Executive Director, InfoSec Governance, Risk, and Compliance
$217.3k - $291.5kDisney
Executive Director, InfoSec Governance, Risk, and Compliance
At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences—and we're constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
The Global Information Security (GIS) group provides services to protect the value and use of Disney's information through collaboration, standardization, enforcement, and education across The Walt Disney Company. The main focus areas of this group are: Reduce the risk of both accidental and malicious data disclosure; Identify, monitor, engage with complete inventory of information; Establish appropriate policies and procedures to be followed; Educate user community to minimize risk.
Disney's InfoSec GRC team is seeking a transformational leader to drive the next evolution of Governance, Risk, and Compliance across the enterprise. Reporting to the VP of Information Security, this role will lead the shift from a traditional compliance-driven approach to a modern, risk-intelligence-led model that enables better business decisions, strengthens security posture, and scales with Disney's global technology and content ecosystem. This leader will partner closely with GIS and business leadership to embed risk awareness into daily operations, ensuring GRC is a strategic enabler of innovation—not a barrier.
What You'll Do
- Transform GRC at Disney
- Define and elevate GRC standards by introducing innovative approaches to risk quantification, compliance automation, and integrated governance
- Partner with GIS and segment technology leadership to position GRC as a strategic business enabler, translating complex risks into actionable, executive-ready insights
- Champion a culture where risk awareness is embedded into daily decision-making, enabling intuitive and scalable risk-informed behaviors across the enterprise
Risk Management Leadership
- Lead the design, implementation, and continuous improvement of Disney's enterprise InfoSec Risk Management Framework
- Establish and operationalize risk tolerance models, translating business objectives into clear prioritization, investment, and remediation decisions
- Build and mature a centralized cybersecurity risk register integrating threat intelligence, vulnerabilities, and third-party risk data
- Drive risk-based prioritization across InfoSec functions to ensure measurable risk reduction and alignment to enterprise objectives
- Deliver clear, credible, and decision-ready risk reporting to executive leadership and the Board, including financial risk quantification (e.g., FAIR)
Governance Program Leadership
- Oversee the full lifecycle of InfoSec policies, standards, and guidelines, ensuring they are risk-based, actionable, and aligned with business needs
- Embed governance controls into the technology lifecycle (e.g., DevSecOps, cloud, infrastructure-as-code), reducing reliance on manual processes through automation
- Establish a policy effectiveness framework focused on behavioral change and measurable risk reduction
- Define and advance governance strategies for emerging technologies, including AI/ML, quantum security, and autonomous systems
- Lead enterprise maturity assessments (e.g., NIST CSF) to identify gaps and inform strategic investment decisions
Compliance Program Leadership
- Provide oversight of global regulatory and contractual compliance programs (e.g., SOX, PCI, GDPR, ISO), ensuring consistency and scalability
- Build and operationalize a "compliance-as-a-service" model that enables self-service, automates evidence collection, and minimizes burden on engineering teams
- Monitor and anticipate changes in the regulatory landscape, proactively positioning Disney to meet evolving requirements
Organizational Leadership
- Lead, develop, and scale a high-performing global GRC organization, fostering a culture of accountability, innovation, and continuous improvement
- Drive organizational excellence through strong leadership, talent development, and a focus on delivering scalable, forward-looking solutions
What You'll Bring
Must-Have Qualifications
- 12+ years of progressive experience in cybersecurity, technology risk, or compliance, including 3+ years leading enterprise-scale GRC functions
- Structured problem-solving, audit rigor, and enterprise advisory experience
- Industry experience within large, complex organizations, with the ability to operate effectively in highly matrixed environments
- Proven track record of transforming GRC programs into risk-driven operating models that influence enterprise decision-making
- Deep expertise across risk management, governance, and compliance, including frameworks, policy lifecycle, automation, audit, and controls assurance
- Strong working knowledge of industry frameworks and regulations, including NIST CSF, NIST 800-53, ISO 27001, PCI DSS 4.0, SOX ITGC, and GDPR
- Demonstrated executive presence and exceptional influence skills, with the ability to operate as a trusted advisor to senior leadership and translate complex technical risk into clear business insights
- Experience applying financial risk quantification methodologies (e.g., FAIR) to support investment and prioritization decisions
- Strong customer-focused mindset, ensuring GRC solutions enable the business and enhance—not hinder—user and product experiences
- Experience leading in highly matrixed, global environments, driving alignment across engineering, security, and business stakeholders
Leadership & Transformation Profile (Critical for Success)
- Mindset of a thought partner—not just an operator—bringing a strategic, forward-looking perspective to GRC
