Ir direto para o conteúdo principal

Executive Director, InfoSec Governance, Risk, & Compliance

N.º de ID da vaga 10151183 Local Glendale, Califórnia, Estados Unidos / Nova Iorque, Nova Iorque, Estados Unidos / Seattle, Washington, Estados Unidos / Lake Buena Vista, Flórida, Estados Unidos Empresa The Walt Disney Company (Corporate) Data de publicação May 26, 2026
Candidate-se agora mesmo!

Descrição do cargo:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.  

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.  

Team Description: 

The Global Information Security (GIS) group provides services to protect the value and use of Disney’s information through collaboration, standardization, enforcement, and education across The Walt Disney Company. The main focus areas of this group are: Reduce the risk of both accidental and malicious data disclosure; Identify, monitor, engage with complete inventory of information; Establish appropriate policies and procedures to be followed; Educate user community to minimize risk. 

Disney’s InfoSec GRC team is seeking a transformational leader to drive the next evolution of Governance, Risk, and Compliance across the enterprise. Reporting to the VP of Information Security, this role will lead the shift from a traditional compliance-driven approach to a modern, risk-intelligence-led model that enables better business decisions, strengthens security posture, and scales with Disney’s global technology and content ecosystem. This leader will partner closely with GIS and business leadership to embed risk awareness into daily operations, ensuring GRC is a strategic enabler of innovation—not a barrier. 

What You'll Do 

Transform GRC at Disney 

  • Drive the evolution of Disney’s InfoSec GRC program from a compliance-centric model to a dynamic, risk-intelligence-led capability that informs enterprise investment and prioritization decisions 

  • Define and elevate GRC standards by introducing innovative approaches to risk quantification, compliance automation, and integrated governance 

  • Partner with GIS and segment technology leadership to position GRC as a strategic business enabler, translating complex risks into actionable, executive-ready insights 

  • Champion a culture where risk awareness is embedded into daily decision-making, enabling intuitive and scalable risk-informed behaviors across the enterprise 

 

Risk Management Leadership 

  • Lead the design, implementation, and continuous improvement of Disney’s enterprise InfoSec Risk Management Framework 

  • Establish and operationalize risk tolerance models, translating business objectives into clear prioritization, investment, and remediation decisions 

  • Build and mature a centralized cybersecurity risk register integrating threat intelligence, vulnerabilities, and third-party risk data 

  • Drive risk-based prioritization across InfoSec functions to ensure measurable risk reduction and alignment to enterprise objectives 

  • Deliver clear, credible, and decision-ready risk reporting to executive leadership and the Board, including financial risk quantification (e.g., FAIR) 

 

Governance Program Leadership 

  • Oversee the full lifecycle of InfoSec policies, standards, and guidelines, ensuring they are risk-based, actionable, and aligned with business needs 

  • Embed governance controls into the technology lifecycle (e.g., DevSecOps, cloud, infrastructure-as-code), reducing reliance on manual processes through automation 

  • Establish a policy effectiveness framework focused on behavioral change and measurable risk reduction 

  • Define and advance governance strategies for emerging technologies, including AI/ML, quantum security, and autonomous systems 

  • Lead enterprise maturity assessments (e.g., NIST CSF) to identify gaps and inform strategic investment decisions 

 

Compliance Program Leadership 

  • Provide oversight of global regulatory and contractual compliance programs (e.g., SOX, PCI, GDPR, ISO), ensuring consistency and scalability 

  • Build and operationalize a “compliance-as-a-service” model that enables self-service, automates evidence collection, and minimizes burden on engineering teams 

  • Monitor and anticipate changes in the regulatory landscape, proactively positioning Disney to meet evolving requirements 

 

Organizational Leadership 

  • Lead, develop, and scale a high-performing global GRC organization, fostering a culture of accountability, innovation, and continuous improvement 

  • Drive organizational excellence through strong leadership, talent development, and a focus on delivering scalable, forward-looking solutions 

