Executive Director, Global Information Security

Sealed Air designs and delivers packaging solutions that protect essential goods transported worldwide, preserve food, enable e-commerce and digital connectivity, and help create a global supply chain that is touchless, safer, less wasteful, and more resilient. We strive to foster a caring, high-performance growth culture that will deliver consistent, sustainable profitable growth and accelerate our performance – a culture where accountability is clear and aligned, and where we reward business outcomes and impact.

That culture guides everything we do, including how we partner with our customers and suppliers, how we attract and retain top talent, and how we create and deliver value for our stakeholders. In 2024, Sealed Air generated $5.4 billion in revenue and had approximately 16,400 employees distributing products and services to 117 countries/territories around the world. To learn more, visit

Reporting to the Global CIO, this position is responsible for the governance, risk management, and strategic architecture of Sealed Air’s cybersecurity program.

The CISO will operate as the primary assurance authority for the enterprise. You will transition the organization to the NIST CSF 2.0 framework, adding critical focus on the "GOVERN" function. You will provide independent oversight of the Cyber Operations and Infrastructure teams (who execute security controls) to ensure compliance to and advancement of security policies.

The successful leader must be a strategist capable of quantifying risk in financial terms, navigating the emerging complexities of AI Risk Management (NIST AI RMF 1.0), and serving as a trusted advisor to the Audit Committee and Board of Directors. You will not just "run tools"; you will define the "Security by Design" standards that the IT Operations organization builds against.

• Establish the Framework:
  Own and evolve the enterprise security strategy based on NIST CSF 2.0, specifically operationalizing the new GOVERN function to align security outcomes with business priorities.
• Policy Authority:
  Define and ratify all enterprise security policies (e.g., Access Control, Network Segmentation, Cloud Configuration). You act as the legislative body; IT Operations acts as the executive body.
• Risk Quantification:
  Move the program from "vulnerability counting" to financial risk exposure. Manage the Enterprise Risk Register and hold sole authority to grant "Risk Acceptance" for legacy deviations (e.g., obsolete OS) only when compensating controls are validated.
• Data Privacy / DPO accountabilities for mapped and "risk managed" globally.
• SOX / Internal Audit Liaison – assure completeness of control design. Advise on control objectives and procedures and assist audit communications.

• AI Risk Architect:
  Implement the NIST AI Risk Management Framework (AI RMF 1.0) to govern the lifecycle of AI agents and Generative AI deployments.
• Trustworthy AI Assurance:
  Establish audit mechanisms to test AI models for "Trustworthy Characteristics," specifically checking for explainability, harmful bias, and data integrity.
• Data Fabric Governance:
  Partner with Data Engineering to mandate security controls within the Microsoft Fabric environment, ensuring Role-Based Access Control (RBAC) and Row-Level Security (RLS) are architected into data products before release.

• Independent Oversight:
  Provide executive monitoring of the Cyber Operations function (which reports to IT Ops). Validate performance against key metrics including Mean Time to Contain (MTTC) 8and challenge the efficacy of threat detection capabilities.
• Architecture Review Veto:
  Serve as a voting member on the Architecture Review Board with veto power over any new implementation (Cloud, OT, or Software) that does not meet "Secure by Design" principles.
• Supply Chain Risk:
  Direct the Cyber Supply Chain Risk Management program, assessing third-party vendors and integration points within the digital ecosystem.

• Crisis Commander:
  Sole authority to declare a…