Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer .We work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
Summary:
Comcast is seeking a Principle Engineer (level 5) to lead Cybersecurity transformation of platforms and services in Network Services Engineering team. The role provides candidate broad exposure and opportunity to up level the Cybersecurity maturity of multiple lines of business and next generation platforms utilized for providing high-speed Internet services. First and foremost an ideal candidate must demonstrate high degree of self-initiative and adaptability to lead multiple security work streams in a fast-paced environment. The ideal candidate must possess strong technical background in security threat/risk management, background in secure software development, implementing security best practices in enterprise environments (including Cloud security), and background in assessing/implementing security products such as UTMs. Candidate will champion effort to help developers and engineers enhance the company's security engineering and architecture across facing products, applications, cloud, systems, endpoints, network and infrastructure. Candidate will also partner with Comcast's engineer teams to review security features, assess network designs and recommend configurations for security products being deployed for Residential and SMB customers. Lastly, the candidate is required to collaborate with stakeholders in peer security and technology groups to strengthen overall security posture.
Core Responsibilities:
Leads and or facilitate architecture reviews to ensure platforms and services include security into design, development and operational processes
Leads the adoption of DevSecOps principles across all teams that own and operate platforms and services
Develops GRC model to assess the security risks, compliance gaps and quantify overall security posture of platforms and services
Identifies, documents and recommends best practices/solutions to secure applications, data bases and network including SDN/NFV technologies
Works with teams to support security technology through the product and enterprise lifecycle
Develops and drives adoption of security automation and orchestration solutions
Stays current with security technologies, trends, vulnerabilities and threats
Participates in Code Review processes for critical application
Interfaces with teams across the organization to ensure an efficient and effective security solution meets engineering/business needs
Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
Reviews security technologies across multiple platforms and products
Supports test, troubleshooting and operational issues alignment with security designs and architectures
Designs, configures and or implements UTM/IDS/IPS/Firewalls solutions
Supports building a culture of security by educating others and advocating an open security posture
Consistently exercises best judgment and discretion in matters of significance
Other duties and responsibilities as assigned
Skills:
Experience in the area of Cybersecurity
Eexperience with operating systems, Product/Application/Software Development, DevOps, and or Networking
Strong understanding of malware/botnets communication and infrastructure and respective exploit vectors/techniques
Hands on experience with Linux/Unix and optionally Windows
Proficient in DevOps and Agile Software Development Life Cycles
Familiarity with secure software development best practices
Familiarity with Penetration and Vulnerability scanning
Familiarity with Static Code Analysis, Code review and Threat Modeling
Cloud security knowledge in AWS, Openstack, and or VMWare
Familiarity with performance vulnerability testing, risk analysis and security assessments
Experience with investigating security incidents, conducting forensic investigations and developing incident responses
Familiarity with Authentication, Authorization, Access, Identity and Encryption frameworks
Understanding of various security frameworks/protocols such as: Federation/SSO, IDS, IPS, Host Based Firewall, VPN, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido, HTTPS/TLS, etc
Solid understanding of the OSI model and IP Protcols (IPv4, IPv6, TCP/UDP/ICMP)
Understands DNS/DHCP
Proficient at protocols and APIs (REST)
Familiarity with CI/CD tools
Experience with securing Databases/Big Data platforms: MySQL, Cassandra, Mongo, Elastic, Hadoop/HDFS, etc
Experience with Messaging/Streaming Platforms such as Kafka, RabitMQ, etc
Experience with UTM solutions including Firewall and IDS/IPS
Coding experience preferred but not required in Java, Python, and or Scala
Excellent written and verbal communication skills, interpersonal and collaborative skills
Must have strong problem-solving and analytical skills
High degree of initiative and be well organized
Ability to manage multiple projects with strict timelines
High level of personal integrity
Enjoys working in a demanding and dynamic environment
Ability to professionally handle confidential matters, show appropriate level of judgment and maturity
Certifications
Certification Preferred but not required in one or more of the following: CISSP, LPT, CEH, GIAC or CSSLP
Job Specification:
- Bachelors Degree or Equivalent
- Engineering, Computer Science
- Generally requires 7-11 years related experience
Comcast is an EOE/Veterans/Disabled/LGBT employer
by via developer jobs - Stack Overflow
No comments:
Post a Comment