What You’ll Bring 

Must-Have Qualifications 

  • You will have 12+ years of progressive experience in cybersecurity, technology risk, or compliance, including 3+ years leading enterprise-scale GRC functions  

  • You will bring structured problem-solving, audit rigor, and enterprise advisory experience  

  • You will have industry experience within large, complex organizations, with the ability to operate effectively in highly matrixed environments  

  • You will have a proven track record of transforming GRC programs into risk-driven operating models that influence enterprise decision-making  

  • You will have deep expertise across risk management, governance, and compliance, including frameworks, policy lifecycle, automation, audit, and controls assurance) 

  • You will have strong working knowledge of industry frameworks and regulations, including NIST CSF, NIST 800-53, ISO 27001, PCI DSS 4.0, SOX ITGC, and GDPR  

  • You will have demonstrated executive presence and exceptional influence skills, with the ability to operate as a trusted advisor to senior leadership and translate complex technical risk into clear business insights  

  • You will have experience applying financial risk quantification methodologies (e.g., FAIR) to support investment and prioritization decisions  

  • You will have a strong customer-focused mindset, ensuring GRC solutions enable the business and enhance—not hinder—user and product experiences  

  • You will have experience leading in highly matrixed, global environments, driving alignment across engineering, security, and business stakeholders  

 

Leadership & Transformation Profile (Critical for Success) 

  • You will have a mindset of a thought partner—not just an operator—bringing a strategic, forward-looking perspective to GRC  

  • You will have a track record of asking hard questions, challenging legacy ways of working, and driving meaningful change across organizations  

  • You will have the ability to connect cost, customer experience, and operational efficiency into a cohesive, risk-informed strategy  

  • You will have demonstrated success leading large-scale transformation initiatives, influencing without authority, and driving adoption across complex organizations  

 

Technical Expertise 

  • You will have advanced expertise in audit methodologies, controls testing, and assurance processes, including ITGCs and automated control environments (must have qualification) 

  • You will have hands-on experience with leading GRC platforms (e.g., Archer, ServiceNow GRC, SailPoint)  

  • You will have a strong understanding of cloud security and compliance across AWS, Azure, and GCP environments  

  • You will have familiarity with DevSecOps practices and integrating security and governance into software development and infrastructure pipelines  

 

Nice-to-Have Qualifications 

  • You may have experience within media, entertainment, or similarly complex, consumer-facing industries  

  • You may have experience from a Big 4 consulting firm. 

  • You may have experience advancing emerging risk domains such as AI/ML governance, third-party risk, or next-generation compliance capabilities  

 

Education 

  • You will have a bachelor’s degree in computer science, information security, or a related field—or equivalent practical experience (education) 

  • You may have advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC) (education) 

 


The hiring range for this position in Orlando, FL is $197,500 to $265,000 per year and in Glendale,CA is $207,400 to $278,200 per year. The hiring range for this position in Seattle, WA is $217,300 to $291,500 per year and in New York, NY is $217,300 to $291,500 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Candidate-se agora mesmo!

Sobre o The Walt Disney Company (Corporate):

Na área empresarial da Disney, você pode ver como os negócios por trás das marcas mais poderosas da empresa se reúnem para criar a mais inovadora, conhecida e admirada empresa de entretenimento do mundo. Como integrante de uma equipe empresarial, você trabalhará com líderes de padrão internacional para promover estratégias que mantêm a The Walt Disney Company na vanguarda do entretenimento. Veja e seja visto por outros pensadores inovadores enquanto possibilita que os melhores contadores de histórias do mundo criem momentos inesquecíveis para milhões de famílias de todo o planeta.

