Desired Skills and Experience

  • Lead effort to mature cybersecurity of products and services by developing and implementing best security practices across the org.
  • Contribute to and/or lead threat modeling efforts against products, tools and enterprise applications that Comcast designs, builds and operates.
  • Create a risk assessment for all platforms across org then effectively communicate the security posture to upper management.
  • Risk rank security issues with product teams.
  • Inform management including business sponsors on security risks and should be able to translate security risks to business impact.
  • Work with many teams to support security technology through the product and enterprise lifecycle.
  • Define the use cases for solutions, design the solution to help with prototyping and development, and take solution through to launch and market.
  • Author requirements and user stories to include development, integration and operational detail necessary for security.
  • Ensures solutions are well engineered, operable, maintainable, and delivered on schedule.
  • Guide threat analysis, technology assurance and technical auditing
  • Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
  • Applies new and innovative ideas to old or new problems. Fosters environments that encourages innovation. Contributes to and supports effort to further build intellectual property via patents.
  • Support test, troubleshooting, and operational issues alignment with security designs and architectures.
  • Provide security advice on data security issues, compliance, and privacy requirements
  • Security and technical expertise in cloud technologies such as OpenStack, AWS, and Azure.
  • Support building a culture of security by educating others and advocating an open security posture.
  • Other duties and responsibilities as assigned.
  • Architected security for products, enterprise, information and other initiatives
  • Proficient at protocols and APIs
  • Proficient at the secure software development lifecycle and devops
  • Proficient at identity, authentication and authorization systems
  • Proficient at understanding cryptographic trust based systems
  • Cloud security knowledge
  • Data and database security
  • Authentication Methods: (Federation, SSO, OAUTH, etc.)
  • Coding experience preferred (Java, Python, C, C++)
  • IP Protcols: (IPv4, IPv6, TCP/UDP/ICMP)
  • Excellent written and verbal communication skills, interpersonal and collaborative skills
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Enjoys working in a demanding, and a very dynamic environment
  • Must have strong problem-solving skills, high level of personal integrity
  • Ability to manage multiple projects with strict timelines
  • Ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
  • 8+ years experience in security and technology based industry
  • 5+ years experience working with various security architectures
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Ethical Hacker (CEH)