Vacancy expired!
Security and Compliance is critical to protect the Walt Disney Company Brand, Assets and Intellectual Property. This role will act as the operational subject matter expert, across all of Enterprise Technology to co-ordinate Infrastructure Vulnerability Management (VM) efforts between internal customers and service providers, improve VM processes and procedures, and drive compliance efforts.
This role will drive the following across Enterprise Technology:- Drive Infrastructure Vulnerability Management
- Drive timely Critical Vulnerability remediation
- Develop Vulnerability Management Process Improvements
- Provide Compliance and Vulnerability Management reporting
- Help drive currency efforts for systems near the end of lifecycle
- Coordinate with Server owners, Information Security and other internal teams to remediate infrastructure vulnerabilities
- Provide situation based support, using Disney information security policies and compliance standards, to ensure identified vulnerabilities are remediated and updates are installed in an appropriate and timely manner
- Investigates vulnerability findings present within the enterprise, and coordinates remediation efforts in collaboration with server owners and other subject matter experts
- Coordinate scheduling of servers for installation of patches, software, and other compliance standards in accordance with established policies
- Validate VM Change requests for accuracy and completeness and drive timely Critical Vulnerability remediation efforts
- Provide status reports to leadership related to VM metrics, key risk indicators, trending risks, and compliance
- Ensure vendors follow established procedures and SLAs in accordance with contractual obligations in the execution and proper documentation of Vulnerability Management activities
- Coordinate with Third Party Vendors, Disney Business Segments, and individual server owners to maintain compliance posture as it relates to Infrastructure Vulnerability management
- Collaborate with teams, to improve success rate on VM activities, drive infrastructure currency efforts for end of life systems, and assist with Service Now CMDB quality improvements
- Initiate automation projects, to minimize manual processes in operations
- 3+ years of experience in Information Security Vulnerability Management
- Experience with vulnerability tools: Qualys, BigFix and ServiceNow Vulnerability module
- Experience managing IT vulnerability management processes and infrastructure server patching
- Strong data analysis skills, to analyze vulnerability data and publish metrics
- Good collaboration and communication skills to influence remediation with server owners
- Continuous process improvement mindset
- Security Certification: CISSP, GIAC, CompTIA+ Security
- Advanced data analysis skills (SQL, Tableau, Power BI)
- Advanced ServiceNow vulnerability and patching module knowledge
- Cloud Vulnerability (PRISMA vulnerability tool)
- 4 year degree in Technology, Business or related field preferred
Vacancy expired!