Associate Director, Program Manager driving operational delivery of digital assessments at College Board. Collaborating across teams to ensure smooth delivery and implementation of assessment initiatives.
About the role
- Senior Security GRC Program Manager at Bumble, overseeing PCI, SOX, ITGC, and GDPR compliance programs. Driving audit excellence and automation maturity across products and infrastructure.
Responsibilities
- Own Bumble’s Core Compliance Programs:
- Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting.
- Drive Audit Efficiency & Automation:
- Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC.
- Lead SOX & ITGC Program Delivery:
- Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers.
- Oversee PCI Compliance Operations:
- Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue.
- Steward GDPR Alignment:
- Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated.
- Report Risk & Remediation Metrics:
- Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders.
Requirements
- 6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment.
- Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure.
- Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption.
- Strong working knowledge of cloud architectures (AWS, GCP) and common ITGC control areas — including access management, change management, and incident response.
- Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta).
- Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation.
- Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls.
- Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables.
- Skilled at presenting complex audit or risk topics to executive leadership using concise, data-driven insights.
- Capable of drafting clear, audit-ready documentation and control narratives without excessive bureaucracy.
- Automation-first: Seeks opportunities to replace manual audit processes with system-driven controls.
- Business-aligned: Understands how to balance compliance requirements with engineering velocity.
- Outcome-driven: Measures success through reduced audit fatigue, improved evidence hygiene, and faster remediation cycles.
- Collaborative: Builds trust with auditors and internal stakeholders through transparency and consistency.
Benefits
- Maven Fertility
- We offer a $10,000 lifetime benefit opportunity to all employees and their partners around the world. This benefit can be used to support your reproductive journey - from abortion care and related travel costs to fertility treatment, egg-freezing, adoption, surrogacy, and more.
- Family & compassionate paid leave
- Family leave to support you and your loved ones when needed (including victims of domestic abuse or violent crime).
- 26 weeks parental leave
- 26 weeks paid leave for the primary caregiver following the birth, adoption, surrogacy or foster care of a child. The secondary caregiver will also receive 26 weeks paid leave after 1 year of employment.
- Unlimited paid time off
- Take the time you need when you need it.
- Company-wide week off
- Once a year, we have a company-wide week off (it’s essential for some teams to continue working and they will be offered alternative time off instead).
- Focus Fridays
- Every Friday we try to have a no meeting, no deadline, no email and no Slack rule on a Friday so you can focus without distraction.
- Check out more of our local benefits here
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Program Manager overseeing comprehensive program management for Government contracts, managing team performance, financials, and ensuring compliance with standards.
Principal Nuclear Fuels Program Manager at PG&E responsible for nuclear fuels purchasing support. Overseeing procurement strategies and ensuring quality assurance in fuel fabrications.
BIM Program Manager leads BIM program and design technology initiatives in a hybrid work environment. Managing technical teams and ensuring standards across projects for improved efficiency.
Sr. Program Manager leading Protected Tactical Enterprise Service program within the Strategic Communications unit at Collins Aerospace. Focused on meeting contractual commitments and managing program execution.
Program Manager overseeing technical projects for reactor component upgrades at Westinghouse. Driving business growth in Europe, Asia, and Latin America through innovative technology.
Senior Vice President, Program Management Senior Lead at Citi overseeing risk management projects in Bangalore, India. Responsibilities include planning, coordination, and stakeholder management for multiple programs.
Procurement Program Manager optimizing Clio’s procurement ecosystem through data analytics and process improvements. Leading cross - functional initiatives to enhance procurement strategy and compliance.
Senior Program Manager leading Mission Systems Production for Boeing's KC - 46 Tanker Program. Collaborating with the US Air Force and internal teams for high - quality delivery and process improvements.
Gift Card Manager managing the EMEA gift card program, driving revenue at Fanatics. Overseeing digital and physical gift cards and B2B sales for a sports merchandising leader.