CrawlJobs Logo

Lead GRC Program Manager

bumble.com Logo

Bumble Inc.

Location Icon

Location:
United States , Austin

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Requirements:

  • Have you personally built a GRC or compliance program from the ground up in a product or technology company rather than supporting or inheriting an existing program?
  • Have you replaced a recurring manual compliance or audit control with an automated, system-driven control?
  • Have you owned external audits end to end, including control design, evidence strategy, auditor interaction, and remediation decisions?
  • Have you worked through a customer payment or sensitive data flow to determine PCI scope, storage locations, and compliance boundaries?
  • Are you comfortable owning compliance and risk decisions in a fast-moving product environment without relying on a fully implemented GRC platform or large compliance team?
  • Do you live in/within commutable distance to Austin

Additional Information:

Job Posted:
February 18, 2026

Work Type:
Hybrid work
Icon
Bumble Inc. - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Lead GRC Program Manager

Program Manager

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or master’s degree in Project Management, Information Systems, Cybersecurity, Business Administration, or a related field preferred
  • In lieu of a degree, at least ten (10) years of progressively responsible program management experience in federal IT or cybersecurity environments is required
  • A minimum of eight (8) years of overall experience
  • At least five (5) years of experience managing cybersecurity and Governance, Risk, and Compliance (GRC)-specific programs on large federal enterprise systems
  • Project Management Professional (PMP) certification is required
  • Certified Information Systems Security Professional (CISSP) certification is required
  • Proven experience leading cross-functional technical teams in a cybersecurity or RMF-compliant environment
  • Project or task management experience and the ability to perform standard project management tasks
  • Must have excellent written and verbal communication skills and the ability to produce deliverables of high quality without oversight
  • Strong understanding of NIST SP 800-53, RMF, FISMA, federal cybersecurity policy, ATO processes, etc.
Job Responsibility
Job Responsibility
  • Provide overall program leadership and oversight across all contract activities
  • Manage day-to-day operations, team schedules, and performance metrics
  • Serve as the primary interface with stakeholders, including the COR and GTM
  • Ensure timely submission of weekly activity reports, deliverables, and quality control plans
  • Develop and execute transition plans, staffing plans, and strategic recommendations
  • Monitor financial status, operational risks, and program milestones
  • Review ISSO outputs for completeness, accuracy, and compliance with RMF and standards
  • Coordinate training, leave schedules, and ensure contract staffing remains at required levels
  • Lead quality assurance activities and maintain program documentation
  • Evaluate and support special projects to enhance program efficiency or cybersecurity posture
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Cyber Manager's Control Assessment (MCA) Lead Analyst

This role will report to the Cybersecurity MCA Group Manager, responsible for pr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 8+ years of relevant experience
  • Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)
  • Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • Proven experience in implementing sustainable solutions and improving processes
  • Bring creative approaches to help us drive value for clients
  • Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
  • Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
  • Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
  • Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • Fluent in English (ability to read, write, and speak)
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • Drive MCA best practices, transformation, and execution consistency across business/functions
  • Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • Identify and document key controls necessary for mitigation of cybersecurity risk
  • Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
  • Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification
  • Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
  • Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Incident Response, Program Manager

This role will be responsible for execution and program management of Incident R...
Location
Location
United States , Menlo Park
Salary
Salary:
100000.00 - 143000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in program management, consulting, business operations, technical program management, incident management, risk management, compliance management, or other GRC operational discipline
  • 2+ years of experience leading large, technical, cross-functional projects and/or programs
  • 2+ years of direct experience working in corporate privacy incident response or security/privacy compliance functions (e.g., GDPR, CCPA, SOC2)
  • 2+ years work experience collaborating directly with technology product management and engineering teams
  • Set priorities, multi-task and work with autonomy in a rapidly changing workplace environment
  • Bachelor’s degree in related field or equivalent experience
Job Responsibility
Job Responsibility
  • Plan and drive cross-functional incident management projects involving Legal, Policy, Communications, Product, and Engineering teams for complex risk incidents across all risk pillars (e.g. privacy, security, integrity, and AI)
  • Implement and execute ongoing management of compliance operations for incident management across privacy and other risk pillars. Ensure processes and controls meet regulatory obligations and internal standards
  • Build and maintain relationships with stakeholders across Legal, Product, and Engineering to drive alignment and prioritization of incident management and compliance activities for assigned cases
  • Translate technical and compliance details into clear, actionable communications for wide-ranging audiences from executives to engineers. Deliver concise updates and recommendations on incident status, compliance posture, and impact to stakeholders and Risk Organization leadership
  • Perform retrospectives to understand the root cause of incidents and support feedback loops to reduce future incidents and improve incident management processes
  • Advise on industry standards related to incident response and risk oversight practices
  • Identify, champion, and implement process improvements to increase the efficiency and effectiveness of incident management and compliance operations
  • Project manage and prioritize work based on urgency and complexity while building operational cadences across technical and operational teams to coordinate work
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Incident Response, Program Manager

