Skip to main content

Staff Security Specialist, Vulnerability Management

Apply NowApply Later Job ID 7090779220220327 Location Celebration, Florida, United States Business The Walt Disney Company (Corporate) Date posted Aug. 15, 2022 Flex Type Hybrid

- This role is considered hybrid, which means the employee will work a portion of their time on-site from a Company designated location and the remainder of their time remotely.

Job Summary:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in CA, WA, FL, CT, NY and TX.

GIS supports all of Disney’s segments which includes Disney Media & Entertainment Distribution (DMED). DMED brings together the Company’s best-in-class product, technology, and commercialization teams together into one global organization.  DMED is responsible for all distribution, network and engineering operations, sales, advertising, data, and certain key technology functions worldwide for the Company’s content engines. DMED also manages operations of the Company’s streaming services including Disney+, Hulu, ESPN+, Disney+ Hotstar and Star, the upcoming general entertainment offering; as well as all domestic broadcast and cable television network. Security professionals supporting DMED will be exposed to industry leading technology that provide our guests with world class and highly secured services.

The Disney DMED Cyber Security team is seeking a Vulnerability Management Specialist to join our growing team. The Staff Security Specialist, Vulnerability Management will be a direct report to the Manager, Compliance and have responsibility for execution of the vulnerability management program. This is one of the most critical roles on the Cyber Security Operations team, as this role has the authority and capability to drastically reduce the risk of exploitation through the reduction of open vulnerabilities.

Responsibilities:

  • 7+ years related Information Security experience with demonstrated experience in building, implementing and continuous maturing of Vulnerability Management (VM) programs:

  • Regularly engaging with Global Information Security (GIS) partners on the state of DMED Vulnerability Management and segment specific programs/areas and the progress of related strategic initiatives

  • Further enhancing DMED’s VM risk-based remediation prioritization approach to addressing vulnerabilities

  • Engaging with Enterprise Vulnerability Management (EVM) Team to understand enterprise enumeration, vulnerability assessment and remediation capabilities, and drive increased maturity in this space within DMED

  • Supporting enterprise efforts to improve effectiveness/efficiency of EVM tools, process, procedures

  • Project management and organizational skills, specifically managing multiple, concurrent projects

  • Create and execute project plans and revise as appropriate to meet changing needs and requirements

  • Create and maintain effective documentation of policies, processes, and procedures

  • Apply published methodologies and enforce program standards

  • Proactively provide status and concerns that may impact the execution of assigned project and/or tasks

  • Problem solve and perform necessary research to identify additional options/solutions

  • Assist with program development and implementation

  • Manage and report upon the status of assigned projects and/or deliverables

  • Support the initiatives and deliverables of the GIS department

  • Identify and help implement areas for improvement (e.g., automation) to increase visibility and coverage; and to further reduce risk

  • Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations

  • Review, monitor and enable alignment to internal security policies & standards requirements

  • Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve processes

This role requires the ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly:

  • Strong leadership skills and demonstrated ability to support cross functional team

  • Strong interpersonal, written, and oral communication skills

  • Highly self-motivated and directed professional, with keen attention to detail

  • Excellent analytical, pragmatic problem-solving and decision-making abilities

  • Able to effectively prioritize tasks in a high-pressure environment

  • Experience working in a team-oriented, collaborative environment

  • Must have situational awareness and adjust conversations and approach based on audience

  • Demonstrated customer service and solution-focused orientation

Basic Qualifications:

  • Minimum 7 years of experience in vulnerability management or other operational/tactical information security role (e.g. penetration testing)

  • Minimum 3 years of experience working with enterprise vulnerability management software/appliances

  • Experience tailoring vulnerability risk ratings based on organization’s environment/external threat

  • Ability to interpret technical reports on vulnerabilities, exploits, and malware

  • Capable of troubleshooting scanner failures at a network and application level

  • Successful at communicating and reporting on risk to multiple levels across the organization

Required Education:

  • Bachelor's in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)

  • GIAC GCIA, GCIH, GCFA or comparable certifications

Preferred Education:

  • Master's in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)

About The Walt Disney Company (Corporate):

At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate).

Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply NowApply Later

Watch Our Jobs

Sign up to receive new job alerts and company information based on your preferences.

For Disney Job Alerts to work, JavaScript must be enabled in your browser.