At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies, and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences. 
 

The Attractions Operational Technology (AOT) Cybersecurity team provides services and solutions to secure and enhance the reliability of the computer and control networks on which the rides and shows run in our theme parks.  This is done through risk evaluation, collaboration, standardization, enforcement, and education across the business segment.  Our team is engaged in both the new themed attractions as well as our legacy attractions.  The team roles are divided amongst design and architecture, monitoring and logging, and vulnerability management.  
 

We are looking for a team member with a passion for security in an operational technology setting.  The successful candidate will demonstrate a friendly, collaborative approach to applying their skills – both through requesting and offering feedback to the team members that surround them. 

The AOT Cybersecurity team partners with many other divisions to design, build and integrate cybersecurity solutions that proactively protect Disney assets, systems, data, and guests in our parks. 

This is a 24-month Project Hire role through the end of 2027.

What You Will Do: 

The “Cyber Tech Spec – Vuln Mgmt” is a key team member dealing with security operations. 

• Serve as a core member of the Vulnerability Management team, with a primary focus on vulnerability scanning using Tenable VMs. 

• Review and verify existing scan configurations and monitored assets to ensure consistency and comprehensive data enrichment. 

• Collaborate with internal partners by addressing assigned tickets and supporting remediation strategies. 

• Manage and update global scanner settings, including software updates, patches, and configuration changes unrelated to scanning. Ensure proper data flow from Tenable into existing automation workflows and maintain the integrity of remediation tickets. 

• Contribute to the development of automation solutions for incident alerting, asset identification enrichment, and the creation of custom reports and dashboards. 

• Conduct daily reviews of event channels to detect anomalies or unusual behavior. Utilize internal tools to monitor system health, triage alerts, investigate system exceptions, and conduct data audits as needed. 
   

Required Qualifications & Skills: 

• A minimum of 3 years of experience in a technology or engineering organization, with a demonstrated interest in vulnerability management. 

• Strong analytical and problem-solving skills, with the ability to interpret data, recommend solutions, and communicate findings clearly. 

• Solid understanding of networking technologies, including experience with firewall logs, switch and router logs, and common network communication protocols. 

• Hands-on experience with Tenable security tools, including Nessus Scanner, Nessus Network Monitor, Tenable OT, Tenable OT Sensor, and Security Center. 

• Familiarity with supporting platforms and tools such as Microsoft Visio, Axonius, Elastic Stack, and VMware. 

• Ability to leverage existing documentation and systems to perform asset enrichment and analysis. 

• Self-starter with strong organizational skills with the ability to multitask, manage priorities, and work independently. 

• Excellent interpersonal skills and the ability to build effective working relationships across teams. 
   

Required Education: 

• Bachelor’s degree or expected imminent completion in Cybersecurity, Computer Science, Information Systems, Software Engineering, or comparable field of study. 
   

Preferred Qualifications & Skills: 

• Possess any of the following certifications: Security+, CySA+, SSCP, GSEC, or similar cybersecurity certification. 

• Experience building, analyzing, or supporting information systems in an Operational Technology environment (utility, manufacturing, transportation, medical, or themed entertainment). 

• Experience with SIEM, SOAR, or other data centric tools for the purpose of simplifying, optimizing, and organizing a great amount of data for easier understanding.