Sobre The Walt Disney Company:

A The Walt Disney Company, juntamente com suas subsidiárias e afiliadas, é uma líder diversificada em entretenimento familiar e mídia internacional que inclui três segmentos principais de negócios: Disney Entertainment, ESPN e Disney Experiences. Desde seus primeiros passos como um estúdio de desenho animado na década de 1920 até se tornar o atual nome de destaque na indústria do entretenimento, a Disney orgulhosamente dá continuidade a seu legado de criação de histórias e experiências de padrão internacional para toda a família. As histórias, personagens e experiências da Disney tocam consumidores e visitantes de todas as partes do mundo. Com operações em mais de 40 países, nossos funcionários e colaboradores trabalham juntos para criar experiências de entretenimento adoradas por todos.

Esta vaga é oferecida junto à Disney Worldwide Services, Inc., que é parte de um segmento de negócios que chamamos de The Walt Disney Company (Corporate).

Disney Worldwide Services, Inc. é um empregador de oportunidades iguais. Os candidatos serão selecionados para emprego independente de raça, religião, cor, sexo, orientação sexual, gênero, identidade de gênero, expressão de gênero, nacionalidade, ancestralidade, idade, estado civil, status militar ou de veterano, quadro clínico, informações genéticas ou deficiência, ou qualquer outro motivo proibido por lei federal, estadual ou local. A Disney defende um ambiente de negócios em que ideias e decisões de todas as pessoas nos ajudam a crescer, inovar, criar as melhores histórias e ser relevantes em um mundo em constante evolução.

ACOMODAÇÃO PARA PESSOAS COM NECESSIDADES ESPECIAIS PARA CANDIDATURAS A EMPREGO

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, visit the Disney candidate disability accommodations FAQs. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

Está tendo problemas técnicos? Consulte as perguntas frequentes para obter ajuda.

Processo de contratação

  • Onde começa a sua história?

    Explore o Disney Careers e o blog Life at Disney para saber mais sobre todas as oportunidades incríveis que esperam ser descobertas na The Walt Disney Company.

  • Seja parte da história

    Há muitas marcas e empresas diferentes a serem exploradas. Depois de encontrar a oportunidade certa para você, dê o próximo passo preenchendo sua candidatura.

  • O próximo capítulo

    Depois de se candidatar, você receberá um e-mail permitindo que acesse o painel do candidato. Crie seu login e lembre-se de verificar seu painel com frequência para ver o progresso de sua candidatura.

Conheça este local Glendale, Califórnia

A cidade do condado de Los Angeles é lar de comida e cultura autênticas do Oriente Médio, além de possuir sua própria “Calçada da Fama”.

Vagas relacionadas

NOSSA CULTURA

Conteúdo relacionado

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Executivo job_status-Security-Engineering job_type-Regular salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-Não custom_fields.TimeType-Período-integral custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Executivo job_status-Security-Engineering job_type-Regular salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-Não custom_fields.TimeType-Período-integral custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

