Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Executive Director, InfoSec Governance, Risk, and Compliance

$217.3k - $291.5k

Disney

Executive Director, InfoSec Governance, Risk, and Compliance

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences—and we're constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) group provides services to protect the value and use of Disney's information through collaboration, standardization, enforcement, and education across The Walt Disney Company. The main focus areas of this group are: Reduce the risk of both accidental and malicious data disclosure; Identify, monitor, engage with complete inventory of information; Establish appropriate policies and procedures to be followed; Educate user community to minimize risk.

Disney's InfoSec GRC team is seeking a transformational leader to drive the next evolution of Governance, Risk, and Compliance across the enterprise. Reporting to the VP of Information Security, this role will lead the shift from a traditional compliance-driven approach to a modern, risk-intelligence-led model that enables better business decisions, strengthens security posture, and scales with Disney's global technology and content ecosystem. This leader will partner closely with GIS and business leadership to embed risk awareness into daily operations, ensuring GRC is a strategic enabler of innovation—not a barrier.

What You'll Do

  • Transform GRC at Disney
  • Define and elevate GRC standards by introducing innovative approaches to risk quantification, compliance automation, and integrated governance
  • Partner with GIS and segment technology leadership to position GRC as a strategic business enabler, translating complex risks into actionable, executive-ready insights
  • Champion a culture where risk awareness is embedded into daily decision-making, enabling intuitive and scalable risk-informed behaviors across the enterprise

Risk Management Leadership

  • Lead the design, implementation, and continuous improvement of Disney's enterprise InfoSec Risk Management Framework
  • Establish and operationalize risk tolerance models, translating business objectives into clear prioritization, investment, and remediation decisions
  • Build and mature a centralized cybersecurity risk register integrating threat intelligence, vulnerabilities, and third-party risk data
  • Drive risk-based prioritization across InfoSec functions to ensure measurable risk reduction and alignment to enterprise objectives
  • Deliver clear, credible, and decision-ready risk reporting to executive leadership and the Board, including financial risk quantification (e.g., FAIR)

Governance Program Leadership

  • Oversee the full lifecycle of InfoSec policies, standards, and guidelines, ensuring they are risk-based, actionable, and aligned with business needs
  • Embed governance controls into the technology lifecycle (e.g., DevSecOps, cloud, infrastructure-as-code), reducing reliance on manual processes through automation
  • Establish a policy effectiveness framework focused on behavioral change and measurable risk reduction
  • Define and advance governance strategies for emerging technologies, including AI/ML, quantum security, and autonomous systems
  • Lead enterprise maturity assessments (e.g., NIST CSF) to identify gaps and inform strategic investment decisions

Compliance Program Leadership

  • Provide oversight of global regulatory and contractual compliance programs (e.g., SOX, PCI, GDPR, ISO), ensuring consistency and scalability
  • Build and operationalize a "compliance-as-a-service" model that enables self-service, automates evidence collection, and minimizes burden on engineering teams
  • Monitor and anticipate changes in the regulatory landscape, proactively positioning Disney to meet evolving requirements

Organizational Leadership

  • Lead, develop, and scale a high-performing global GRC organization, fostering a culture of accountability, innovation, and continuous improvement
  • Drive organizational excellence through strong leadership, talent development, and a focus on delivering scalable, forward-looking solutions

What You'll Bring

Must-Have Qualifications

  • 12+ years of progressive experience in cybersecurity, technology risk, or compliance, including 3+ years leading enterprise-scale GRC functions
  • Structured problem-solving, audit rigor, and enterprise advisory experience
  • Industry experience within large, complex organizations, with the ability to operate effectively in highly matrixed environments
  • Proven track record of transforming GRC programs into risk-driven operating models that influence enterprise decision-making
  • Deep expertise across risk management, governance, and compliance, including frameworks, policy lifecycle, automation, audit, and controls assurance
  • Strong working knowledge of industry frameworks and regulations, including NIST CSF, NIST 800-53, ISO 27001, PCI DSS 4.0, SOX ITGC, and GDPR
  • Demonstrated executive presence and exceptional influence skills, with the ability to operate as a trusted advisor to senior leadership and translate complex technical risk into clear business insights
  • Experience applying financial risk quantification methodologies (e.g., FAIR) to support investment and prioritization decisions
  • Strong customer-focused mindset, ensuring GRC solutions enable the business and enhance—not hinder—user and product experiences
  • Experience leading in highly matrixed, global environments, driving alignment across engineering, security, and business stakeholders

Leadership & Transformation Profile (Critical for Success)

  • Mindset of a thought partner—not just an operator—bringing a strategic, forward-looking perspective to GRC
  • Track record of asking hard questions, challenging legacy ways of working, and driving meaningful change across organizations
  • Ability to connect cost, customer experience, and operational efficiency into a cohesive, risk-informed strategy
  • Demonstrated success leading large-scale transformation initiatives, influencing without authority, and driving adoption across complex organizations

