Director, Information Security

Universal Orlando Resort believes in-person collaboration is key to our success. Many of our Team Members work in a hybrid capacity, contributing from the workplace a minimum of three days per week. There are also roles that require being on-site full time. Limited remote opportunities may be available within specific departments. You’ll learn more about this during the recruitment process.

JOB SUMMARY:

Leads the Information Security team dedicated to supporting Universal Destinations & Experiences and plays a critical role in transforming the destination cyber security strategy. As a direct report to the UDX Information Security Officer, the Director of Information Security is a critical member of the NBCUniversal Cyber Security Leadership team responsible for overseeing the security posture for the UDX business. Role requires technical and business acumen to translate insight into a strategic roadmap. Responsible for balancing priorities while ensuring alignment with NBCU Cyber Security ecosystem and ensures goals are met in a fast-paced, dynamic environment. This position will work in close collaboration with the ISO's direct reports, security service owners, and the UDX business owners.

MAJOR RESPONSIBILITIES:

Business Engagement:

• Build trusted relationships and partner with business leadership and technology and service owners on the execution of the cyber security strategy.
• Understand the business workflows and engage with business leadership and teams to identify risks and business-aware mitigation strategies.
• Effectively articulate the threat landscape to business stakeholders and how cyber security’s strategy is aligned to defend against these threats.
• Embed security goals into the business roadmap and strategically evolve the cyber posture.
• Take ownership with business interactions related to lifecycle of risk management, working side by side with embedded engineering, governance, risk, and compliance teams.
• Provide Cyber Security thought leadership and counsel, with an understanding of business culture, audience, and climate.

Drive Cyber LRP:

• Drive implementation/adoption of Cyber security technologies, capabilities, and processes and work with key stakeholders to develop solutions for business challenges.
• Integrate and align with all peer organizations (Security Architecture & Engineering, GRC, Cyber Defense, IAM, Other Business ISOs, etc).

Lead the Team:

• Mentor and develop direct reports and broader Cyber Security staff, providing formal and informal feedback.

Protect our Eco-System:

• Look beyond individual engagements, risks, gaps, etc. to find overarching messages to identify the critical needle-moving efforts.
• Partner with security incident response team to resolve and close the investigation of incidents with postmortem and implementation/tracking of remediation plans.

Other

• Understands and actively participates in Environmental, Health & Safety responsibilities by following established UO policy, procedures, training and team member involvement activities.
• Performs other duties as assigned.

EDUCATION:

• Bachelor’s Degree required in an IT-related field and/or equivalent work experience.
• Master’s Degree in an IT-related field preferred.

EXPERIENCE:

• Minimum 10+ years working in cyber security disciplines or applicable work scope.
• Minimum 4+ years working in a leadership position in cyber security disciplines or applicable work scope.
• Previous experience working in multiple large complex environments and specifically within the Digital & Technology and / or Creative & Innovative organizations
• Previous experience embedding Cyber into business workflows.
• Comfort engaging in deeply technical efforts while keeping a strategic view and staying focused on key goals.
• Ability to analyze and summarize deliverables (e.g. threat models or security assessments) for an executive audience.

ADDITIONAL INFORMATION:

• Knowledge of the cyber threat landscape that drive them and the ability to translate this to defending NBCUniversal.
• Strong and proven communication (both verbal and written) and customer engagement skills with experience briefing corporate executives and professionals.
• Strong leadership skills, social and business acumen, and proven results working with leaders across organizational and business lines to solve complex problems.
• Experience providing direct support and input to business executives and taking a lead role in driving the strategic direction of the organization’s mission.
• Leadership experience in Information Security or Information Technology; proven work history of providing security solutions to a large, complex global enterprise.
• Threat-focused security experience - an understanding of how threats operate, and how we can build the best possible defenses for the enterprise.
• Experience with hands-on delivery of critical programs – demonstrated ability to parachute in to resolve issues, dive into details, articulate risks, and manage escalations.
• Recruit advocates across the NBCU organization to ensure the successful adoption of security solutions.
• Focus on critical intersection between security and usability; empathize, anticipate, and solve potential business pain points.
• Previous experience working in multiple large complex environments and specifically within the Digital & Technology and / or Creative & Innovative organizations.
• Previous experience embedding Cyber into business workflows.
• Comfort engaging in deeply technical efforts while keeping a strategic view and staying focused on key goals.
• Ability to analyze and summarize deliverables (e.g. threat models or security assessments) for an executive audience.
• Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
• Consistent attendance is a job requirement.

Your talent, skills and experience will be rewarded with a competitive compensation package.

Universal is not accepting unsolicited assistance from search firms for this employment opportunity. All resumes submitted by search firms to any employee at Universal Orlando via-email, the Internet or in any form and/or method without a valid written Statement of Work in place for this position from Universal Orlando HR/Recruitment will be deemed the sole property of Universal Orlando. No fee will be paid in the event the candidate is hired by Universal Orlando as a result of the referral or through other means.

Universal Orlando Resort. Here you can.

Universal Orlando is an equal opportunity employer. Universal elements and all related indicia TM & © 2025 Universal Studios. All rights reserved. EOE