campaign-__L10N__:English industry-The-Walt-Disney-Company-(Corporate) job_level-Executivo job_status-Security-Engineering job_type-Regular salary_relocation-IT-Info-Security-(Jason-Whitehurst)-(51067192) multivaluefield2-The-Walt-Disney-Company-(Corporate)-The-Walt-Disney-Company-(Corporate) custom_fields.test-valuetest custom_fields.WDJobs-Yes custom_fields.Country-Disney_WD_English_Test custom_fields.test123-test123 custom_fields.FlexType-Não custom_fields.TimeType-Período-integral custom_fields.Campaign2-Technology custom_fields.FeedOrgID-WD-English custom_fields.ContactFax-Disney-Worldwide-Services,-Inc. custom_fields.FilterFlag-No custom_fields.Jobcountry-United-States-of-America custom_fields.RemoteType-Primarily-On-Site-/-Occasionally-from-Home custom_fields.FullAddress-1200-Grand-Central-Ave&#xa;Glendale,-CA-91201&#xa;United-States-of-America custom_fields.legalEntity--1008-Disney-Worldwide-Services,-Inc. custom_fields.CheckEquality-Yes custom_fields.ChinaBusiness-The-Walt-Disney-Company-China custom_fields.EmptyLocation-Yes custom_fields.SecondaryCity-,Seattle,Lake-Buena-Vista,New-York custom_fields.WorkerSubType-Regular custom_fields.ExportLocation-Glendale,California,United-States-of-America;Glendale,CA,USA;New-York,NY,USA;Seattle,WA,USA;Lake-Buena-Vista,FL,USA;Seattle,Washington,United-States-of-America;Lake-Buena-Vista,Florida,United-States-of-America;New-York,New-York,United-States-of-America custom_fields.JobLevelCustom-Executive custom_fields.SecondaryState-,Washington,Florida,New-York custom_fields.contactCompany-The-Walt-Disney-Company-(Corporate) custom_fields.jobPostingSite-External custom_fields.LIWorkplaceType-On-site custom_fields.PrimaryLocation-USA---CA---1200-Grand-Central-Ave custom_fields.PriorityIndustry-The-Walt-Disney-Company-(Corporate) custom_fields.SecondaryCountry-United-States-of-America,United-States-of-America,United-States-of-America custom_fields.AdditionalLocation-Lake-Buena-Vista,-FL,-USA;-Seattle,-WA,-USA;-New-York,-NY,-USA;-Glendale,-CA,-USA custom_fields.FullJobDescription-<div><div><p><span><span>At-Disney, </span><span>we’re</span><span> storytellers.-We-make-the </span><span>impossible,</span><span> possible.-The-Walt-Disney-Company-(TWDC)-is-a-world-class-entertainment-and-technological-leader.-Walt’s-passion-was-to-continuously-envision-new-ways-to-move-audiences-around-the-world—a-passion-that </span><span>remains</span><span> our-touchstone-in-an-enterprise-that-stretches-from-theme-parks,-resorts-and-a-cruise-line-to-sports,-news, </span><span>movies</span><span> and-a-variety-of-other-businesses.-Uniting-each-endeavor-is-a-commitment-to-creating-and-delivering-unforgettable-experiences-—-and </span><span>we’re</span><span> constantly-looking-for-new-ways-to-enhance-these-exciting-experiences. </span></span><span> </span></p><p></p></div><div><p><span><span>The-Enterprise-Technology-mission-is-to-deliver-technology-solutions-that-align-to-business-strategies-while-enabling-enterprise-efficiency-and-promoting-cross-company-collaborative-innovation.-Our-group-drives-competitive-advantage-by-enhancing-our-consumer-experiences,-enabling-business-growth,-and-advancing-operational-excellence. </span></span><span> </span></p><p></p></div><div><p><b><span>Team-Description:</span></b><span> </span></p></div><div><p><span><span>The-Global-Information-Security-(GIS)</span></span><i><span> </span></i><span><span>group-provides-services-to-protect-the-value-and-use-of-Disney’s-information-through-collaboration,-standardization,-enforcement,-and-education-across-The-Walt-Disney-Company.-The </span><span>main-focus</span><span> areas-of-this-group-are:-Reduce-the-risk-of-both-accidental-and-malicious-data-disclosure;-I</span><span>dentify</span><span>,-monitor,-engage-with-complete-inventory-of-information; </span><span>Establish-</span><span>appropriate-policies</span><span> and-procedures-to-be-followed;-Educate-user-community-to-minimize-risk.</span></span><span> </span></p><p></p></div><div><p><span><span>Disney’s-InfoSec-GRC-team-is-seeking-a-transformational-leader-to-drive-the-next-evolution-of-Governance,-Risk,-and-Compliance-across-the-enterprise.-Reporting-to-the-VP-of-Information-Security,-this-role-will-lead-the-shift-from-a-traditional-compliance-driven-approach-to-a-modern,-risk-intelligence-led-model-that-enables-better-business-decisions,-strengthens-security-posture,-and-scales-with-Disney’s-global-technology-and-content-ecosystem.-This-leader-will-partner-closely-with-GIS-and-business-leadership-to-embed-risk-awareness-into-daily-operations,-ensuring-GRC-is-a-strategic-enabler-of-innovation—not-a-barrier.