Staff Security Specialist, Vulnerability ManagementApply NowApply Later Job ID 7090779220220327 Location Celebration, Florida, United States Business The Walt Disney Company (Corporate) Date posted Aug. 15, 2022 Flex Type Hybrid
- This role is considered hybrid, which means the employee will work a portion of their time on-site from a Company designated location and the remainder of their time remotely.
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in CA, WA, FL, CT, NY and TX.
GIS supports all of Disney’s segments which includes Disney Media & Entertainment Distribution (DMED). DMED brings together the Company’s best-in-class product, technology, and commercialization teams together into one global organization. DMED is responsible for all distribution, network and engineering operations, sales, advertising, data, and certain key technology functions worldwide for the Company’s content engines. DMED also manages operations of the Company’s streaming services including Disney+, Hulu, ESPN+, Disney+ Hotstar and Star, the upcoming general entertainment offering; as well as all domestic broadcast and cable television network. Security professionals supporting DMED will be exposed to industry leading technology that provide our guests with world class and highly secured services.
The Disney DMED Cyber Security team is seeking a Vulnerability Management Specialist to join our growing team. The Staff Security Specialist, Vulnerability Management will be a direct report to the Manager, Compliance and have responsibility for execution of the vulnerability management program. This is one of the most critical roles on the Cyber Security Operations team, as this role has the authority and capability to drastically reduce the risk of exploitation through the reduction of open vulnerabilities.
7+ years related Information Security experience with demonstrated experience in building, implementing and continuous maturing of Vulnerability Management (VM) programs:
Regularly engaging with Global Information Security (GIS) partners on the state of DMED Vulnerability Management and segment specific programs/areas and the progress of related strategic initiatives
Further enhancing DMED’s VM risk-based remediation prioritization approach to addressing vulnerabilities
Engaging with Enterprise Vulnerability Management (EVM) Team to understand enterprise enumeration, vulnerability assessment and remediation capabilities, and drive increased maturity in this space within DMED
Supporting enterprise efforts to improve effectiveness/efficiency of EVM tools, process, procedures
Project management and organizational skills, specifically managing multiple, concurrent projects
Create and execute project plans and revise as appropriate to meet changing needs and requirements
Create and maintain effective documentation of policies, processes, and procedures
Apply published methodologies and enforce program standards
Proactively provide status and concerns that may impact the execution of assigned project and/or tasks
Problem solve and perform necessary research to identify additional options/solutions
Assist with program development and implementation
Manage and report upon the status of assigned projects and/or deliverables
Support the initiatives and deliverables of the GIS department
Identify and help implement areas for improvement (e.g., automation) to increase visibility and coverage; and to further reduce risk
Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations
Review, monitor and enable alignment to internal security policies & standards requirements
Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve processes
This role requires the ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly:
Strong leadership skills and demonstrated ability to support cross functional team
Strong interpersonal, written, and oral communication skills
Highly self-motivated and directed professional, with keen attention to detail
Excellent analytical, pragmatic problem-solving and decision-making abilities
Able to effectively prioritize tasks in a high-pressure environment
Experience working in a team-oriented, collaborative environment
Must have situational awareness and adjust conversations and approach based on audience
Demonstrated customer service and solution-focused orientation
Minimum 7 years of experience in vulnerability management or other operational/tactical information security role (e.g. penetration testing)
Minimum 3 years of experience working with enterprise vulnerability management software/appliances
Experience tailoring vulnerability risk ratings based on organization’s environment/external threat
Ability to interpret technical reports on vulnerabilities, exploits, and malware
Capable of troubleshooting scanner failures at a network and application level
Successful at communicating and reporting on risk to multiple levels across the organization
Bachelor's in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)
GIAC GCIA, GCIH, GCFA or comparable certifications
Master's in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.