Technical Expertise

  • Advanced expertise in audit methodologies, controls testing, and assurance processes, including ITGCs and automated control environments
  • Hands-on experience with leading GRC platforms (e.g., Archer, ServiceNow GRC, SailPoint)
  • Strong understanding of cloud security and compliance across AWS, Azure, and GCP environments
  • Familiarity with DevSecOps practices and integrating security and governance into software development and infrastructure pipelines

Nice-to-Have Qualifications

  • Experience within media, entertainment, or similarly complex, consumer-facing industries
  • Experience from a Big 4 consulting firm
  • Experience advancing emerging risk domains such as AI/ML governance, third-party risk, or next-generation compliance capabilities

Education

  • Bachelor's degree in computer science, information security, or a related field—or equivalent practical experience
  • Advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC)

The hiring range for this position in Seattle, WA is $217,300 to $291,500 per year and in New York, NY is $217,300 to $291,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Executive Director, InfoSec Governance, Risk, and Compliance in New York, NY vacancy
  • $185k - $250k

     ...the Role We are seeking a seasoned, execution-focused Chief Operating Officer (COO)...  ...with consistency, speed, and quality. Risk & Compliance Integration: Collaborate with Legal,...  ...contracting, vendor management, governance, policy management, and risk-aware operational... 
    Suggested
    Work at office

    DiligenceVault

    New York, NY
    3 days ago
  • $151k - $189k

     ...Management Team to drive strategic initiatives, accelerate execution, and ensure alignment across the organization. You will...  ...89,000 USD About Us Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and... 
    Suggested
    Work at office
    Local area
    Flexible hours

    Diligent

    New York, NY
    2 days ago
  • Executive Advisor, Governance, Risk and Compliance Malleum is at the forefront of next-generation cyber defense, partnering with marquee clients across space, aerospace, defense, government, financial services, and critical infrastructure. We're experiencing exceptional... 
    Suggested
    Remote work

    Malleum

    New York, NY
    1 day ago
  •  ...Model Risk Management – Program Management – Vice President...  ...role in Risk Management and Compliance, ensuring the firm's strength...  ...the management of model risk, governance activities are conducted to identify...  ...'s smooth and effective execution, including processes like inventory... 
    Suggested

    Chase

    Jersey City, NJ
    2 days ago
  •  ...Vice President, Finance Governance & Controls About the Company A growing international...  ...take on a pivotal role within the Finance Risk & Controls function. This position is at the crossroads of finance, risk, compliance, and internal audit, with a primary focus... 
    Suggested

    Confidential

    New York, NY
    1 day ago
  •  ...Senior Vice President, Legal and Chief Compliance Officer (CCO) About the Company...  ...directly impacts organizational strategy, governance, and risk posture. The successful candidate will...  ...focus on scaling and development. This executive position requires a candidate with... 

    Confidential

    New York, NY
    4 days ago
  • $120k - $200k

     ...Citizen City Remote State/Province Texas Country United States About Us Advisory, Executive Search, Senior Appointments, Interim Management Consultants Job Description Global CEO / Managing Director / COO remote job opening eg Austin, New York, Los Angeles time zones for a... 
    Permanent employment
    Full time
    Part time
    Interim role
    Work at office
    Immediate start
    Remote work

    BluZinc

    New York, NY
    3 days ago
  • $350k - $400k

     ...The Chief Risk Officer (CRO) is a newly created role, as we establish a formal...  ...of defense, bringing Regulatory & Compliance, Enterprise Risk & Governance and Safety, Resilience & Incident...  ...the CRO will partner closely with executive leadership, the Board, and Board-level... 
    Full time
    Work at office
    Remote work

    iCapital

    New York, NY
    2 days ago
  • $300k

     ...reside within the Metro NYC market) Position Type: Full-Time | Executive Leadership About the Opportunity We are seeking a highly...  ...of Operations, Regional Vice President, Multi-Site Operations Director, or a similar leadership role, we are interested in speaking... 
    Full time

    Med Staff Group

    Corona, NY
    1 day ago
  •  ...nonpartisan watchdog for New York City government, City agencies, and City employees, vendors...  ...agency's Operations, Investigative, Compliance and Legal units, the Chief of Staff...  ...financial management protocols. Attend executive level meetings, as required, and follow... 
    Full time
    Work experience placement
    Work at office

    New York City | Administration & Human Resources

    New York, NY
    2 days ago
  • $185k - $200k

     ...University Senior Advisor to the Executive Vice Chancellor and COO Reporting to the Executive Vice Chancellor and Chief Operating Officer (EVC and COO), the Senior Advisor leads strategic initiatives, identifies challenges and implements solutions across the University... 
    Full time
    Work at office
    Afternoon shift

    City University of New York

    New York, NY
    1 day ago
  • $110k - $140k

     ...experience remain as strong as our clinical care. Learn more at . The Role We are seeking a Chief of Staff, Operations to support and execute across core operational functions at CBT Collective, balancing innovation and day-to-day operations. This is a hands-on role for an... 
    Full time
    Private practice
    Remote work
    Flexible hours

    CBT Collective

    New York, NY
    3 days ago
  •  ...Chief Executive Officer (CEO) and Chief Operating Officer (COO) About the Company Well-regarded independent company in the FMCG & CPG sectors Industry Food & Beverages Type Privately Held About the Role The Company is in search of a dynamic and visionary... 
    Worldwide

    Confidential

    New York, NY
    4 days ago
  •  ...Technology Risk Executive Bring your expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient...  ...prominent corporate, institutional and government clients under the J.P. Morgan and Chase... 