- Track record of asking hard questions, challenging legacy ways of working, and driving meaningful change across organizations
- Ability to connect cost, customer experience, and operational efficiency into a cohesive, risk-informed strategy
- Demonstrated success leading large-scale transformation initiatives, influencing without authority, and driving adoption across complex organizations
Technical Expertise
- Advanced expertise in audit methodologies, controls testing, and assurance processes, including ITGCs and automated control environments
- Hands-on experience with leading GRC platforms (e.g., Archer, ServiceNow GRC, SailPoint)
- Strong understanding of cloud security and compliance across AWS, Azure, and GCP environments
- Familiarity with DevSecOps practices and integrating security and governance into software development and infrastructure pipelines
Nice-to-Have Qualifications
- Experience within media, entertainment, or similarly complex, consumer-facing industries
- Experience from a Big 4 consulting firm
- Experience advancing emerging risk domains such as AI/ML governance, third-party risk, or next-generation compliance capabilities
Education
- Bachelor's degree in computer science, information security, or a related field—or equivalent practical experience
- Advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC)
The hiring range for this position in Seattle, WA is $217,300 to $291,500 per year and in New York, NY is $217,300 to $291,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
$185k - $250k
...the Role We are seeking a seasoned, execution-focused Chief Operating Officer (COO)... ...with consistency, speed, and quality. Risk & Compliance Integration: Collaborate with Legal,... ...contracting, vendor management, governance, policy management, and risk-aware operational...SuggestedWork at office$151k - $189k
...Management Team to drive strategic initiatives, accelerate execution, and ensure alignment across the organization. You will... ...89,000 USD About Us Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and...SuggestedWork at officeLocal areaFlexible hours- Executive Advisor, Governance, Risk and Compliance Malleum is at the forefront of next-generation cyber defense, partnering with marquee clients across space, aerospace, defense, government, financial services, and critical infrastructure. We're experiencing exceptional...SuggestedRemote work
- ...Model Risk Management – Program Management – Vice President... ...role in Risk Management and Compliance, ensuring the firm's strength... ...the management of model risk, governance activities are conducted to identify... ...'s smooth and effective execution, including processes like inventory...Suggested
- ...Vice President, Finance Governance & Controls About the Company A growing international... ...take on a pivotal role within the Finance Risk & Controls function. This position is at the crossroads of finance, risk, compliance, and internal audit, with a primary focus...Suggested
- ...Senior Vice President, Legal and Chief Compliance Officer (CCO) About the Company... ...directly impacts organizational strategy, governance, and risk posture. The successful candidate will... ...focus on scaling and development. This executive position requires a candidate with...
$120k - $200k
...Citizen City Remote State/Province Texas Country United States About Us Advisory, Executive Search, Senior Appointments, Interim Management Consultants Job Description Global CEO / Managing Director / COO remote job opening eg Austin, New York, Los Angeles time zones for a...Permanent employmentFull timePart timeInterim roleWork at officeImmediate startRemote work$350k - $400k
...The Chief Risk Officer (CRO) is a newly created role, as we establish a formal... ...of defense, bringing Regulatory & Compliance, Enterprise Risk & Governance and Safety, Resilience & Incident... ...the CRO will partner closely with executive leadership, the Board, and Board-level...Full timeWork at officeRemote work$300k
...reside within the Metro NYC market) Position Type: Full-Time | Executive Leadership About the Opportunity We are seeking a highly... ...of Operations, Regional Vice President, Multi-Site Operations Director, or a similar leadership role, we are interested in speaking...Full time- ...nonpartisan watchdog for New York City government, City agencies, and City employees, vendors... ...agency's Operations, Investigative, Compliance and Legal units, the Chief of Staff... ...financial management protocols. Attend executive level meetings, as required, and follow...Full timeWork experience placementWork at office
$185k - $200k
...University Senior Advisor to the Executive Vice Chancellor and COO Reporting to the Executive Vice Chancellor and Chief Operating Officer (EVC and COO), the Senior Advisor leads strategic initiatives, identifies challenges and implements solutions across the University...Full timeWork at officeAfternoon shift$110k - $140k
...experience remain as strong as our clinical care. Learn more at . The Role We are seeking a Chief of Staff, Operations to support and execute across core operational functions at CBT Collective, balancing innovation and day-to-day operations. This is a hands-on role for an...Full timePrivate practiceRemote workFlexible hours- ...Chief Executive Officer (CEO) and Chief Operating Officer (COO) About the Company Well-regarded independent company in the FMCG & CPG sectors Industry Food & Beverages Type Privately Held About the Role The Company is in search of a dynamic and visionary...Worldwide
- ...Technology Risk Executive Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient... ...prominent corporate, institutional and government clients under the J.P. Morgan and Chase...