</span></span><span> </span></p></div><div><p></p><p><u><b><span>What-You&#39;ll-Do</span></b><span> </span></u></p></div><div><p><b><span>Transform-GRC-at-Disney</span></b><span> </span></p></div><div><ul><li><p><span><span>Drive-the-evolution-of-Disney’s-InfoSec-GRC-program-from-a-compliance-centric-model-to-a-dynamic,-risk-intelligence-led-capability-that-informs-enterprise-investment-and-prioritization-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-elevate-GRC-standards-by-introducing-innovative-approaches-to-risk-quantification,-compliance-automation,-and-integrated-governance</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Partner-with-GIS-and-segment-technology-leadership-to-position-GRC-as-a-strategic-business-enabler,-translating-complex-risks-into-actionable,-executive-ready-insights</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Champion-a-culture-where-risk-awareness-is-embedded-into-daily-decision-making,-enabling-intuitive-and-scalable-risk-informed-behaviors-across-the-enterprise</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Risk-Management-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead-the-design,-implementation,-and-continuous-improvement-of-Disney’s-enterprise-InfoSec-Risk-Management-Framework</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-and-operationalize-risk-tolerance-models,-translating-business </span><span>objectives</span><span> into-clear-prioritization,-investment,-and-remediation-decisions</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-mature-a-centralized-cybersecurity-risk-register-integrating-threat-intelligence,-vulnerabilities,-and-third-party-risk-data</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-risk-based-prioritization-across-InfoSec-functions-to-ensure-measurable-risk-reduction-and-alignment-to-enterprise-objectives</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Deliver-clear,-credible,-and-decision-ready-risk-reporting-to-executive-leadership-and-the-Board,-including-financial-risk-quantification-(e.g.,-FAIR)</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Governance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Oversee-the-full-lifecycle-of-InfoSec-policies,-standards,-and-guidelines,-ensuring-they-are-risk-based,-actionable,-and-aligned-with-business-needs</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Embed-governance-controls-into-the-technology-lifecycle-(e.g., </span><span>DevSecOps</span><span>,-cloud,-infrastructure-as-code),-reducing-reliance-on-manual-processes-through-automation</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Establish-a-policy-effectiveness-framework-focused-on-behavioral-change-and-measurable-risk-reduction</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Define-and-advance-governance-strategies-for-emerging-technologies,-including-AI/ML,-quantum-security,-and-autonomous-systems</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Lead-enterprise-maturity-assessments-(e.g.,-NIST-CSF)-to </span><span>identify</span><span> gaps-and-inform-strategic-investment-decisions</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Compliance-Program-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Provide-oversight-of-global-regulatory-and-contractual-compliance-programs-(e.g.,-SOX,-PCI,-GDPR,-ISO),-ensuring-consistency-and-scalability</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Build-and-operationalize-a-“compliance-as-a-service”-model-that-enables-self-service,-automates-evidence-collection,-and-minimizes-burden-on-engineering-teams</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Monitor-and </span><span>anticipate</span><span> changes-in-the-regulatory-landscape,-proactively-positioning-Disney-to-meet-evolving-requirements</span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><b><span>Organizational-Leadership</span></b><span> </span></p></div><div><ul><li><p><span><span>Lead,-develop,-and-scale-a-high-performing-global-GRC-organization,-fostering-a-culture-of-accountability,-innovation,-and-continuous-improvement</span></span><span> </span></p></li></ul></div><div><ul><li><p><span><span>Drive-organizational-excellence-through-strong-leadership,-talent-development,-and-a-focus-on-delivering-scalable,-forward-looking-solutions</span></span><span> </span></p></li></ul></div><div><p></p><p><b><span>What </span><span>You’ll</span><span> Bring</span></b><span> </span></p></div><div><p><i><span>Must-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> 12&#43;-years-of-progressive-experience-in-cybersecurity,-technology-risk,-or-compliance,-including-3&#43;-years-leading-enterprise-scale-GRC-functions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-bring</span></b><span><span> structured-problem-solving,-audit-rigor,-and-enterprise-advisory-experience </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> industry-experience-within-large,-complex-organizations,-with-the-ability-to </span><span>operate</span><span> effectively-in-highly-matrixed-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-proven </span><span>track-record</span><span> of-transforming-GRC-programs-into-risk-driven-operating-models-that-influence-enterprise-decision-making </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> deep </span><span>expertise</span><span> across-risk-management,-governance,-and-compliance,-including-frameworks,-policy-lifecycle,-automation,-audit,-and-controls-assurance</span></span><i><span>)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> strong-working-knowledge-of-industry-frameworks-and-regulations,-including-NIST-CSF,-NIST-800-53,-ISO-27001,-PCI-DSS-4.0,-SOX-ITGC,-and-GDPR </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> executive-presence-and-exceptional-influence-skills,-with-the-ability-to </span><span>operate</span><span> as-a-trusted-advisor-to-senior-leadership-and-translate-complex-technical-risk-into-clear-business-insights </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-applying-financial-risk-quantification-methodologies-(e.g.,-FAIR)-to-support-investment-and-prioritization-decisions </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-customer-focused-mindset,-ensuring-GRC-solutions-enable-the-business-and-enhance—not-hinder—user-and-product-experiences </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> experience-leading-in-highly-matrixed,-global-environments,-driving-alignment-across-engineering,-security,-and-business-stakeholders </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Leadership-&amp;-Transformation-Profile-(Critical-for-Success)</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-mindset-of-a-thought-partner—not-just-an-operator—bringing-a-strategic,-forward-looking-perspective-to-GRC </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>a-track-record</span><span> of-asking </span><span>hard-questions</span><span>,-challenging-legacy-ways-of-working,-and-driving-meaningful-change-across-organizations </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> the-ability-to-connect-cost,-customer-experience,-and-operational-efficiency-into-a-cohesive,-risk-informed-strategy </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> </span><span>demonstrated</span><span> success-leading-large-scale-transformation-initiatives,-influencing-without-authority,-and-driving-adoption-across-complex-organizations </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Technical-Expertise</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> advanced </span><span>expertise</span><span> in-audit-methodologies,-controls-testing,-and-assurance-processes,-including-ITGCs-and-automated-control-environments </span></span><i><span>(must-have-qualification)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> hands-on-experience-with-leading-GRC-platforms-(e.g.,-Archer,-ServiceNow-GRC,-SailPoint) </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-strong-understanding-of-cloud-security-and-compliance-across-AWS,-Azure,-and-GCP-environments </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> familiarity-with </span><span>DevSecOps</span><span> practices-and-integrating-security-and-governance-into-software-development-and-infrastructure-pipelines </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Nice-to-Have-Qualifications</span></i><span> </span></p></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-within-media,-entertainment,-or-similarly-complex,-consumer-facing-industries </span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-from-a-Big-4-consulting-firm.</span></span><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> experience-advancing-emerging-risk-domains-such-as-AI/ML-governance,-third-party-risk,-or-next-generation-compliance-capabilities </span></span><span> </span></p></li></ul></div><div><p><span> </span></p></div><div><p><i><span>Education</span></i><span> </span></p></div><div><ul><li><p><b><span>You-will-have</span></b><span><span> a-bachelor’s-degree-in-computer-science,-information-security,-or-a-related-field—or-equivalent-practical-experience </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><ul><li><p><b><span>You-may-have</span></b><span><span> advanced-degrees-or-relevant-certifications-(e.g.,-CISSP,-CISM,-CRISC) </span></span><i><span>(education)</span></i><span> </span></p></li></ul></div><div><p><span> </span></p></div></div><br>The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered. custom_fields.IndustryCustomField-The-Walt-Disney-Company-(Corporate) custom_fields.ExternalReferenceCode-10151183 custom_fields.PayTransparencyStatement-The-hiring-range-for-this-position-in-Orlando,-FL-is-$197,500-to-$265,000-per-year-and-in-Glendale,CA-is-$207,400-to-$278,200-per-year.-The-hiring-range-for-this-position-in-Seattle,-WA-is-$217,300-to-$291,500-per-year-and-in-New-York,-NY-is-$217,300-to-$291,500-per-year.-The-base-pay-actually-offered-will-take-into-account-internal-equity-and-also-may-vary-depending-on-the-candidate’s-geographic-region,-job-related-knowledge,-skills,-and-experience-among-other-factors.-A-bonus-and/or-long-term-incentive-units-may-be-provided-as-part-of-the-compensation-package,-in-addition-to-the-full-range-of-medical,-financial,-and/or-other-benefits,-dependent-on-the-level-and-position-offered.

