Avanzar al contenido principal

Executive Director, InfoSec Governance, Risk, & Compliance

Identificación laboral 10151183 Ubicación Glendale, California, Estados Unidos / Nueva York, Nueva York, Estados Unidos / Seattle, Washington, Estados Unidos / Lake Buena Vista, Florida, Estados Unidos Compañía The Walt Disney Company (Corporate) Fecha de publicación May 26, 2026
Aplicar ahora

Detalles del empleo:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.  

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.  

Team Description: 

The Global Information Security (GIS) group provides services to protect the value and use of Disney’s information through collaboration, standardization, enforcement, and education across The Walt Disney Company. The main focus areas of this group are: Reduce the risk of both accidental and malicious data disclosure; Identify, monitor, engage with complete inventory of information; Establish appropriate policies and procedures to be followed; Educate user community to minimize risk. 

Disney’s InfoSec GRC team is seeking a transformational leader to drive the next evolution of Governance, Risk, and Compliance across the enterprise. Reporting to the VP of Information Security, this role will lead the shift from a traditional compliance-driven approach to a modern, risk-intelligence-led model that enables better business decisions, strengthens security posture, and scales with Disney’s global technology and content ecosystem. This leader will partner closely with GIS and business leadership to embed risk awareness into daily operations, ensuring GRC is a strategic enabler of innovation—not a barrier. 

What You'll Do 

Transform GRC at Disney 

  • Drive the evolution of Disney’s InfoSec GRC program from a compliance-centric model to a dynamic, risk-intelligence-led capability that informs enterprise investment and prioritization decisions 

  • Define and elevate GRC standards by introducing innovative approaches to risk quantification, compliance automation, and integrated governance 

  • Partner with GIS and segment technology leadership to position GRC as a strategic business enabler, translating complex risks into actionable, executive-ready insights 

  • Champion a culture where risk awareness is embedded into daily decision-making, enabling intuitive and scalable risk-informed behaviors across the enterprise 

 

Risk Management Leadership 

  • Lead the design, implementation, and continuous improvement of Disney’s enterprise InfoSec Risk Management Framework 

  • Establish and operationalize risk tolerance models, translating business objectives into clear prioritization, investment, and remediation decisions 

  • Build and mature a centralized cybersecurity risk register integrating threat intelligence, vulnerabilities, and third-party risk data 

  • Drive risk-based prioritization across InfoSec functions to ensure measurable risk reduction and alignment to enterprise objectives 

  • Deliver clear, credible, and decision-ready risk reporting to executive leadership and the Board, including financial risk quantification (e.g., FAIR) 

 

Governance Program Leadership 

  • Oversee the full lifecycle of InfoSec policies, standards, and guidelines, ensuring they are risk-based, actionable, and aligned with business needs 

  • Embed governance controls into the technology lifecycle (e.g., DevSecOps, cloud, infrastructure-as-code), reducing reliance on manual processes through automation 

  • Establish a policy effectiveness framework focused on behavioral change and measurable risk reduction 

  • Define and advance governance strategies for emerging technologies, including AI/ML, quantum security, and autonomous systems 

  • Lead enterprise maturity assessments (e.g., NIST CSF) to identify gaps and inform strategic investment decisions 

 

Compliance Program Leadership 

  • Provide oversight of global regulatory and contractual compliance programs (e.g., SOX, PCI, GDPR, ISO), ensuring consistency and scalability 

  • Build and operationalize a “compliance-as-a-service” model that enables self-service, automates evidence collection, and minimizes burden on engineering teams 

  • Monitor and anticipate changes in the regulatory landscape, proactively positioning Disney to meet evolving requirements 

 

Organizational Leadership 

  • Lead, develop, and scale a high-performing global GRC organization, fostering a culture of accountability, innovation, and continuous improvement 

  • Drive organizational excellence through strong leadership, talent development, and a focus on delivering scalable, forward-looking solutions 

What You’ll Bring 

Must-Have Qualifications 

  • You will have 12+ years of progressive experience in cybersecurity, technology risk, or compliance, including 3+ years leading enterprise-scale GRC functions  

  • You will bring structured problem-solving, audit rigor, and enterprise advisory experience  

  • You will have industry experience within large, complex organizations, with the ability to operate effectively in highly matrixed environments  

  • You will have a proven track record of transforming GRC programs into risk-driven operating models that influence enterprise decision-making  

  • You will have deep expertise across risk management, governance, and compliance, including frameworks, policy lifecycle, automation, audit, and controls assurance) 

  • You will have strong working knowledge of industry frameworks and regulations, including NIST CSF, NIST 800-53, ISO 27001, PCI DSS 4.0, SOX ITGC, and GDPR  

