Bumble Inc.

Senior GRC Program Manager

Bumble Inc.

full-time

Posted on:

Location Type: Hybrid

Location: Austin • Texas • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $185,000 - $210,000 per year

Job Level

Senior

Tech Stack

AWSCloudGoogle Cloud PlatformServiceNow

About the role

  • Own Bumble’s Core Compliance Programs:
  • Lead end-to-end management of PCI, SOX, ITGC, and GDPR frameworks — from annual audit planning through evidence collection, remediation, and executive reporting.
  • Drive Audit Efficiency & Automation:
  • Partner with Security Engineering, Finance IT, and Product teams to automate evidence workflows, control attestations, and testing pipelines via tools such as Drata, Vanta, or ServiceNow GRC.
  • Lead SOX & ITGC Program Delivery:
  • Co-own SOX ITGC compliance with Finance IT, directly manage external audit partners, and maintain strong control hygiene across identity, change management, and infrastructure layers.
  • Oversee PCI Compliance Operations:
  • Maintain Bumble’s PCI program scope, manage annual assessments, and coordinate with payments and infrastructure teams to ensure ongoing adherence and minimal audit fatigue.
  • Steward GDPR Alignment:
  • Partner with Legal, Privacy, and Data Engineering to operationalize GDPR requirements, ensuring data protection principles and privacy-by-design controls are consistently validated.
  • Report Risk & Remediation Metrics:
  • Build dashboards and KPI reports that provide visibility into audit readiness, control performance, and remediation progress for executive stakeholders.

Requirements

  • 6+ years of experience in Security GRC, audit, or compliance within a cloud-native or technology-driven environment.
  • Proven ownership of PCI, SOX, ITGC, and GDPR compliance programs — from planning through audit closure.
  • Demonstrated success driving measurable improvements in audit efficiency, control maturity, or automation adoption.
  • Strong working knowledge of cloud architectures (AWS, GCP) and common ITGC control areas — including access management, change management, and incident response.
  • Experience integrating GRC tools with engineering systems (e.g., CI/CD pipelines, Jira, Slack, or identity platforms like Okta).
  • Ability to design or refine control automation workflows and collaborate with engineers on technical control implementation.
  • Practical understanding of data flow mapping and system-of-record validation to support GDPR evidence and privacy controls.
  • Track record of leading multi-stakeholder audits (Finance, Legal, Engineering, Privacy) and aligning diverse teams on deadlines and deliverables.
  • Skilled at presenting complex audit or risk topics to executive leadership using concise, data-driven insights.
  • Capable of drafting clear, audit-ready documentation and control narratives without excessive bureaucracy.
  • Automation-first: Seeks opportunities to replace manual audit processes with system-driven controls.
  • Business-aligned: Understands how to balance compliance requirements with engineering velocity.
  • Outcome-driven: Measures success through reduced audit fatigue, improved evidence hygiene, and faster remediation cycles.
  • Collaborative: Builds trust with auditors and internal stakeholders through transparency and consistency.
Benefits
  • Maven Fertility
  • We offer a $10,000 lifetime benefit opportunity to all employees and their partners around the world. This benefit can be used to support your reproductive journey - from abortion care and related travel costs to fertility treatment, egg-freezing, adoption, surrogacy, and more.
  • Family & compassionate paid leave
  • Family leave to support you and your loved ones when needed (including victims of domestic abuse or violent crime).
  • 26 weeks parental leave
  • 26 weeks paid leave for the primary caregiver following the birth, adoption, surrogacy or foster care of a child. The secondary caregiver will also receive 26 weeks paid leave after 1 year of employment.
  • Unlimited paid time off
  • Take the time you need when you need it.
  • Company-wide week off
  • Once a year, we have a company-wide week off (it’s essential for some teams to continue working and they will be offered alternative time off instead).
  • Focus Fridays
  • Every Friday we try to have a no meeting, no deadline, no email and no Slack rule on a Friday so you can focus without distraction.
  • Check out more of our local benefits here

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
PCI complianceSOX complianceITGC complianceGDPR complianceaudit managementcontrol automationdata flow mappingsystem-of-record validationcloud architecturecontrol maturity
Soft skills
collaborativeoutcome-drivenbusiness-alignedstrong communicationleadershiporganizational skillspresentation skillsstakeholder managementtransparencytrust-building
Restore Hyper Wellness

Program Manager

Restore Hyper Wellness
Mid · Seniorfull-time$95k–$115k / yearTexas · 🇺🇸 United States
Posted: 1 day agoSource: apply.workable.com
AWSAzureCloudPMP
Epicor

Global Contingent Program Analyst

Epicor
Mid · Seniorfull-time$50k–$130k / yearMinnesota, Texas · 🇺🇸 United States
Posted: 1 day agoSource: epicorsoftware.wd5.myworkdayjobs.com
Wolters Kluwer

Technology Project and Program Manager – GenAI Community

Wolters Kluwer
Mid · Seniorfull-time$92k–$127k / yearFlorida, Illinois, Minnesota, Texas · 🇺🇸 United States
Posted: 2 days agoSource: wk.wd3.myworkdayjobs.com
Health Care Service Corporation

Senior Program Manager

Health Care Service Corporation
Seniorfull-time$110k–$199k / yearIllinois, Texas · 🇺🇸 United States
Posted: 3 days agoSource: hcsc.wd1.myworkdayjobs.com