Lead GRC Program Manager job opportunity at Bumble Inc.

Home Jobs In United States Of America Tag: Finance – Information Security Governance, Risk & Compliance (GRC) Lead GRC Program Manager position at Bumble Inc


bot
Bumble Inc Lead GRC Program Manager
Experience: 6 Years
Pattern: hybrid
Country:
apply Apply Now
Salary:
Status:

Finance,Information Security Governance, Risk & Compliance (GRC)

Copy Link Report
degreeBachelor's (B.Sc.)
loacation US TX Austin, United States Of America
loacation US TX Austin....United States Of America

About BumbleAt Bumble, we’re building secure, AI-driven systems that empower connection and trust globally. Security and privacy are at the heart of that mission.We’re seeking a Lead Security GRC Program Manager to lead our PCI, SOX, ITGC, and GDPR programs, driving audit excellence, automation maturity, and cross-functional compliance alignment across Bumble’s products and infrastructure.This role is ideal for someone who thrives in fast-moving environments and knows how to transform compliance from a checkpoint into a scalable, automated enabler of trust.Please note: We are unable to offer Visa transfers or Visa sponsorship\nWhat You’ll DoOwn Bumble’s Core Compliance Programs: Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting.Drive Audit Efficiency & Automation: Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC.Lead SOX & ITGC Program Delivery: Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers.Oversee PCI Compliance Operations: Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue.Steward GDPR Alignment: Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated.Report Risk & Remediation Metrics: Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders.Must-HavesProgram Leadership Experience:6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment.Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure.Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption.Technical Acumen:Strong working knowledge of cloud architectures, including hands-on experience operating in GCP environments. Experience with AWS is a plus. Candidates should also have a strong grasp of common ITGC control areas, including access management, change management, and incident response.Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta).Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation.Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls.Execution & Communication:Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables.Skilled at presenting complex audit or risk topics to executive leadership using concise, data-driven insights.Capable of drafting clear, audit-ready documentation and control narratives without excessive bureaucracy.Mindset & Operating Style:Automation-first: Seeks opportunities to replace manual audit processes with system-driven controls.Business-aligned: Understands how to balance compliance requirements with engineering velocity.Outcome-driven: Measures success through reduced audit fatigue, improved evidence hygiene, and faster remediation cycles.Collaborative: Builds trust with auditors and internal stakeholders through transparency and consistency.Nice-to-HavesHands-on experience automating evidence collection or audit testing workflows.Familiarity with data protection impact assessments (DPIAs) and GDPR privacy operations.Experience building or maintaining risk registers, executive dashboards, or compliance OKRs/KPIs.Certifications such as CISA, CISM, CISSP, CRISC, or ISO Lead Auditor.Background in payments, fintech, or regulated SaaS environments.\n$145,000 - $180,000 a yearPlease note: We are unable to offer Visa transfers or Visa sponsorshipLocation This role is based in Austin, and we ask that you’re within a commutable distance to this office, so that you’re able to come onsite regularly to collaborate across engineering teams, Monday - Wednesday.We have a hybrid work style and ask that all Engineers be onsite Monday - Wednesday.Please note: We are unable to offer Visa sponsorship at this timeGlobal benefitsMaven Fertility We offer a $10,000 lifetime benefit opportunity to all employees and their partners around the world. This benefit can be used to support your reproductive journey - from abortion care and related travel costs to fertility treatment, egg-freezing, adoption, surrogacy, and more. Family & compassionate paid leaveFamily leave to support you and your loved ones when needed (including victims of domestic abuse or violent crime).26 weeks parental leave 26 weeks paid leave for the primary caregiver following the birth, adoption, surrogacy or foster care of a child. The secondary caregiver will also receive 26 weeks paid leave after 1 year of employment.Unlimited paid time offTake the time you need when you need it. Company-wide week offOnce a year, we have a company-wide week off (it’s essential for some teams to continue working and they will be offered alternative time off instead).Focus FridaysEvery Friday we try to have a no meeting, no deadline, no email and no Slack rule on a Friday so you can focus without distraction.Check out more of our local benefits here\nAbout UsBumble Inc. is the parent company of Bumble Date, BFF, and Badoo. The Bumble platform enables people to build healthy and equitable relationships, through Kind Connections. Founded by Whitney Wolfe Herd in 2014, Bumble was one of the first dating apps built with women at the center and connects people across dating (Bumble Date) and friendship (BFF). BFF is a friendship app where people in all stages of life can meet people nearby and create meaningful platonic connections and community based on shared interests. Badoo, which was founded in 2006, is one of the pioneers of web and mobile dating products. AI FluencyAI is important to us. We’re excited by people who are curious and experimental, and who think thoughtfully about how AI can amplify their impact and outcomes.We encourage you to use AI responsibly as you prepare your application. Please don’t use it to fabricate experiences or answer questions live in interviews. We care deeply about authenticity and want to understand your real skills, judgment and voice, because building a meaningful, genuine connection with you matters to us.Inclusion at Bumble Inc. Bumble Inc. is an equal opportunity employer and we strongly encourage people of all ages, colour, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, people with disabilities, and neurodivergent people to apply. We're happy to make any reasonable adjustments that will help you feel more confident throughout the process, please don't hesitate to let us know how we can help.In your application, please feel free to note which pronouns you use (For example: she/her, he/him, they/them, etc).AI in Bumble Inc. Hiring At Bumble, we may use AI tools to support parts of our recruitment process — such as helping us record, transcribe, and summarize conversations, and supporting job alignment by comparing resumes and job descriptions to highlight skills and potential roles that may be a good match. These tools help us work more efficiently and stay focused on you during our conversations. Importantly, all hiring decisions are made by people. AI is used only to support our team’s efficiency and improve the candidate experience — not to evaluate or decide on your candidacy. Participation in AI-supported interviews and conversations is completely voluntary and will not impact your candidacy. If you’d prefer to opt out, simply let your recruiter or interviewer know at the start of a call, or anytime during the interview or conversation. Summaries and related data are retained only as long as needed in line with our internal data retention policies. If at any point you’d like a transcription or summary deleted, please contact your recruiter directly.For further information on how we hold and manage your data, please refer to our Privacy Policy.

