Executive Director, Global Information Security

Sealed Air designs and delivers packaging solutions that protect essential goods transported worldwide, preserve food, enable e-commerce and digital connectivity, and help create a global supply chain that is touchless, safer, less wasteful, and more resilient. Westrive to foster a caring, high-performance growth culture that will deliver consistent, sustainable profitable growth and accelerate our performance - a culture where accountability is clear and aligned, and where we reward business outcomes and impact. That culture guides everything we do, including how we partner with our customers and suppliers, how we attract and retain top talent, and how we create and deliver value for our stakeholders. In 2024, Sealed Airgenerated $5.4 billion in revenue and had approximately 16,400 employees distributing products and services to 117 countries/territories around the world. To learn more, visit www.sealedair.com.

Job Summary & Candidate Profile

Reporting to the Global CIO, this position is responsible for the governance, risk management, and strategic architecture of Sealed Air's cybersecurity program.

The CISO will operate as the primary assurance authority for the enterprise. You will transition the organization to the NIST CSF 2.0 framework, adding critical focus on the "GOVERN" function. You will provide independent oversight of the Cyber Operations and Infrastructure teams (who execute security controls) to ensure compliance to and advancement of security policies.

The successful leader must be a strategist capable of quantifying risk in financial terms, navigating the emerging complexities of AI Risk Management (NIST AI RMF 1.0), and serving as a trusted advisor to the Audit Committee and Board of Directors. You will not just "run tools"; you will define the "Security by Design" standards that the IT Operations organization builds against.

How Will You Impact? (Key Accountabilities)

Governance, Risk & Compliance (GRC)

• Establish the Framework: Own and evolve the enterprise security strategy based on NIST CSF 2.0, specifically operationalizing the new GOVERN function to align security outcomes with business priorities.
• Policy Authority: Define and ratify all enterprise security policies (e.g., Access Control, Network Segmentation, Cloud Configuration). You act as the legislative body; IT Operations acts as the executive body.
• Risk Quantification: Move the program from "vulnerability counting" to financial risk exposure. Manage the Enterprise Risk Register and hold sole authority to grant "Risk Acceptance" for legacy deviations (e.g., obsolete OS) only when compensating controls are validated.
• Data Privacy / DPO accountabilities for mapped and "risk managed" globally.

• SOX / Internal Audit Liaison - assure completeness of control design. Advise on control objectives and procedures and assist audit communications.

AI & Data Security Architecture

• AI Risk Architect: Implement the NIST AI Risk Management Framework (AI RMF 1.0) to govern the lifecycle of AI agents and Generative AI deployments.
• Trustworthy AI Assurance: Establish audit mechanisms to test AI models for "Trustworthy Characteristics," specifically checking for explainability, harmful bias, and data integrity
• Data Fabric Governance: Partner with Data Engineering to mandate security controls within the Microsoft Fabric environment, ensuring Role-Based Access Control (RBAC) and Row-Level Security (RLS) are architected into data products before release

Operational Assurance & Oversight

• Independent Oversight: Provide executive monitoring of the Cyber Operations function (which reports to IT Ops). Validate performance against key metrics including Mean Time to Contain (MTTC) 8and challenge the efficacy of threat detection capabilities.
• Architecture Review Veto: Serve as a voting member on the Architecture Review Board with veto power over any new implementation (Cloud, OT, or Software) that does not meet "Secure by Design" principles.
• Supply Chain Risk: Direct the Cyber Supply Chain Risk Management program, assessing third-party vendors and integration points within the digital ecosystem.

Crisis Management & Resilience

• Crisis Commander: Sole authority to declare a "Cyber Incident". While IT Operations manages technical containment, you lead the strategic response, coordinating with Legal, Insurance, Public Relations, and Regulatory bodies.
• Simulation and Preparedness: Accountable for readiness and activation of the Cyber incident response plan including orchestration of related business continuity plans across global business and plant operations.
• Board Reporting: Translate technical cyber metrics (events, alerts) into business impact statements for the Board of Directors and Audit Committee. Report quarterly on risk, program performance and maturity. Provide board learning as required to advance understanding of security strategy.

Critical Capabilities Needed to Impact

• Influential Leadership: Ability to drive security outcomes through influence rather than direct operational command. You must be able to hold the VP of IT Operations accountable for patching and configuration SLAs without managing the engineers directly.
• Regulatory Acumen: Deep understanding of NIST CSF 2.0, NIST AI RMF 1.0, and global data privacy regulations (GDPR, CCPA).
• Risk Pragmatism: Ability to balance "perfect security" with business speed. Experience structuring "Risk Acceptance" memos that allow the business to operate legacy systems 12 while maintaining safety via segmentation.
• Technical Authority: Sufficient technical depth in Cloud (Azure), OT (Manufacturing), and AI to effectively challenge architects and engineers on "Secure by Design" principles.

Requisition id:53574

Relocation:Yes

Sealed Air is committed to attracting, selecting, and developing talent that reflects the diversity of the communities and customers we serve. We take pride in our selection process to identify, infuse, and grow talent to align with our culture, values, and norms. Sealed Air prioritizes talent development, fostering a culture of continuous growth and career progression. The company is committed to providing equal employment opportunities to all applicants for employment and to all employees, without regard to race, color, religion, gender identity or expression, national origin, age, protected disability, veteran status, or any other protected status in accordance with applicable federal, state and local laws.

*Please be cautious of fraudulent recruiting efforts using the Sealed Air name or logo. Sealed Air will never request private information during the application process, such as a Driver's License or Social Security Number. If you have any concerns about information received from SEE during the application process, please reach out to us directly at globalta@sealedair.com.

LINK1 MON1