Vacancy expired!
At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in CA, WA, FL, CT, NY and TX.GIS supports all of Disney's segments which includes Disney Media & Entertainment Distribution (DMED). DMED brings together the Company's best-in-class product, technology, and commercialization teams together into one global organization. DMED is responsible for all distribution, network and engineering operations, sales, advertising, data, and certain key technology functions worldwide for the Company's content engines. DMED also manages operations of the Company's streaming services including Disney+, Hulu, ESPN+, Disney+ Hotstar and Star, the upcoming general entertainment offering; as well as all domestic broadcast and cable television network. Security professionals supporting DMED will be exposed to industry leading technology that provide our guests with world class and highly secured services.The Disney DMED Cyber Security team is seeking a Vulnerability Management Specialist to join our growing team. The Staff Security Specialist, Vulnerability Management will be a direct report to the Manager, Compliance and have responsibility for execution of the vulnerability management program. This is one of the most critical roles on the Cyber Security Operations team, as this role has the authority and capability to drastically reduce the risk of exploitation through the reduction of open vulnerabilities.Responsibilities : 7+ years related Information Security experience with demonstrated experience in building, implementing and continuous maturing of Vulnerability Management (VM) programs:- Regularly engaging with Global Information Security (GIS) partners on the state of DMED Vulnerability Management and segment specific programs/areas and the progress of related strategic initiatives
- Further enhancing DMED's VM risk-based remediation prioritization approach to addressing vulnerabilities
- Engaging with Enterprise Vulnerability Management (EVM) Team to understand enterprise enumeration, vulnerability assessment and remediation capabilities, and drive increased maturity in this space within DMED
- Supporting enterprise efforts to improve effectiveness/efficiency of EVM tools, process, procedures
- Project management and organizational skills, specifically managing multiple, concurrent projects
- Create and execute project plans and revise as appropriate to meet changing needs and requirements
- Create and maintain effective documentation of policies, processes, and procedures
- Apply published methodologies and enforce program standards
- Proactively provide status and concerns that may impact the execution of assigned project and/or tasks
- Problem solve and perform necessary research to identify additional options/solutions
- Assist with program development and implementation
- Manage and report upon the status of assigned projects and/or deliverables
- Support the initiatives and deliverables of the GIS department
- Identify and help implement areas for improvement (e.g., automation) to increase visibility and coverage; and to further reduce risk
- Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations
- Review, monitor and enable alignment to internal security policies & standards requirements
- Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve processes
- Strong leadership skills and demonstrated ability to support cross functional team
- Strong interpersonal, written, and oral communication skills
- Highly self-motivated and directed professional, with keen attention to detail
- Excellent analytical, pragmatic problem-solving and decision-making abilities
- Able to effectively prioritize tasks in a high-pressure environment
- Experience working in a team-oriented, collaborative environment
- Must have situational awareness and adjust conversations and approach based on audience
- Demonstrated customer service and solution-focused orientation
- Minimum 7 years of experience in vulnerability management or other operational/tactical information security role (e.g. penetration testing)
- Minimum 3 years of experience working with enterprise vulnerability management software/appliances
- Experience tailoring vulnerability risk ratings based on organization's environment/external threat
- Ability to interpret technical reports on vulnerabilities, exploits, and malware
- Capable of troubleshooting scanner failures at a network and application level
- Successful at communicating and reporting on risk to multiple levels across the organization
- Bachelor's in Information Technology, Computer Science, Cyber Security or Information Security (or equivalent work or military experience)
- GIAC GCIA, GCIH, GCFA or comparable certifications
- Master's in Information Technology, Computer Science, Cyber Cecurity or Information Security (or equivalent work or military experience)
Vacancy expired!