Executive Director, InfoSec Governance, Risk, and Compliance
$197.5k - $265kThe Walt Disney Studios
Disney Information Security Grc Leader
At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences—and we're constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
The Global Information Security (GIS) group provides services to protect the value and use of Disney's information through collaboration, standardization, enforcement, and education across The Walt Disney Company. The main focus areas of this group are: Reduce the risk of both accidental and malicious data disclosure; Identify, monitor, engage with complete inventory of information; Establish appropriate policies and procedures to be followed; Educate user community to minimize risk.
Disney's InfoSec GRC team is seeking a transformational leader to drive the next evolution of Governance, Risk, and Compliance across the enterprise. Reporting to the VP of Information Security, this role will lead the shift from a traditional compliance-driven approach to a modern, risk-intelligence-led model that enables better business decisions, strengthens security posture, and scales with Disney's global technology and content ecosystem. This leader will partner closely with GIS and business leadership to embed risk awareness into daily operations, ensuring GRC is a strategic enabler of innovation—not a barrier.
What You'll Do
Transform GRC at Disney
- Drive the evolution of Disney's InfoSec GRC program from a compliance-centric model to a dynamic, risk-intelligence-led capability that informs enterprise investment and prioritization decisions
- Define and elevate GRC standards by introducing innovative approaches to risk quantification, compliance automation, and integrated governance
- Partner with GIS and segment technology leadership to position GRC as a strategic business enabler, translating complex risks into actionable, executive-ready insights
- Champion a culture where risk awareness is embedded into daily decision-making, enabling intuitive and scalable risk-informed behaviors across the enterprise
Risk Management Leadership
- Lead the design, implementation, and continuous improvement of Disney's enterprise InfoSec Risk Management Framework
- Establish and operationalize risk tolerance models, translating business objectives into clear prioritization, investment, and remediation decisions
- Build and mature a centralized cybersecurity risk register integrating threat intelligence, vulnerabilities, and third-party risk data
- Drive risk-based prioritization across InfoSec functions to ensure measurable risk reduction and alignment to enterprise objectives
- Deliver clear, credible, and decision-ready risk reporting to executive leadership and the Board, including financial risk quantification (e.g., FAIR)
Governance Program Leadership
- Oversee the full lifecycle of InfoSec policies, standards, and guidelines, ensuring they are risk-based, actionable, and aligned with business needs
- Embed governance controls into the technology lifecycle (e.g., DevSecOps, cloud, infrastructure-as-code), reducing reliance on manual processes through automation
- Establish a policy effectiveness framework focused on behavioral change and measurable risk reduction
- Define and advance governance strategies for emerging technologies, including AI/ML, quantum security, and autonomous systems
- Lead enterprise maturity assessments (e.g., NIST CSF) to identify gaps and inform strategic investment decisions
Compliance Program Leadership
- Provide oversight of global regulatory and contractual compliance programs (e.g., SOX, PCI, GDPR, ISO), ensuring consistency and scalability
- Build and operationalize a "compliance-as-a-service" model that enables self-service, automates evidence collection, and minimizes burden on engineering teams
- Monitor and anticipate changes in the regulatory landscape, proactively positioning Disney to meet evolving requirements
Organizational Leadership
- Lead, develop, and scale a high-performing global GRC organization, fostering a culture of accountability, innovation, and continuous improvement
- Drive organizational excellence through strong leadership, talent development, and a focus on delivering scalable, forward-looking solutions
What You'll Bring
Must-Have Qualifications
- You will have 12+ years of progressive experience in cybersecurity, technology risk, or compliance, including 3+ years leading enterprise-scale GRC functions
- You will bring structured problem-solving, audit rigor, and enterprise advisory experience
- You will have industry experience within large, complex organizations, with the ability to operate effectively in highly matrixed environments
- You will have a proven track record of transforming GRC programs into risk-driven operating models that influence enterprise decision-making
- You will have deep expertise across risk management, governance, and compliance, including frameworks, policy lifecycle, automation, audit, and controls assurance)
- You will have strong working knowledge of industry frameworks and regulations, including NIST CSF, NIST 800-53, ISO 27001, PCI DSS 4.0, SOX ITGC, and GDPR
- You will have demonstrated executive presence and exceptional influence skills, with the ability to operate as a trusted advisor to senior leadership and translate complex technical risk into clear business insights
- You will have experience applying financial risk quantification methodologies (e.g., FAIR) to support investment and prioritization decisions
- You will have a strong customer-focused mindset, ensuring GRC solutions enable the business and enhance—not hinder—user and product experiences
- You will have experience leading in highly matrixed, global environments, driving alignment across engineering, security, and business stakeholders
Leadership & Transformation Profile (Critical for Success)
- You will have a mindset of a thought partner—not just an operator—bringing a strategic, forward-looking perspective to GRC
- You will have a track record of asking hard questions, challenging legacy ways of working, and driving meaningful change across organizations
- You will have the ability to connect cost, customer experience, and operational efficiency into a cohesive, risk-informed strategy
- You will have demonstrated success leading large-scale transformation initiatives, influencing without authority, and driving adoption across complex organizations
Technical Expertise
- You will have advanced expertise in audit methodologies, controls testing, and assurance processes, including ITGCs and automated control environments (must have qualification)
- You will have hands-on experience with leading GRC platforms (e.g., Archer, ServiceNow GRC, SailPoint)
- You will have a strong understanding of cloud security and compliance across AWS, Azure, and GCP environments
- You will have familiarity with DevSecOps practices and integrating security and governance into software development and infrastructure pipelines
Nice-to-Have Qualifications
- You may have experience within media, entertainment, or similarly complex, consumer-facing industries
- You may have experience from a Big 4 consulting firm.
