Executive Director, Info Security

The Walt Disney Company

Remote Actively hiring Posted this week
Seattle, WA · Orlando, FL · New York, NY · Glendale, CA Posted 3 days ago $197,500$265,000 / year
View original post Log in to save

At a glance

AI generated

TL;DR

The Executive Director of Info Security at Disney leads the Global Information Security (GIS) Governance, Risk & Compliance (GRC) team, a strategic powerhouse driving the evolution of information security beyond mere compliance to risk intelligence and automation. This executive role involves transforming GRC into a dynamic, business-aligned function by developing novel approaches to risk quantification and governance integration, ensuring that every decision is informed by robust risk analysis. Key responsibilities include overseeing comprehensive InfoSec Risk Management programs, establishing risk tolerance frameworks, and leading the development of enterprise-wide security policies and standards. The ideal candidate has over 12 years of experience in cybersecurity with a focus on GRC at an enterprise level, expertise in NIST CSF, ISO/IEC 27001, and other critical frameworks, and hands-on familiarity with GRC tooling such as Archer or ServiceNow GRC. Additionally, the role demands strong leadership skills to inspire a high-performing team of around 40 professionals while navigating the unique regulatory landscape of a global entertainment brand.

Skills

NIST CSF ISO/IEC 27001 PCI DSS FAIR Archer SailPoint ServiceNow GRC AWS Azure GCP DevSecOps CI/CD

What you'll do

  • Drive the continuous evolution of Disney’s InfoSec GRC program to a risk-intelligence-led model.
  • Define and advance industry standards for risk quantification and compliance automation.
  • Oversee development and operationalization of comprehensive InfoSec Risk Management Frameworks.
  • Lead the creation of executive-level risk reporting that translates complex risk landscapes into actionable insights.
  • Develop and maintain enterprise-wide Information Security policies aligned with business realities, not just regulatory checklists.

What we're looking for

  • 12+ years of experience in cybersecurity with at least 3 years in leadership roles overseeing GRC functions.
  • Deep expertise in risk management, governance, and compliance across various security frameworks.
  • Proven track record of building and transforming GRC programs to risk-driven models.
  • Strong executive presence and ability to translate technical concepts into clear business language.
  • Expert-level knowledge in implementing and operating GRC tooling platforms.
  • Required certifications: CISSP, CISM, CISA, or CRISC.

Employer

About The Walt Disney Company

The Walt Disney Company is a diversified global entertainment and media enterprise operating in segments including Disney Parks, Experiences and Products; Entertainment (ABC, Hulu, Disney+); and ESPN. Industry: Entertainment & Media

The Walt Disney Company currently has 117 open roles on FindRole.

Listed pay typically runs $148,700–$199,400 across 111 roles with salary data.

Most-posted roles

View all roles at The Walt Disney Company