  • You will have demonstrated executive presence and exceptional influence skills, with the ability to operate as a trusted advisor to senior leadership and translate complex technical risk into clear business insights  

  • You will have experience applying financial risk quantification methodologies (e.g., FAIR) to support investment and prioritization decisions  

  • You will have a strong customer-focused mindset, ensuring GRC solutions enable the business and enhance—not hinder—user and product experiences  

  • You will have experience leading in highly matrixed, global environments, driving alignment across engineering, security, and business stakeholders  

 

Leadership & Transformation Profile (Critical for Success) 

  • You will have a mindset of a thought partner—not just an operator—bringing a strategic, forward-looking perspective to GRC  

  • You will have a track record of asking hard questions, challenging legacy ways of working, and driving meaningful change across organizations  

  • You will have the ability to connect cost, customer experience, and operational efficiency into a cohesive, risk-informed strategy  

  • You will have demonstrated success leading large-scale transformation initiatives, influencing without authority, and driving adoption across complex organizations  

 

Technical Expertise 

  • You will have advanced expertise in audit methodologies, controls testing, and assurance processes, including ITGCs and automated control environments (must have qualification) 

  • You will have hands-on experience with leading GRC platforms (e.g., Archer, ServiceNow GRC, SailPoint)  

  • You will have a strong understanding of cloud security and compliance across AWS, Azure, and GCP environments  

  • You will have familiarity with DevSecOps practices and integrating security and governance into software development and infrastructure pipelines  

 

Nice-to-Have Qualifications 

  • You may have experience within media, entertainment, or similarly complex, consumer-facing industries  

  • You may have experience from a Big 4 consulting firm. 

  • You may have experience advancing emerging risk domains such as AI/ML governance, third-party risk, or next-generation compliance capabilities  

 

Education 

  • You will have a bachelor’s degree in computer science, information security, or a related field—or equivalent practical experience (education) 

  • You may have advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC) (education) 

 


The hiring range for this position in Orlando, FL is $197,500 to $265,000 per year and in Glendale,CA is $207,400 to $278,200 per year. The hiring range for this position in Seattle, WA is $217,300 to $291,500 per year and in New York, NY is $217,300 to $291,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Aplicar ahora

Acerca de The Walt Disney Company (Corporate):

En el área Corporativa de Disney, podrá ver cómo los negocios detrás de las marcas más influyentes de la compañía se juntan para crear la empresa de entretenimiento más innovadora, trascendente y admirada del mundo. Como miembro del equipo corporativo, trabajará con líderes de primer nivel para crear estrategias que mantengan a The Walt Disney Company en la vanguardia del entretenimiento. Trabaje junto a personas con ideas innovadoras como usted y aprenda de ellas a medida que empoderan a los mejores creadores de historias para que generen recuerdos para millones de familias en todo el mundo.

Acerca de The Walt Disney Company:

The Walt Disney Company, junto con sus subsidiarias y afiliadas, es una empresa internacional diversificada líder en entretenimiento familiar y medios de comunicación que incluye tres segmentos comerciales principales: Disney Entertainment, ESPN y Disney Experiences. Desde sus humildes comienzos como estudio de dibujos animados en la década de 1920 hasta su reconocido nombre en la industria del entretenimiento en la actualidad, Disney continúa con orgullo su legado de crear historias y experiencias de clase mundial para toda la familia. Las historias, los personajes y las experiencias de Disney llegan a consumidores e invitados de todos los rincones del mundo. Con operaciones en más de 40 países, nuestros empleados y miembros del elenco trabajan juntos para crear experiencias de entretenimiento que sean apreciadas a nivel local y global.

Este puesto es en Disney Worldwide Services, Inc., que forma parte de una empresa comercial que denominamos The Walt Disney Company (Corporate).

Disney Worldwide Services, Inc. es un empleador que ofrece igualdad de oportunidades. Los solicitantes recibirán consideración para el empleo independientemente de su raza, religión, color, sexo, orientación sexual, género, identidad de género, expresión de género, nacionalidad, ascendencia, edad, estado civil, condición de militar o veterano, afección médica, información genética o discapacidad, o cualquier otro fundamento prohibido por la ley federal, estatal o local. Disney defiende un entorno empresarial donde las ideas y decisiones de todas las personas nos ayudan a crecer, innovar, crear las mejores historias y ser relevantes en un mundo en constante evolución.

ADAPTACIÓN POR DISCAPACIDAD PARA SOLICITUDES DE EMPLEO

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, visit the Disney candidate disability accommodations FAQs. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

¿Tiene problemas técnicos? Consulte las preguntas frecuentes para obtener ayuda.