- You may have experience advancing emerging risk domains such as AI/ML governance, third-party risk, or next-generation compliance capabilities
Education
- You will have a bachelor's degree in computer science, information security, or a related field—or equivalent practical experience
- You may have advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC)
The hiring range for this position in Orlando, FL is $197,500 to $265,000 per year and in Glendale,CA is $207,400 to $278,200 per year. The hiring range for this position in Seattle, WA is $217,300 to $291,500 per year and in New York, NY is $217,300 to $291,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as
$217.3k - $291.5k
...Executive Director, InfoSec Governance, Risk, and Compliance At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways...SuggestedShift work- ..., the COO oversees financial stability, risk management, and corporate sustainability... ...Board's vision and ensuring regulatory compliance. Help Us Get to Know You A bachelor... ...with members, co-workers, the Board of Directors, management, business partners, and the...SuggestedWork at office
- ...Develop cost‑effective solutions to optimize profits while balancing risks and growth opportunities. Lead the sales and operations... ...and manage monthly reviews with cross‑functional teams. Governance Responsibilities: Manage the budget for all operational areas...Suggested
- ...s sales and service culture, and ensuring financial stability, risk management, and corporate sustainability. Candidates for the COO... ...also be expected to have a strong understanding of regulatory compliance, including the Bank Secrecy Act and other relevant federal laws...Suggested
- Job Description Womenswear Boho Fashion Brand CEO / COO / MD job opening or private equity investment and business turnaround opportunity remote based near Los Angeles.We are looking for experienced individuals or firms with a proven track record of turning around...SuggestedRemote work
- ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency...
- ...reflect the communities we serve. Ensure governance decisions, resource allocations, and... .... Partner with and advise the Executive Director on key initiatives and organizational... ...outcomes. Financial Stewardship and Compliance Ensure strong financial...Local areaRemote work
- ...communication and alignment across teams, managing and optimizing operational tools, and ensuring the successful execution of projects by identifying resource gaps, timeline risks, and competing priorities. Applicants for the Chief of Staff position at the company should have a...Remote work
- ...About the Role The Company is in search of a Chief of Staff with a focus on strategy and operations to join their team. This executive leadership role is pivotal in driving the company's strategy, enhancing operational execution, and ensuring the alignment and efficiency...
- ...instrumental in optimizing the time, focus, decision-making, and execution of the Senior Leadership Team. The Chief of Staff will be a... ...fully remote and requires a proactive individual who can surface risks and close gaps effectively. Hiring Manager Title Chief Executive...Remote work
- ...particularly in the areas of time management, decision-making, and execution. The successful candidate will be a trusted partner, gatekeeper... ...lead high-impact special projects, and a proactive approach to risk management are essential. Hiring Manager Title CEO...
