Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)
Job Summary
As a Security Engineer, you will join a dedicated, professional team responsible for product security of Comcast’s products and services. Collaborate with various cross-functional technology, product, experience, and security teams. Exercise engineering skills and methodologies. Apply long-term objectives and plans related to the Company's technical vision to daily activity. Apply innovative solutions for securing developmental problems that are competitive with industry and company standards. Integrate knowledge of business and functional priorities.
You will work in a supercharged, fast moving environment with some of the industry’s smartest application and platform teams who are responsible for creating products that deliver the digital experience to millions of our customers.
You will also work with the vulnerability remediation team to manage the burndown of the security vulnerabilities catalog, remediate high-risk security issues, and partner with and influence the engineering teams to correctly balance security risk with product advancement.
Job Description
Must Have Skills:
- 1-2 Vulnerability Management
- 1-2 years of cyber security
- Understanding Cybersecurity risk
What you will do
- Use security engineering skills and knowledge to solve complex development problems and achieve engineering goals.
- Apply secure system architecture, design and specification within engineering projects and initiatives.
- Communicate results of applied work processes and practical application of technical standards into actionable insight.
- Investigate new technologies and techniques and utilize resources to solve complex development problems
- Report on the progress of all technical projects towards the Company's engineering goals and strategies. Communicate feedback and analyses to stakeholders.
- Curate and risk rate vulnerability findings from multiple sources such as IDS, Scans, Public Reports, Assessment Teams, etc.
- Identify false positives and risk acceptance candidates, perform root cause analysis, confirm vulnerabilities and remediation solutions
- Assist with the burndown of remediation activities
- Document user stories and best practices for development of remediation strategies
- Prioritize and execute remediation actions
What success looks like
- Possess a strong passion for learning and adapting to new technologies
- Strive to achieve Company business objectives and engineering objectives in daily activity
- Consistent exercise of independent judgment and discretion in matters of significance
What you should possess
- Solid understanding of common security vulnerabilities and vulnerability management practices
- Exposure to cloud-native technologies
- Familiarity with development and programming including Agile development
- Understanding of hardware, embedded software, cloud, and application architectures to communicate technology requirements to related teams
- Ability to rapidly grasp new technologies and abstractions and apply them in a meaningful way
- Familiarity with data security and secure design concepts
- Passion for cybersecurity, an entrepreneurial spirit, persistence, and resourcefulness
- Discipline to handle confidential matters with appropriate sensitivity
- Ability to communicate complex concepts to technical and non-technical stakeholders
- Working knowledge of issue trackers (Jira, ServiceNow, etc)
- Experience with Vulnerability Scanning software (Qualys, DAST, Prisma Cloud, etc)
- Ability to engage development teams to develop remediation plans that align with development schedules.
- Lead detailed, technical conversations and document outcomes and decisions.
- Ability to proactively status issues and accomplishments
- Familiarity with the Threat Model Process
What you can expect
- A cool and casual work environment with chances to showcase your skills
- A culture of innovation and continuous learning
- Training, support, and mentoring to expand and evolve your expertise
- Opportunities to impact the security of Comcast products in millions of homes and businesses
What we require
- 2-4 years related experience
- Bachelor’s degree or equivalent, preferably in cybersecurity or computer science
- Experience with programming languages
- Experience in scripting languages like Python on the Linux platform
- AWS, ISC2, GIAC, EC-Council, or Offensive Security certification(s) preferred
Here's a look at just some of the perks and benefits we make available to our US-based employees:
- Medical & Dental
- 401(k) Savings Plan
- Generous paid time off
- Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
- Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.
- This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
- Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.
Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
Skills:
Security Risk; Cybersecurity; Vulnerability Remediation; Teamwork; Remediation; Product Security; Data Security
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.
Education
Bachelor's Degree
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Relevant Work Experience
2-5 Years