Proceso de contratación

  • ¿Dónde comienza tu cuento?

    Explora Disney Careers y el blog Life at Disney para conocer las increíbles oportunidades que esperan a ser descubiertas en The Walt Disney Company.

  • Formar parte del cuento

    Hay muchas marcas y negocios diferentes para explorar. Una vez que hayas encontrado la oportunidad adecuada para ti, da el próximo paso completando su solicitud.

  • El próximo capítulo

    Una vez que hayas presentado la solicitud, recibirás un correo electrónico que te permitirá acceder al panel de candidatos. Crea tu información de inicio de sesión y asegúrate de revisar el panel con frecuencia para ver el progreso de tu aplicación.

Explora esta ubicación Glendale, CA

La ciudad del condado de Los Ángeles alberga auténtica comida del Medio Oriente, cultura y su propio “Paseo de la Fama”.

Empleos relacionados

NUESTRA CULTURA

Contenidos relacionados

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Gerencial job_status-Security-Engineering job_type-Normal salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-No custom_fields.TimeType-Tiempo-completo custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Gerencial job_status-Security-Engineering job_type-Normal salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-No custom_fields.TimeType-Tiempo-completo custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Gerencial job_status-Security-Engineering job_type-Normal salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-No custom_fields.TimeType-Tiempo-completo custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

  • Líderes ejecutivos

    Nuestros altos ejecutivos aportan una tremenda experiencia, pensamiento visionario y un compromiso compartido con la excelencia, la creatividad y la innovación en el funcionamiento diario de la empresa.

    Obtén más información 

  • Inclusión

    En Disney, queremos que todas las personas tengan un sentido de pertenencia y que prosperen. Crear un ambiente acogedor y respetuoso para nuestros empleados y visitantes es fundamental para la cultura de nuestra empresa y nuestro negocio. Nos esforzamos por crear entornos de trabajo solidarios que impulsen la innovación y refuercen una cultura en la que todos los empleados se sientan bienvenidos, respetados y valorados.

    Obtén más información 

Registrarse para recibir alertas de trabajo

Entérese de las últimas ofertas de trabajo a medida que se publiquen.

Mire nuestros trabajos

El asterisco indica que el campo es obligatorio.

Me interesaSelecciona una categoría laboral en la lista de opciones. Selecciona una ubicación en la lista de opciones. Por último, haz clic en “Añadir” para crear tu alerta de empleo.

Al hacer clic en “Enviar”, aceptas nuestras Condiciones de uso y reconoces que leíste nuestra Política de privacidad.

Al hacer clic en “Enviar”, aceptas nuestras Condiciones de uso y reconoces que leíste nuestra Política de privacidad. Si opté por recibir mensajes de marketing o boletines informativos, puedo retirar mi consentimiento para estos mensajes de marketing en cualquier momento.

Al hacer clic en “Enviar”, aceptas nuestras Condiciones de Uso y reconoces que leíste nuestra Política de Privacidad, la Política de Cookies y los Derechos de Privacidad de la UE.

Cómo usamos su información personal y sus derechos:

  1. Tu información personal es controlada por The Walt Disney Company Limited, con sede en 3 Queen Caroline Street, Londres, W6 9PE, Reino Unido.
  2. Al visitar o comprar en Disney o usar cualquier producto, servicio o aplicación móvil de Disney, otros miembros de la familia de compañías de The Walt Disney Company también pueden hacer uso de tu información para brindarte estos servicios, personalizar tu experiencia y enviarte actualizaciones y comunicaciones relacionadas con el servicio.
  3. Tienes una serie de derechos, incluido el derecho a solicitar acceso a tu información personal, modificarla o eliminarla, o a modificar tus preferencias de marketing (incluida la revocación de tu consentimiento en cualquier momento). Consulta nuestra Política de privacidad para obtener más información sobre cómo gestionar tus preferencias de marketing o eliminar tu cuenta.
  4. Puedes comunicarte con nuestro Responsable de Protección de Datos por correo electrónico: dataprotection@disney.co.uk.
  5. Tienes derecho a presentar un reclamo ante la Oficina del Comisionado de Información del Reino Unido: https://ico.org.uk/.
  6. Para obtener más información sobre la recopilación de datos de Disney y las prácticas de uso, lee la Política de privacidad de Disney.

Para obtener más información sobre nuestra recopilación, uso y prácticas generales de datos, lo que incluye cómo gestionar tus preferencias, lee nuestra Política de privacidad. He leído y estoy de acuerdo con las Condiciones de uso.