Contact Us

Hybrid Senior GRC Program Manager

at Bumble Inc.
Visit Bumble Inc. websiteVisit Bumble Inc. LinkedIn

Posted 4 weeks ago

Apply now

About the role

  • Own Bumble’s Core Compliance Programs:
  • Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting.
  • Drive Audit Efficiency & Automation:
  • Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC.
  • Lead SOX & ITGC Program Delivery:
  • Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers.
  • Oversee PCI Compliance Operations:
  • Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue.
  • Steward GDPR Alignment:
  • Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated.
  • Report Risk & Remediation Metrics:
  • Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders.

Requirements

  • 6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment.
  • Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure.
  • Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption.
  • Strong working knowledge of cloud architectures (AWS, GCP) and common ITGC control areas — including access management, change management, and incident response.
  • Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta).
  • Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation.
  • Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls.
  • Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables.
  • Skilled at presenting complex audit or risk topics to executive leadership using concise, data-driven insights.
  • Capable of drafting clear, audit-ready documentation and control narratives without excessive bureaucracy.
  • Automation-first: Seeks opportunities to replace manual audit processes with system-driven controls.
  • Business-aligned: Understands how to balance compliance requirements with engineering velocity.
  • Outcome-driven: Measures success through reduced audit fatigue, improved evidence hygiene, and faster remediation cycles.
  • Collaborative: Builds trust with auditors and internal stakeholders through transparency and consistency.

Benefits

  • Maven Fertility
  • We offer a $10,000 lifetime benefit opportunity to all employees and their partners around the world. This benefit can be used to support your reproductive journey - from abortion care and related travel costs to fertility treatment, egg-freezing, adoption, surrogacy, and more.
  • Family & compassionate paid leave
  • Family leave to support you and your loved ones when needed (including victims of domestic abuse or violent crime).
  • 26 weeks parental leave
  • 26 weeks paid leave for the primary caregiver following the birth, adoption, surrogacy or foster care of a child. The secondary caregiver will also receive 26 weeks paid leave after 1 year of employment.
  • Unlimited paid time off
  • Take the time you need when you need it.
  • Company-wide week off
  • Once a year, we have a company-wide week off (it’s essential for some teams to continue working and they will be offered alternative time off instead).
  • Focus Fridays
  • Every Friday we try to have a no meeting, no deadline, no email and no Slack rule on a Friday so you can focus without distraction.
  • Check out more of our local benefits here

Job title

Senior GRC Program Manager

Job type

Full Time

Experience level

Senior

Salary

$185,000 - $210,000 per year

Degree requirement

Bachelor's Degree

Tech skills

AWSCloudGoogle Cloud PlatformServiceNow

Location requirements

HybridAustinUnited States

Report this job

See something inaccurate? Let us know and we'll update the listing.

Report job

Similar roles

Browse all Program Manager jobs
GE AerospaceCustomer Program Manager – LEAP

Customer Program Manager at GE Aerospace overseeing aviation contracts and ensuring customer satisfaction. Managing service contracts while driving performance and profitability in the aviation sector.

Onsite Role
New DelhiIndiaProgram Manager
Diabetes Youth FamiliesStaff Solution Program Manager

Staff Solution Program Manager managing IT infrastructure and facility projects at Insulet, a medical device innovator. Leading teams to achieve strategic program objectives with a focus on IT infrastructure.

Hybrid Role
ActonUnited StatesProgram Manager
$136,275 - $204,412 per year