Comcast’s Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.

Position Summary: As a Security Engineer, you will join a dedicated, professional team responsible for network security in the Comcast network. The Security Engineer 2 position is responsible for the configuration, deployment and support of network security and engineering systems including firewalls, VPN’s, router ACL’S, Cloud Service gateways, and supporting tools. Responsibility includes monitoring performance, operation, enhancement and fault events and performing the appropriate response to adequately close or escalate the events to completion. In addition, will perform security systems configurations, upgrades and troubleshooting changes per approved change requests and/or Operations tickets for security tools (i.e., firewalls, routers, Intrusion Detection/Prevention Systems, etc.). During a critical security connectivity event, this position will be authorized to make customized changes to the various security tools or system configurations to minimize the immediate impact to the business.

Major Duties:

Minimum Qualifications: Education:A bachelor degree or equivalent years of experience, in Networking, Network Security, Computer Science, or related field. Preferred: Network and/or security certifications such as SANS GIAC, Security+, SSCP or other security certifications, CCNA Desired: CISSP

Knowledge and Experience:

Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.

Desired Skills and Experience

  • Perform proactive maintenance, upgrades and enhancements in accordance with National Change Management procedures.
  • Implement and maintain security connectivity solutions including firewalls, IDS/IPS, VPN and SSL technology.
  • Contribute to the design, development and maintenance of the company’s network security environment, to ensure efficient and secure information flow.
  • Perform troubleshooting of network connectivity issues involving security products, firewall/ACL rules, complex routing and NAT rules.
  • Develop, execute and maintain security system fault management support procedures for assigned systems.
  • Perform configuration updates, such as modifying configurations, signature definitions or implementing new policies on various network security tools, as directed.
  • Assist with daily operating procedures and administration for assigned elements.
  • Develop and document network and network security topology diagrams.
  • Be able to leverage other network management tools used by the National Operations Centers or Local Management Centers in the identification and response to security connectivity incidents and faults.
  • Ensure timely proactive identification and reporting of security gaps and vulnerabilities to the critical business information, systems and network infrastructure.
  • Assist with security compliance audits to verify completeness of required configurations and verify system hardening.
  • Participate in the problem investigation connectivity incidents related to security devices, provide recommendations to improve reliability and availability, or reduce recovery time.
  • Week-long secondary on-call shifts approximately once every 2 months.
  • Other duties as assigned.
  • Working knowledge of networking technologies, including: IP Addressing, routing, switching, load balancing, DNS, DHCP, NAT rules
  • Knowledge of complex network operating environments
  • Knowledge of information security methodologies
  • Experience with system, security and network monitoring tools
  • Routing protocols including BGP and OSPF.
  • In-depth troubleshooting and strong analytic skills.
  • Minimum 3 to 5 years of experience in administration and operations of network and security gear (Juniper/Cisco routers and switches, Juniper/Checkpoint and/or Fortinet firewalls)
  • Minimum 3 to 5 years of experience administering Unix or Linux based applications (or) at least one year of experience administering Unix or Linux systems in secure environments.
  • Minimum of 3 to 5 years of experience with TCP/IP and UDP/IP protocols and networking packet analysis
  • Experience with firewall policy creation and rule updates, configuration and troubleshooting; firewall administration experience preferred.
  • Experience with Radius system administration, creating and modifying user and group access rights, TFA configurations, reporting and troubleshooting.
  • Must be familiar with trouble ticketing procedures and have strong written and verbal communication skills.
  • Experience with best practice change management procedures.
  • Proven analytical and problem solving ability.
  • Ability to work under pressure.
  • Comfortable with interfacing with other internal or external organizations regarding failure and incident response situations.