  • Liderança executiva

    Nossos executivos seniores trazem enorme experiência, pensamento visionário e um compromisso compartilhado com excelência, criatividade e inovação para a operação cotidiana da empresa.

    Saiba mais 

  • Inclusão

    Na Disney, queremos que todos sintam que fazem parte de algo e prosperem. Criar um ambiente acolhedor e respeitoso para nossos funcionários e hóspedes é fundamental para a cultura da nossa empresa e nossos negócios. Nós nos esforçamos para criar ambientes de trabalho acolhedores que impulsionem a inovação e reforcem uma cultura em que todos os funcionários se sintam bem-vindos, respeitados e valorizados.

    Saiba mais 

Inscrever-se para receber alertas de vagas

Obtenha as oportunidades de emprego mais recentes assim que se tornarem disponíveis.

Acompanhe nossas vagas

Um asterisco indica um campo obrigatório.

Interessado emEscolha uma categoria da vaga a partir da lista de opções. Escolha um local a partir da lista de opções. Então, clique em “Adicionar” para criar sua notificação de vaga.

Ao clicar em “Enviar”, você concorda com nossos Termos de uso e reconhece que leu nossa Política de privacidade.

Ao clicar em “Enviar”, você concorda com nossos Termos de uso e reconhece que leu nossa Política de privacidade. Se eu optar por receber mensagens de marketing ou boletins informativos, posso retirar meu consentimento para essas mensagens de marketing a qualquer momento.

Ao clicar em “Enviar”, você concorda com nossos Termos de uso e declara ter lido a nossa Política de privacidade, Política de cookies e Direitos de privacidade da UE.

Como usamos suas informações pessoais e seus direitos:

  1. Suas informações pessoais são controladas por The Walt Disney Company Limited, com escritório em 3 Queen Caroline Street, London, W6 9PE, Reino Unido.
  2. Quando você visita ou compra com a Disney, ou quando usa algum aplicativo móvel, serviço ou produto da Disney, outros membros da The Walt Disney Company Family of Companies também podem usar suas informações para fornecer serviços, personalizar sua experiência e enviar comunicados e atualizações relacionadas a serviços.
  3. Você tem diversos direitos, incluindo o de solicitar acesso para alterar ou remover suas informações pessoais, ou alterar suas preferências de marketing (incluindo anular seu consentimento a qualquer momento.) Consulte nossa Política de privacidade para saber mais sobre como gerenciar suas preferências de marketing ou excluir sua conta.
  4. Você pode entrar em contato com o nosso Oficial de proteção de dados pelo e-mail: dataprotection@disney.co.uk.
  5. Você tem o direito de fazer uma reclamação junto ao Escritório do comissário de informações do Reino Unido: https://ico.org.uk/.
  6. Para mais informações sobre as práticas recomendadas sobre uso e coleta de dados da Disney, leia a Política de privacidade da Disney.

Para mais informações sobre nossa coleta, uso e práticas gerais de dados, incluindo como gerenciar suas preferências, leia nossa Política de privacidade. Li e concordo com os Termos de uso.