This role will be responsible for execution and program management of Incident R...
Location
Location
United States , Menlo Park
Salary
Salary:
122000.00 - 180000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in program management, consulting, business operations, technical program management, incident management, risk management, compliance management, or other GRC operational discipline
  • 3+ years of experience leading large, technical, cross-functional projects and/or programs
  • 3+ years of direct experience working in corporate privacy incident response or security/privacy compliance functions (e.g., GDPR, CCPA, SOC2)
  • 1+ years work experience collaborating directly with technology product management and engineering teams
  • Set priorities, multi-task and work with autonomy in a rapidly changing workplace environment
  • Bachelor’s degree or higher
Job Responsibility
Job Responsibility
  • Plan and drive cross-functional incident management projects involving Legal, Policy, Communications, Product, and Engineering teams for complex risk incidents across all risk pillars (e.g. privacy, security, integrity, and AI)
  • Implement and execute ongoing management of compliance operations for incident management across privacy and other risk pillars. Ensure processes and controls meet regulatory obligations and internal standards
  • Build and maintain relationships with stakeholders across Legal, Product, and Engineering to drive alignment and prioritization of incident management and compliance activities for assigned cases
  • Translate technical and compliance details into clear, actionable communications for wide-ranging audiences from executives to engineers. Deliver concise updates and recommendations on incident status, compliance posture, and impact to stakeholders and Risk Organization leadership
  • Perform retrospectives to understand the root cause of incidents and support feedback loops to reduce future incidents and improve incident management processes
  • Advise on industry standards related to incident response and risk oversight practices
  • Identify, champion, and implement process improvements to increase the efficiency and effectiveness of incident management and compliance operations
  • Project manage and prioritize work based on urgency and complexity while building operational cadences across technical and operational teams to coordinate work
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Digital Resilience and IT Risk Manager

Our COO Functional Risk Management team embedded in the Digital Resilience Area ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in using GRC tools and reporting tools (e.g., PowerBI)
  • A solid track record of achievement and continues development (can be any academic, professional, and/or sport)
  • Strong understanding of risk management frameworks and methodologies
  • Data-driven mindset with experience in data analysis and interpretation
  • excellent analytical and problem-solving skills
  • An organized and methodological approach with strong interpersonal skills
  • Possess a strong sense of curiosity and the ability to think creatively and innovatively
  • 4+ years of experience in Operational, IT, or Information Security (IS) Risk Management, Management Consulting, IT Governance, or a related field
  • Bachelor’s degree or higher in Information Technology, Engineering, Economics, Risk Management, Business Administration, or any related field
Job Responsibility
Job Responsibility
  • Support, coordinate and oversee information Risk Management Lifecycle activities performed by the 1st LoD
  • Actively contributes to identifying improvements and assist in adapting the Risk Management frameworks to address our rapidly evolving risk landscape
  • Coordinate thorough risk assessments to identify, evaluate and mitigate information risks across the organization
  • Ensure adherence to relevant regulatory requirements and internal policies related to information risk management as well as preparing detailed reports and presentations on risk findings, trends and recommendations for senior management and stakeholders
  • Utilize data analytics to support risk assessments, decision-making processes and to drive insights that enhance risk management strategies
  • Work closely with various business units, IT, IS, Risk and compliance teams to ensure alignment and integration of risk management practices
  • Utilize new technologies and feature within our organizational setup to enhance, scale, and optimize existing risk management processes
  • Develop and deliver training programs to enhance awareness and understanding of information risk management across the organization
  • Foster a risk-driven culture and advocate for the benefits of risk management whilst engaging with leadership and functional leads to ensure alignment and support
What we offer
What we offer
  • We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad
  • We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location)
  • From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered
  • Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach
  • Fulltime
Read More
Arrow Right

Security Strategy and Risk Management Head of Department

The Security Strategy and Risk Management Head of Department is a senior leaders...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
  • Excellent stakeholder management, communication, and leadership skills
  • Demonstrated experience working across multi-disciplinary teams to achieve common objectives
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk assessment, risk issue management, and risk exception management
  • Maintain and enhance risk management frameworks aligned with industry best practices
  • Deliver insightful, data-driven risk reporting to senior leadership
  • Oversee the Information Security compliance and control assurance program
  • Lead coordination of internal and external audits, assessments, and certification processes
  • Lead the Third-Party Risk Management (TPRM) program
  • Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
  • Direct the Information Security Training and Awareness program
  • Partner with the CISO to define and maintain the Information Security strategic roadmap
  • Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
  • Fulltime
Read More
Arrow Right

