Technology Director - Governance, Risk, and Compliance (GRC)

Lululemoninc
Seattle, WA
Job Description
Role Overview

As Director, Governance Risk & Compliance (GRC), you will own end-to-end delivery for the GRC domain, spanning governance, risk, and compliance and GRC engineering. You will lead multiple teams, establish standards, and make deliberate trade-off decisions that balance risk reduction, operational resilience, and business velocity.

What You Will Do

Own GRC delivery, ensure effective controls, risk management, and measurable capabilities & maturity. Define and execute GRC strategy, including risk management, compliance, and policy governance aligned to global standards (e.g., NIST, ISO).

Why It Might Be a Fit

12–15+ years of experience in cybersecurity, technology risk, or related fields with 4+ years in senior leadership roles. Bachelor’s degree in STEM or related field; advanced degree or certifications preferred.

Requirements

  • 12–15+ years of experience in cybersecurity, technology risk, or related fields
  • 4+ years in senior leadership roles
  • Bachelor’s degree in STEM or related field
  • Advanced degree or certifications preferred
  • Experience leading multi-team cybersecurity functions including GRC, engineering, and/or operations
  • Deep knowledge of security frameworks and regulatory requirements (NIST, ISO 27001, CCPA/CPPA, SOX, PCI, GDPR, etc.)
  • Proven ability to translate risk and threat landscape into executable strategy and investment priorities
  • Strong experience with risk assessment, governance, and cybersecurity program delivery at scale

Benefits

  • Extended health and dental benefits
  • Mental health plans
  • Paid time off
  • Savings and retirement plan matching
  • Generous employee discount
  • Fitness & yoga classes
  • Parenthood top-up
  • Extensive catalog of development course offerings
  • People networks, mentorship programs, and leadership series
]]>