Cyber Security Engineer - Vulnerability Management
Lake Buena Vista, Florida, United StatesApply NowApply Later
Job ID 845813BR Location Lake Buena Vista, Florida, United States Business Parks, Experiences and Products Date posted Aug. 27, 2021
Job Summary:Would you like to be part of the team that is tasked with the Operational Technology Cybersecurity of our Ride and Show control systems at The Walt Disney Company? The Vulnerability Management Specialist takes a strategic approach to protection of our control networks in attractions, live shows, and transportation venues. The primary tasks of this position will be to align Cybersecurity vulnerability management solutions with WDW’s existing and incoming attraction systems. If you thrive in a fast-paced environment where professionalism, precision and integrity are valued and where no two days are the same, apply today to join us.
Responsibilities:Work with a larger Operational Technology Cybersecurity team at the WDW Resort to:
- Administer both individual and centrally managed instances of vulnerability scanners (Tenable Nessus, Tenable Security Center).
- Manage deployment strategies for both isolated and managed vulnerability scanners in new and legacy attractions.
- Ensure adequate and proper response to discovered vulnerabilities in accordance with established and defined Security Policies.
- Deconflict policies from multiple authorities to define a minimum vulnerability standard.
- Understand vulnerability data and test effectiveness in attraction environments.
- Document risk through practical experience with GRC tools including Archer.
- Develop automation around the detection and remediation of discovered vulnerabilities (Chef/Puppet Configuration Management, etc.).
- Guide group policy, WSUS, and SCCM policy development towards vulnerability mitigating solutions.
- Communicate vulnerability mitigating enhancements to endpoint security solution team.
- Optimize security tool deployments and introduce scalable processes across Cyber Security capabilities.
- Experience in a technical role in support of detecting, cataloging, remediating, and mitigating vulnerabilities.
- Practical experience with one or more:
- Security Vulnerability Scanning Tools (Tenable Nessus/Security Center/Tenable.OT).
- Aggregating and displaying vulnerability data using Vulnerability reporting tools like Tenable.SC.
- Remediating or mitigating discovered vulnerabilities using baselining tools like, WSUS, Group Policy, and/or Chef.
Configuration Management Automation and/or scripting experience (Python/Bash).
- Ensuring endpoints remain compliant in accordance with security policy using tools like STIGs and SCAPs.
- Able to configure, manage and troubleshoot both Windows and Linux based operating systems to reduce vulnerabilities.
- Provision and deployment secured virtual (cloud based or VM) and physical endpoints.
- Ability to work individually with minimal supervision and as an integral part of a team.
- Proficient in all forms of communication—especially when conveying technical details to a non-technical audience.
- Communicates using collaborative tools including Microsoft Teams, Slack, Jira, and Gitlab effectively.
- Ability to efficiently resolve computer and operational technology vulnerabilities with varying degrees of complexity.
- Knowledgeable in network and system security procedures, best practices, and implementation of network documentation and diagramming.
- Able to work non-traditional hours, in non-traditional settings. This includes occasional weekends, evenings, and holidays or in backstage areas that could include dark spaces, elevated walkways, and industrial environments.
- Prior experience in an entertainment venue or attractions/theme park industry.
- Prior experience or a strong understanding of how to approach vulnerability remediation and mitigation within an Operational Technology environment.
- Strong understanding of both Show and Ride control systems.
Required EducationBA/BS degree in Cybersecurity, Computer Science, or related engineering field
- One or more general security certifications including Security+, CySA+, CCNA Cyber Ops, AWS, GSEC, GICSP, CISSP, or other relevant certifications.
- One or more vulnerability assessment or auditing certification including CISSA, CISM, GCCC, GSNA or other relevant certifications.
About Parks, Experiences and Products:
The Parks, Experiences and Products segment includes Disney’s iconic travel and leisure businesses, which include six resort destinations in the United States, Europe and Asia, a top-rated cruise line, a popular vacation ownership program, and an award-winning guided family adventure business. Disney’s global consumer products operations include the world’s leading licensing business across toys, apparel, home goods, digital games and apps; the world’s largest children’s publisher; Disney store locations around the world; and the shopDisney e-commerce platform.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Walt Disney Parks and Resorts U.S., Inc., which is part of a business segment we call Parks, Experiences and Products.
Walt Disney Parks and Resorts U.S., Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.