Global Data Privacy Counsel

We are looking for a senior attorney with extensive experience in global data pr...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor degree from a reputable, accredited U.S. law school
  • Active license in good standing with one or more U.S. state bars (Georgia preferred)
  • 10+ years of progressive experience in data privacy and cybersecurity legal matters, with significant in-house experience at a high-growth, technology-driven company
  • Deep expertise and knowledge of and hands-on experience with U.S. and international data privacy, cybersecurity, and compliance laws and frameworks (including GDPR, CCPA/CPRA, PCI-DSS, ISO certifications, and other relevant global standards) and leading-edge AI regulations and frameworks
  • Demonstrated success in providing strategic legal counsel that balances risk management with enabling innovation and business growth, particularly in payments and data-driven initiatives
  • Proven experience leading global privacy and data protection programs, including managing privacy and data protection risk frameworks and governance
  • Experience managing external counsel, auditors, and regulators
  • Proven ability to lead, develop, and inspire diverse, global teams, including direct leadership experience with Data Protection Officers and other privacy professionals
  • Strong business acumen with the ability to translate complex legal concepts into clear, actionable advice that aligns with business objectives and supports deal-making and sales acceleration
  • Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels, including senior executives and cross-functional teams globally
Job Responsibility
Job Responsibility
  • Serve as a trusted strategic legal advisor to executive leadership, business unit and function heads, and the governance committees on global privacy, data protection, and cybersecurity risks, as well as opportunities aligned with rapid business growth and innovation
  • Design, lead, and continuously evolve the global privacy and data protection program, ensuring it not only meets regulatory requirements but also supports scalable growth and competitive advantage in a fast-paced, high-growth environment
  • Partner closely with product, technology, payments, data, software and hardware sales, marketing, and strategy teams to embed privacy-by-design and data governance principles into all data-driven and payment-related initiatives
  • Advise on privacy, data protection, cross-border data processing, and emerging technologies (AI and machine learning), in connection with parking, public transport and other urban mobility technologies and data services (B2B, B2C), to help the company navigate these complex regulatory environments while accelerating innovation
  • Balance risk management with enabling agility—help business units achieve their ambitious growth objectives without compromising compliance or customer trust
  • Lead and manage a global, unified privacy and data protection team, including the EU Data Protection Officer and EU Privacy Program Manager, and serve as the global privacy and data protection leader responsible for harmonizing privacy and data protection practices across all regions
  • Act as the company’s U.S. and Canada Privacy Officer, overseeing all U.S.-specific and Canada-specific aspects of the global privacy and data protection program
  • Own enterprise-wide development, implementation, and continuous improvement of privacy and data protection policies, standards, and frameworks aligned with relevant global privacy and data protection-related regulations
  • Develop and maintain a privacy and data protection risk management framework and a dashboard of key privacy metrics to inform leadership decision making and monitor program effectiveness in a high-growth environment
  • Lead privacy and data protection audits and program assessments to ensure compliance and identify areas for improvement aligned with rapid company growth
Read More
Arrow Right
New

Lead Security GRC Program Manager

At Bumble, we’re building secure, AI-driven systems that empower connection and ...
Location
Location
United States , Austin
Salary
Salary:
145000.00 - 180000.00 USD / Year
bumble.com Logo
Bumble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment
  • Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure
  • Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption
  • Strong working knowledge of cloud architectures, including hands-on experience operating in GCP environments
  • Experience with AWS is a plus
  • Strong grasp of common ITGC control areas, including access management, change management, and incident response
  • Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta)
  • Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation
  • Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls
  • Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables
Job Responsibility
Job Responsibility
  • Own Bumble’s Core Compliance Programs: Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting
  • Drive Audit Efficiency & Automation: Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC
  • Lead SOX & ITGC Program Delivery: Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers
  • Oversee PCI Compliance Operations: Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue
  • Steward GDPR Alignment: Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated
  • Report Risk & Remediation Metrics: Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders
What we offer
What we offer
  • Maven Fertility: $10,000 lifetime benefit opportunity for reproductive journey support
  • Family & compassionate paid leave
  • 26 weeks parental leave for primary caregiver
  • 26 weeks paid leave for secondary caregiver after 1 year of employment
  • Unlimited paid time off
  • Company-wide week off
  • Focus Fridays
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy