Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
Summary
Comcast is seeking a Security Architect to join its Security Architecture & Technology Solutions Group. The ideal candidate will possess a strong technical information and product security background with an emphasis on security architectures. This person will focus on reviewing, providing guidance and working with lead security architects to enhance the company's security engineering and architecture across many different customer facing products, applications, cloud, systems, endpoints, network and infrastructure as well as support our IT enterprise applications, network, endpoints and systems. The role will also collaborate with stakeholders across security and technology groups to support strengthening security. There will also be opportunities to work on security initiatives and other security related work.
This person, is able to think through individual customer facing products and internal information security for our enterprise. This person must have experience designing and reviewing security architectures and technology architectures. This person is able to identify and drive issues to closure. This individual must be a consensus builder, a team player and work within an open security posture environment.
Core Responsibilities
- Contribute to and/or lead various security architecture review efforts to ensure products include security into design, development and operations.
- Contribute to and/or lead threat modeling efforts against products, tools and enterprise applications that Comcast designs, builds and operates.
- Identify and document security issues.
- Risk rank security issues with product and enterprise teams.
- Stay current with security technologies, trends, vulnerabilities and threats.
- Inform management including business sponsors on security risks and should be able to translate security risks to business impact.
- Work with many teams to support security technology through the product and enterprise lifecycle.
- Interfaces with many teams across the organization to ensure an efficient and effective security solution meets the business needs.
- Guide threat analysis, technology assurance and technical auditing
- Works to and is an advocate to ensure compliance for security best practices including but not limited to the following- coding standards, design, platform, cloud and network specific design concerns.
- Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
- Review third party security technology across multiple platforms and products.
- Provide security advice on data security issues, compliance, and privacy requirements such as PCI, CPNI, HIPAA, FCC Regulations, SOX, Subscriber PII, etc.
- Security and technical expertise in cloud technologies such as OpenStack, AWS And Azure.
- Support building a culture of security by educating others and advocating an open security posture.
- Other duties and responsibilities as assigned.
Skills
- Architected security for products, enterprise, information and other initiatives
- Proficient at the secure software development lifecycle and devops
- Proficient at identity, authentication and authorization systems
- Good understanding of cryptographic trust based systems
- Cloud security knowledge preferred
- Data and database security
- Federation, SSO, IDS, IPS, Host Based Firewall, VPN, Wi-Fi, Video, Internet, Voice, DNS, DHCP, HTTPS/TLS, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido knowledge prefered
- Knowledgeable in PCI, CPNI, HIPAA, ISO 27001, FCC Regulations, SOX, Subscriber PII, etc
- Coding experience preferred but not required
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Poise and ability to act calmly and competently in high-pressure, high-stress situations
- Enjoys working in a demanding, and a very dynamic environment
- Good natured and positive with people
- Security expertise in one or more relevant areas
- Must have strong problem-solving skills
- Ability to manage multiple projects with strict timelines
- High level of personal integrity
- Ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- High degree of initiative and be well organized
Experience
- 4+ years experience in security and technology based industry
- 2+ years experience working with various security architectures
Certifications
Following certifications are a plus- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (LPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), Other software development lifecycle certifications
Education Level
- Bachelors Degree or Equivalent
Field of Study
- Engineering, Computer Science, CyberSecurity or related field
Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.
by via developer jobs - Stack Overflow
No comments:
Post a Comment