What kind of watch program do you plan on using? If the job is run with QSECOFR authority you should be able to reset the profile using CHGUSRPRF. My primary question is why is the profile getting disabled? If that is part of your security process to disable after a select number of login attempts, why automatically would you want to re-enable it. This would give a possible hacker an unlimited number of tries to access your system?