Comcast Engineer, Cyber Security Threat Management in Moorestown, New Jersey

Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.

Comcast's Technology & Product Security (TPS) organization focuses on a range of functions from securing the Comcast network and facilities from threats to developing new technologies and processes that employees can use to benefit their experience of working at Comcast.

Summary

Seeking a motivated and energetic individual, with a proven track record for Security Incident Response, and Security Services. The position will be centered on conducting deep seeded cyber security investigations, focusing on multiple stages including preparation, identification, containment, eradication, recovery, and lessons learned. Individuals on the team will take IR and threat hunting to the next level, analyzing current and past investigations, to not only bring incidents to a thorough closure, but create a path and forum, educating various business units and leadership on the process life cycle and areas of improvement. Tying in real world engagements with a comprehensive understanding of needs and commitments in the organization, Threat management (TM) will work toward creating a more effective incident response process and security awareness in the Comcast family.

Successful Traits

- Exceptional Communication Skills. Able to write concise documentation.

- Diplomacy. Able to present counter opinions or difficult topics in a tactful way.

- Root cause analysis and problem solving skills.

Core Responsibilities

Threat Discovery / Threat Hunting

- Exploration and integration of new cybersecurity tools, processes, and capabilities

- Contribute to the tuning and development of security information and event monitoring systems (SIEM) use cases and other security control configurations to enhance threat detection capabilities

- Perform in-depth investigation of events identified during threat hunt activities or security alerts received from various security technologies

- Proactively "hunt" for potential malicious activity and incidents across multiple customers using advanced threat network and host-based tools

- Provide support in the detection, response, mitigation, and reporting of cyber threats affecting client networks with the ability to evaluate IT environments and identify security goals, objectives and requirements

Critical Incident Response

- Active Engagement on the most critical Severity 1 & 0 Cyber Security Incidents; Compliment SIRT in analysis, assisting Incident Response (IR), as well as mitigation recommendations, as required.

-Act as a subject matter expert during both active incidents and in the planning of future response and mitigation, including but not limited to Mock/Table top exercises, cross team educational sessions, business wide strategy building.

- Define incident response policies and procedures, providing recommendations to improve response capabilities and create framework to support activities at the time of an incident.

- Plan and execute Mock and Table Top Incidents to improve IR readiness.

- 24/7 on call for High Profile Situations

Forensics

- Assist in IR process to preserve system data, image and file extraction, and deep dive analysis.

- Conduct malware reverse engineering for first look-in to zero day threats targeted toward Comcast and the brands we support.

Analysis & Reporting

- Creation of concise and professional materials to communicate goals, objectives and incident reporting.

- Continuously review and evaluate the state of Comcast Security environment and recommend technology and process improvements.

- Serve as a technical leadership team and advisor to key stakeholders, establishing trust-based relationships through active engagement and collaboration.

Qualifications

Required Experience

- 5-8 years of professional experience, with 5 years of experience in information security and/or IT risk management. 2 years related to penetration testing

- 3 years of experience architecting solutions with a concentrated focus on security, performance, scalability, and reliability.

- Experience in working and presenting to Executives in both IT and Business.

- Highly advanced written and communication skills.

- Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques

- Knowledge of threats and various attacker methods including tools/techniques/practices

- Demonstrated technical experience with Networking (eg. data flows, architecture, protocols, traffic analysis, wireless, etc)

- Familiarity with performing Ethical Hacking of both web applications and their associated platforms (e.g. J2EE, .Net, Apache, IIS, Websphere) and infrastructure elements (e.g. Windows/Linux operating systems, Oracle/SQL servers, firewalls, routers, switches)

- Familiar with common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web servers

- Experience working with security intelligence, data analytics, security incident response, and penetration testing experience required

Nice to Haves

- Knowledge of Comcast Technology, organizations, people, processes, culture, and systems.

- Proven Success engaging stakeholders in continuous change and workflow improvement.

- Ability to understand and support business operational functions.

Education Level: Bachelor's Degree Preferred

Field of Study: Cybersecurity, Information Assurance, Computer Science or related field

Certifications: Preferred: CISSP; CISA, CISM or GIAC

Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.