- ...Executive Director, Data Governance About the Company Enterprise organization strengthening data governance, risk controls, and regulatory readiness across the business. Industry Financial Services Type Privately Held About the Role The Company...
$110k - $200k
Dormont Manufacturing Co is seeking a Vice President for its Treasury COO office in New York. You will lead critical projects and compliance initiatives while coordinating closely with stakeholders across the organization. The ideal candidate should have 3-5 years of...Work at office- ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency...
- iHeartMedia is looking for a highly organized Second Executive Assistant to support the President & COO. This role involves managing a complex calendar, coordinating travel, and maintaining office operations in a fast-paced environment. The ideal candidate must be detail...Hourly payWork at office
- ...particularly in the areas of time management, decision-making, and execution. The successful candidate will be a trusted partner, gatekeeper... ...lead high-impact special projects, and a proactive approach to risk management are essential. Hiring Manager Title CEO...
$320k - $400k
Flex group is seeking a Chief of Staff and VP of Strategy & Operations in New York, NY. This hybrid role involves serving as a senior partner to the CEO, owning the Strategy & Operations team, and driving enterprise strategy. Candidates must have over 15 years of experience...Flexible hours- ...mission-driven leaders to serve a three-year term on our Board of Directors beginning in March 2026. We are looking for individuals who... ...fundraising and serving as ambassadors for our mission. Governance & Policy: Helping set policies and ensuring effective governance...Remote work
- ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency...
- ...communication and alignment across teams, managing and optimizing operational tools, and ensuring the successful execution of projects by identifying resource gaps, timeline risks, and competing priorities. Applicants for the Chief of Staff position at the company should have a...Remote work
- ...Board Member (Volunteer) Board of Directors | Governance, Strategy & Mission Stewardship Organization... ...oversight Monitor organizational risks and opportunities Help strengthen... ...with fellow board members and executive leadership Professional networking...Remote work
- ...Board Audit Committee Governance, Reporting & Engagement... ...of the Chief Audit Executive organization. As a... ...Committee of the Board of Directors operates effectively... ...including supporting charter compliance, maintaining forward... .../external audit, risk, compliance, legal, governance...Work at office
- ...Senior Executive Assistant Equinix is the world's digital infrastructure company, shortening the path to connectivity to enable the innovations that enrich our work, life and planet. A place where bold ideas are welcomed, human connection is valued, and everyone...Full timeWork at office
$175k - $225k
...policy. Identify and execute financing strategies to... ...revenue-based financing, government grants, and strategic... ...modeling, and risk analysis for new acquisitions... ..., Reporting & Compliance Oversee the preparation... ...leadership, board of directors) and external parties...Full timeLocal area- ...Executive Assistant To The CEO/COO The Executive Assistant (EA) to the CEO/COO is a trusted role responsible for providing comprehensive... ..., including the All Staff Committee, Policy and Operations Compliance Committee, Triad, and Train-the-Trainer program Monitor...Work at officeRemote work
- ...Senior Vice President, Chief Audit Executive (CAE) Location: New York, NY | Windsor... ...internal controls (ICFR & SOX) Regulatory compliance across a complex, highly regulated environment The strength of governance and enterprise risk management This is a highly...
- ...deliver measurable operational, risk, and experience improvements... ...through piloting, governance review, and scaled production... ...BI teams, Technology, Risk & Compliance, and senior leadership to define... ...line leaders to ensure seamless execution and integration across both the...Contract work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Executive Director, InfoSec Governance, Risk, and Compliance. Be the first to apply!
- change management executive New York, NY
- executive work from home New York, NY
- technical executive New York, NY
- executive pastor New York, NY
- managing director financial services New York, NY
- executive team lead asset protection New York, NY
- executive director for marketing & public relations New York, NY
- executive support specialist New York, NY
- executive program manager New York, NY
- associate chief medical officer New York, NY

