental benefits, and mental health plans
• Paid time off
• Savings and retirement plan matching
• Generous employee discount
• Fitness & yoga classes
• Parenthood top-up
• Extensive catalog of development course offerings
• People networks, mentorship programs, and leadership series (to name a few)

Note: The incentive programs, benefits, and perks have certain eligibility requirements. The Company reserves the right to alter these incentive programs, benefits, and perks in whole or in part at any time without advance notice.

workplace arrangement

Hybrid


In-person collaboration and connection is important to our culture. Work is performed onsite, minimum 4 days per week.

#LI-Onsite


#LI- SP1

Job Tags

Permanent employment, Part time,

Similar Jobs