Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You'll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)
Job Summary
As a Security Engineer, you will join a dedicated, professional team responsible for product security of Comcast's products and services. Collaborate with various cross-functional technology, product, experience, and security teams. Exercise engineering skills and methodologies. Apply long-term objectives and plans related to the Company's technical vision to daily activity. Apply innovative solutions for securing developmental problems that are competitive with industry and company standards. Integrate knowledge of business and functional priorities.
You will work in a supercharged, fast moving environment with some of the industry's smartest application and platform teams who are responsible for creating products that deliver the digital experience to millions of our customers.
You will also work with the vulnerability remediation team to manage the burndown of the security vulnerabilities catalog, remediate high-risk security issues, and partner with and influence the engineering teams to correctly balance security risk with product advancement.
Job Description
Must Have Skills:
1-2 Vulnerability Management
1-2 years of cyber security
Understanding Cybersecurity risk
What you will do
Use security engineering skills and knowledge to solve complex development problems and achieve engineering goals.
Apply secure system architecture, design and specification within engineering projects and initiatives.
Communicate results of applied work processes and practical application of technical standards into actionable insight.
Investigate new technologies and techniques and utilize resources to solve complex development problems
Report on the progress of all technical projects towards the Company's engineering goals and strategies. Communicate feedback and analyses to stakeholders.
Curate and risk rate vulnerability findings from multiple sources such as IDS, Scans, Public Reports, Assessment Teams, etc.
Identify false positives and risk acceptance candidates, perform root cause analysis, confirm vulnerabilities and remediation solutions
Assist with the burndown of remediation activities
Document user stories and best practices for development of remediation strategies
Prioritize and execute remediation actions
What success looks like
Possess a strong passion for learning and adapting to new technologies
Strive to achieve Company business objectives and engineering objectives in daily activity
Consistent exercise of independent judgment and discretion in matters of significance
What you should possess
Solid understanding of common security vulnerabilities and vulnerability management practices
Exposure to cloud-native technologies
Familiarity with development and programming including Agile development
Understanding of hardware, embedded software, cloud, and application architectures to communicate technology requirements to related teams
Ability to rapidly grasp new technologies and abstractions and apply them in a meaningful way
Familiarity with data security and secure design concepts
Passion for cybersecurity, an entrepreneurial spirit, persistence, andresourcefulness
Discipline to handle confidential matters with appropriate sensitivity
Ability to communicate complex concepts to technical and non-technical stakeholders
Working knowledge of issue trackers (Jira, ServiceNow, etc)
Experience with Vulnerability Scanning software (Qualys, DAST, Prisma Cloud, etc)
Ability to engage development teams to develop remediation plans that align with development schedules.
Lead detailed, technical conversations and document outcomes and decisions.
Ability to proactively status issues and accomplishments
Familiarity with the Threat Model Process
What you can expect
A cool and casual work environment with chances to showcase yourskills
A culture of innovation and continuouslearning
Training, support, and mentoring to expand and evolve yourexpertise
Opportunities to impact the security of Comcast products in millions of homes andbusinesses
What we require
2-4 years related experience
Bachelor's degree or equivalent, preferably in cybersecurity or computer science
Experiencewithprogramminglanguages
Experience in scripting languages like Python on the Linux platform
AWS, ISC2, GIAC, EC-Council, or Offensive Security certification(s) preferred
Here's a look at just some of the perks and benefits we make available to our US-based employees:
Medical & Dental
401(k) Savings Plan
Generous paid time off
Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.
This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.
Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality - to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.
Education
Bachelor's Degree
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