    Chase

    New York, NY
    1 day ago
  •  ...Executive Director, Data Governance About the Company Enterprise organization strengthening data governance, risk controls, and regulatory readiness across the business. Industry Financial Services Type Privately Held About the Role The Company... 

    Confidential

    New York, NY
    1 day ago
  • $110k - $200k

    Dormont Manufacturing Co is seeking a Vice President for its Treasury COO office in New York. You will lead critical projects and compliance initiatives while coordinating closely with stakeholders across the organization. The ideal candidate should have 3-5 years of... 
    Work at office

    Dormont Manufacturing Co

    New York, NY
    3 days ago
  •  ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency... 

    Confidential

    New York, NY
    4 days ago
  • iHeartMedia is looking for a highly organized Second Executive Assistant to support the President & COO. This role involves managing a complex calendar, coordinating travel, and maintaining office operations in a fast-paced environment. The ideal candidate must be detail... 
    Hourly pay
    Work at office

    iHeartMedia

    New York, NY
    3 days ago
  •  ...particularly in the areas of time management, decision-making, and execution. The successful candidate will be a trusted partner, gatekeeper...  ...lead high-impact special projects, and a proactive approach to risk management are essential. Hiring Manager Title CEO... 

    Confidential

    New York, NY
    10 hours ago
  • $320k - $400k

    Flex group is seeking a Chief of Staff and VP of Strategy & Operations in New York, NY. This hybrid role involves serving as a senior partner to the CEO, owning the Strategy & Operations team, and driving enterprise strategy. Candidates must have over 15 years of experience...
    Flexible hours

    Flex group

    New York, NY
    3 days ago
  •  ...mission-driven leaders to serve a three-year term on our Board of Directors beginning in March 2026. We are looking for individuals who...  ...fundraising and serving as ambassadors for our mission. Governance & Policy: Helping set policies and ensuring effective governance... 
    Remote work

    Impact Network International

    Brooklyn, NY
    10 hours ago
  •  ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency... 

    Confidential

    New York, NY
    4 days ago
  •  ...communication and alignment across teams, managing and optimizing operational tools, and ensuring the successful execution of projects by identifying resource gaps, timeline risks, and competing priorities. Applicants for the Chief of Staff position at the company should have a... 
    Remote work

    Confidential

    New York, NY
    10 hours ago
  •  ...Board Member (Volunteer) Board of Directors | Governance, Strategy & Mission Stewardship Organization...  ...oversight Monitor organizational risks and opportunities Help strengthen...  ...with fellow board members and executive leadership Professional networking... 
    Remote work

    Mentor A Promise

    New York, NY
    10 hours ago
  •  ...Board Audit Committee Governance, Reporting & Engagement...  ...of the Chief Audit Executive organization. As a...  ...Committee of the Board of Directors operates effectively...  ...including supporting charter compliance, maintaining forward...  .../external audit, risk, compliance, legal, governance... 
    Work at office

    JPMorgan Chase

    Jersey City, NJ
    11 days ago
  •  ...Senior Executive Assistant Equinix is the world's digital infrastructure company, shortening the path to connectivity to enable the innovations that enrich our work, life and planet. A place where bold ideas are welcomed, human connection is valued, and everyone... 
    Full time
    Work at office

    Equinix

    New York, NY
    3 days ago
  • $175k - $225k

     ...policy. Identify and execute financing strategies to...  ...revenue-based financing, government grants, and strategic...  ...modeling, and risk analysis for new acquisitions...  ..., Reporting & Compliance Oversee the preparation...  ...leadership, board of directors) and external parties... 
    Full time
    Local area

    Solen Software Group

    New York, NY
    10 hours ago
  •  ...Executive Assistant To The CEO/COO The Executive Assistant (EA) to the CEO/COO is a trusted role responsible for providing comprehensive...  ..., including the All Staff Committee, Policy and Operations Compliance Committee, Triad, and Train-the-Trainer program Monitor... 
    Work at office
    Remote work

    GMHC

    New York, NY
    10 hours ago
  •  ...Senior Vice President, Chief Audit Executive (CAE) Location: New York, NY | Windsor...  ...internal controls (ICFR & SOX) Regulatory compliance across a complex, highly regulated environment The strength of governance and enterprise risk management This is a highly... 

    Voya Financial

    New York, NY
    4 days ago
  •  ...deliver measurable operational, risk, and experience improvements...  ...through piloting, governance review, and scaled production...  ...BI teams, Technology, Risk & Compliance, and senior leadership to define...  ...line leaders to ensure seamless execution and integration across both the... 
    Contract work

    Goldman Sachs, Inc.

    New York, NY
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Executive Director, InfoSec Governance, Risk, and Compliance. Be the first to apply!