Other Ai Matches

Senior Accountant, Intercompany and Consolidation Applicants are expected to have a solid experience in handling Finance – Accounting related tasks
Senior Android Engineer Applicants are expected to have a solid experience in handling Engineering – Software Engineering related tasks
Specialist, Compliance Applicants are expected to have a solid experience in handling Customer Experience & Trust – Member Support related tasks
Staff Product Manager - Artificial Intelligence Applicants are expected to have a solid experience in handling Product – Product Management related tasks
Senior Pricing Manager – Economy Applicants are expected to have a solid experience in handling Finance – Revenue related tasks
Staff Product Designer - Trust & Safety Applicants are expected to have a solid experience in handling Product – Product Design related tasks
Staff Content Designer Applicants are expected to have a solid experience in handling Product – Content Design related tasks
Lead GRC Program Manager Applicants are expected to have a solid experience in handling Finance – Information Security Governance, Risk & Compliance (GRC) related tasks
Social Media Manager Applicants are expected to have a solid experience in handling Marketing & Brand – Social Media related tasks
Senior Data Scientist - Marketing Applicants are expected to have a solid experience in handling Data & Analytics – Data Science related tasks
Senior Specialist, Compliance Applicants are expected to have a solid experience in handling Customer Experience & Trust – Member Support related tasks
Employee Relations Advisor (Fixed Term Contract – 9 months) Applicants are expected to have a solid experience in handling People & Culture – Employee Relations related tasks
Senior Software Engineer (Recommendations) Applicants are expected to have a solid experience in handling Engineering – Software Engineering related tasks
Staff Application / Product Security Engineer Applicants are expected to have a solid experience in handling Information Technology – Information Security Engineering related tasks
Associate Director, Social Media Applicants are expected to have a solid experience in handling Marketing & Brand – Social Media related tasks
Senior Policy Manager Applicants are expected to have a solid experience in handling Customer Experience & Trust – Member Safety related tasks
Advertising Partnerships Manager Applicants are expected to have a solid experience in handling Product – Product Management related tasks
Associate Data Scientist - Marketing Applicants are expected to have a solid experience in handling Data & Analytics – Data Science related tasks
Senior Application / Product Security Engineer Applicants are expected to have a solid experience in handling Information Technology – Information Security Engineering related tasks
Senior Site Reliability Engineer Applicants are expected to have a solid experience in handling Engineering – Infrastructure Engineering related tasks
Senior Operations Specialist, AI Enablement Applicants are expected to have a solid experience in handling Customer Experience & Trust – Member Support related tasks
Senior Director Privacy Counsel (AUS, NYC) Applicants are expected to have a solid experience in handling Legal – Legal Counsel related tasks
Senior iOS Engineer Applicants are expected to have a solid experience in handling Engineering – Software Engineering related tasks