$259.6k - $348.1k
...functional work is aligned, sequenced, and executed to deliver measurable business impact.... ...mechanisms for intake, prioritization, governance, and escalation. This is a highly visible... ..., decisions, and outcomes Spot risks and duplication early, then push for practical...Full timeWork at office- ...are met - Ensure effective recruiting, onboarding, professional development, performance management, and retention - Ensure compliance with national and local business regulations, and take appropriate action when necessary Responsibilities - Analyse internal...Temporary workLocal area
$110k - $130k
...organizational effectiveness, supervise Directors, ensure that we produce outcomes... ...and small business support. ● Ensure compliance with all legal, regulatory, and funder... ...relationships with community stakeholders, government agencies, funders, and local organizations...Temporary workApprenticeshipWork at officeLocal areaWork from homeFlexible hours$175k - $300k
Position Title: Chief Operating Officer The Chief Operating Officer will lead the team, develop strategic plans, and ensure that all departments function effectively. The position requires a deep understanding of the legal industry, as well as financial acumen to manage...Temporary work- ...not a maintenance role. The COO will serve as the CEO’s closest strategic partner — translating creative ambition into disciplined execution across operations, people, finance, marketing, production, technology, construction, and guest experience. We need someone who...Local area
- ...ONE/SIZE's senior operating executive and strategic integrator, responsible... ...performance. Lead risk management and business continuity... ...FP&A), Treasury, Tax, Audit, Compliance, and Financial Reporting... ...all financial, regulatory, and governance requirements. Human...Casual workRemote work
- ...The incumbent leads the development and execution of strategic plans to ensure the organization... ...opportunities, and assess potential risks. • Lead the strategic planning process... ...impacting healthcare. • Ensures compliance with regulatory requirements and industry...
- ...You'll partner directly with leaders across operations, billing, and technology to improve systems, document processes, and drive execution on high-impact initiatives that support growth across new and existing states. Responsibilities Serve as a power user of Microsoft...Work at office
- ...Position The Chief Operating Officer (COO) is a key member of the executive leadership team and is responsible for translating the CEO’s... ...depreciation strategies, RPO programs, and regulatory/safety compliance. Leadership Capability: Proven success leading...
$157k - $235k
..., and training. We're looking for an Executive Protection Specialist to join our team!... ...high profile visitors Understand the risks to the organization and Snap Inc. team,... ...towards our environmental, social, and governance (ESG) goals, and we lay out our plans looking...Live inWork at officeLocal areaNight shift- ...optimizing efficiency and quality to ensure a seamless customer journey from order to service. Growth Strategy: Collaborate with the executive team to develop and execute strategic plans for rapid expansion while maintaining brand integrity. Culinary Innovation: Work...Casual work
$400k
...construction company is seeking a Senior Vice President to provide executive leadership and operational oversight. This role will be... ...Expertise in construction methodologies, contract negotiations, and risk management. ~ Strong financial acumen, with experience...Contract workFor contractorsFor subcontractorRelocation package$220k - $250k
...BDO is seeking a Managing Director for Risk Advisory Services to lead high-value Internal Auditing projects. Responsibilities include guiding audit teams, enhancing client relationships, and developing new business opportunities. The successful candidate will have at...- ...Board Member, Nonprofit Governance & Strategic Leadership About the Company Well-known... ...individuals to join its Board of Directors. Board Members play a crucial role in guiding... ..., and ensuring legal and ethical compliance. Candidates for the Board of Directors...
- ...Member, Finance, Legal & Governance About the Company Mission... ...of financial oversight, risk assessment, and compliance. This includes providing... ...will have a senior executive background in finance, law... ...Functions ~ Board of Directors (non-operating) ConfidentialRemote work
- ...Board Member, Nonprofit Governance About the Company Well-known child care resource... ...dedicated individuals to join its Board of Directors. Board Members play a pivotal role in... ...planning, and ensure legal and ethical compliance. The ideal candidate for the Board...
- ...Board Member, Nonprofit Governance & Strategic Leadership About the Company Mission... ...dedicated individuals to join its Board of Directors. Board Members play a crucial role in... ..., and ensuring legal and ethical compliance. Candidates for the Board should have a...
- ...Board Member, Nonprofit Governance About the Company Mission-driven organization producing... ...individuals to join its Board of Directors. Board Members play a pivotal role in... ...align with its goals. Legal and ethical compliance is a key aspect of the role, and Board...
- ...Executive Director About the Company Well-regarded commercial airport Industry Airlines/Aviation Type Non Profit Founded... ...staff, and represent the airport at various industry and government meetings. Hiring Manager Title Chief Executive Officer...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Executive Director, InfoSec Governance, Risk, and Compliance. Be the first to apply!
- technical executive Glendale, CA
- executive team lead asset protection Glendale, CA
- chief dental officer Glendale, CA
- executive director Glendale, CA
- chief executive Glendale, CA
- technology executive Glendale, CA
- managing director Glendale, CA
- talent acquisition executive Glendale, CA
- housing executive Glendale, CA
- chief executive officer ceo Glendale, CA

