Comcast Sr. Security Engineer in Philadelphia, Pennsylvania
Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
At Comcast, The Customer Experience' is our first priority. The Senior Network Security Engineer, is an IT Professional, responsible for the design, engineering, implementation, advanced operations, and maintenance, of the company's security solutions. This opportunity will have a strong focus in VPN & Wireless Connectivity specific to the HPE/Aruba product family. Knowledge of Aruba Controllers, APs, RAPs, Management Platforms, ClearPass and Activate will be among the core responsibilities. Future aspects of the position can include intrusion detection and intrusion prevention postures, URL filtering and threat analysis for the same platform. The ideal candidate would possess a thorough understanding and knowledge of the network, operating systems, network equipment and networking protocols. The position will also be responsible for analyzing and troubleshooting performance issues, maintaining documentation, and mentoring other team members. The selected candidate would be working as part of a dynamic and fast paced team!
- Provide technical design, engineering and advanced support for the business and retail deployment of the Aruba platform (Clearpass, Controllers, APs, RAPs, etc )
- Provide regular analysis and recommendations supporting efficiency of the Aruba platform
- Provide quick assessment and analysis when troubleshooting issues related to HPE-Aruba platform and escalate to TAC and-Product Engineering organizations
- Actively seek to educate and expand the Aruba technical expertise through informal workshops, coaching sessions, design reviews, and documentation for consumer uses
- Operate inter-dependently with a diverse realm of personnel to draw expertise in problem-solving
- Experience with Aruba controllers, APs, Clearpass Policy Manager supporting role based access and NAC (Network Access Control)
- Ability to design, deploy and troubleshoot IP and wireless networks, which includes enterprise IP networking, IP network security, authentication, certificates, remote access, network access controls, and IP network management, required.
- Experience and understanding of LAN/WAN architectures and designs; mobile networking, and distributed VPN required.
- Minimum of Three (3) years practical hands on WLAN and 802.11 experience and expertise required.
- Ability to attain Aruba certifications (ACMA, AWMP, ACCP, ACMP, ACCX), required.
- Executes established test plans and protocols for assigned portions of code; identifies, logs, and debugs assigned issues while opening feature requests.
- Experience with ISP, Telephony or Broadband/Narrowband transmission or transport infrastructure
- Large-scale network or systems administration experience administering carrier class based applications or network elements installed on physical and non-physical platforms
- Strong working and practical knowledge of TCP/IP and UDP/IP networking.
- Experience with the following SSL, HTTPS, PGP, AES, DES, SSH, SCP, Kerberos, IPSEC, PKI
- Excellent understanding of the Internet protocol version 4 and 6 suite, e.g. Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow and POP3
- Experience with managing and hardening IOS/OS installation, configuration and backup and restoration, including development and management of workflows and operating standards, including design reviews, certification, production acceptance and testing for system commissioning
- Policy creation and rule design and updates for the administration security control systems
- Experience with development and regular preparation of management status and key metrics reports
- Should be comfortable with conducting complete system and application reviews and specifying security review guidelines
- Should be comfortable with developing and conducting security resilience testing and stress testing
- Should have strong process and procedure ownership experience for audit and control systems
- Broad technical background including enterprise networking, next generation firewalls, stateless inspection, deep packet inspection, signature and signature less detection, encryption, log aggregation and correlation, security data analytics, , change management, and performance and capacity management
- High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity
- Must be able to support on-call, escalation and high-paced/ fast tempo operating environments
- The successful applicant will also have good communication skills, be self-motivated, organized, capable of working independently, and possess solid decision making and project management skills.
- Experience in addressing multi-variable trouble environments required.
- Methodical approach to trouble resolution required.
- Ability to accommodate non-standard work schedule required.
- Ability to integrate as part as part of the engineering and operations team required.
- Ability to quickly assess and analyze pertinent data points in order to focus getting to root cause on internal issues with HPE-Aruba products required.
- Ability to continuously educate and expand the technical expertise of the customer required.
- Ability to operate inter-dependently with a diverse realm of personnel to draw expertise in problem-solving required.
- Ability to maintain a sense of mission and focus on results that bring value to the customer required.
Education Level: Bachelor's Degree
Field of Study: Information Sciences Technology, Cyber Security, Computer Engineering or Sciences
Certifications: Relevant cyber security certifications, such as CISSP, CISM and/or PMP are highly desired
Years of Experience: Generally requires 7 years related experience
Travel: Up to 20%, ability to travel within the Comcast geographic areas, primarily Philadelphia, PA and Moorestown, NJ
Comcast is an EOE/Veterans/Disabled/LGBT employer