Comcast Sr. Security Engineer, Comcast Business in Philadelphia, Pennsylvania
Comcast Business offers technology solutions ranging from Ethernet, internet, and WiFi connectivity to voice, television, and managed Enterprise solutions to power businesses of all sizes to perform better. From small businesses to mid-market and large Enterprise organizations, Comcast Business serves business customers across the country. Powered by an advanced, Gig-speed network and backed by 24/7 technical support, Comcast Business is one of the largest contributors to the growth of Comcast Cable. The organization is the nation's largest cable provider to small and mid-size businesses and has emerged as a force in the Enterprise market, recognized by leading industry associations as one of the fastest growing provider of Ethernet services.
Responsible for working with the end-to-end product development teams to improve the security maturity of the products from inception and implementation to operation. Create, maintain, and enforce security plans and policies affecting the business services products, including compliance program implementation. Responsible for implementing best practices in system and software development via a dev-sec-ops approach. Play a lead role in managing vulnerabilities across the ecosystem. . Act as a Security Subject Matter Expert for the engineering and product management teams. Support the development of new security products and offerings. Integrate knowledge of business and functional priorities. Acts as a key contributor in a complex and crucial environment. May lead projects and share expertise.
Employees at all levels are expect to:
- Understand our Operating Principles; make them the guidelines for how you do your job
- Own the customer experience-think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services
- Know your stuff-be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences
- Win as a team-make big things happen by working together and being open to new ideas
- Be an active part of the Net Promoter System-a way of working that brings more employee and customer feedback into the company-by joining huddles, making call backs and helping us elevate opportunities to do better for our customers
- Drive results and growth
- Respect and promote inclusion and diversity
- Do what's right for each other, our customers, investors and our communities
- Recommends and ensures implementation of security requirements and associated safeguards to the business services products. Security safeguards should be in accordance with industry standards, generally accepted business practices and Company security policies. Knowledge of NIST and ISO standards.
- Collaborates with the security engineering and system architecture teams to define and maintain a robust security architecture for each product
- Works with the security operations team to ensure vulnerabilities and incidents are properly managed, including meeting internal SLAs and internal/external communication requirements
- Works with the applications development teams to enforce best practices such as the OWASP Top 10 and NIST 800 series guidelines
- Researches new and/or updated technologies as they come available that pertain to our environment.
- Participates in regular penetration tests and vulnerability assessments
- Leads threat modeling and security architecture assessment activities.
- Support security audit (internal and external) activities.
- Develops scripts and recommends tools to support the Operations Security function.
- Helps ensure that customer SLAs are met at all times. Responds quickly to downtime situations.
- Communicates regularly with development and supports teams regarding security posture and associated development and remediation schedules. Provides insight and resolutions on security matters, acting as a Subject Matter Expert on cross-functional projects across all aspects of the development lifecycle.
- Consistent exercise of independent judgment and discretion in matters of significance and sensitivity.
- Navigate and effectively influence a large, complex organization of product managers, program managers, and engineers in an agile development environment
- Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
- Other duties and responsibilities as assigned.
Education Level: Bachelors Degree or Equivalent
Field of Study: Engineering, Computer Science
Years of Experience: Generally requires 7-11 years related experience
- Experience designing, implementing, and/or managing data and voice products at scale in a telecommunications provider infrastructure
- Cloud security architecture knowledge and expertise
- Experience designing security architectures in a SOC2 and PCI compliance environment
Comcast is an EOE/Veterans/Disabled/LGBT employer