Security Engineer - Corporate IT

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

As a Security Engineer, you will be responsible for providing technical solutions to security and privacy problems for Comcast’s corporate applications, assets and its businesses. You will work with teams in GRC and privacy compliance efforts and collaborate with the Cyber Security team. In this role, you will troubleshoot operational issues, implement new and existing security products and services and provide overall upkeep and maintenance of security initiatives.

The Security Engineer should have a general understanding of Security and Privacy controls across multiple industry frameworks, as well as a familiarity with security industry standards and best practices. In this role, candidates will assist internal teams with all aspects of IT security and compliance activities (e.g., access management, security configurations, endpoint protection, vulnerability management, Technology Continuity Plans). Candidates are responsible for ensuring Business Units secure enterprise systems, data, and resources from unauthorized access, corruption, use, disclosure, and interruption. This role provides hands on assistance to employees and internal teams and closely aligns to business objectives in driving the maturity of the organization’s security posture. The position is highly collaborative across both technical and non-technical businesses and teams and requires strong communication and relationship building skills.

Job Description

About The Team:
Comcast is establishing a team that provides outstanding IT support and application experiences for Comcast Corporate, which includes Administration, Aviation, Finance, Communications, DE&I and Community Outreach. It also includes Spectacor and its businesses; Sports and Entertainment (Wells Fargo Center, Philadelphia Flyers, Philadelphia Wings), and Gaming. This multifaceted, forward-thinking team works to deliver the business outcomes that Comcast’s executive leadership envision through technology and innovation.

Core Responsibilities:

• Participates in the implementation of IT security and privacy controls aiming at protecting company assets.

• Performs regular risk analysis and assessments to proactively identify and assess potential items of risk and vulnerabilities throughout the company.

• Assists in troubleshooting and providing solutions to security operations and compliance activities, including application management, vulnerability mitigation, incident response and risk assessments.

• Provides expert level consulting on security controls and risk mitigation initiatives.

• Performs controls analysis to drive compliance and advance security posture.

• Works with key collaborators and process owners to document requirements and drive control implementation activities.

• Assists with internal audit security program coordination and remediation.

• Compiles metrics and trends for information security to assist in reviews of current processes and identify awareness needs.

• Develops consistent processes to improve efficiency and automation of tasks, reports, and other requests.

• Provides Subject Matter Expertise across all aspects of IT Security including assessing risk, evaluating technical controls/operations, and partnering with engagement teams to identify and evaluate issues.

• Provides expertise to less technical engagement teams and helps with understanding and executing upon technical concepts, policies, standards, and guidelines.

• Other duties & responsibilities as assigned

Skills and Abilities/How you Deliver

• Knowledge of Secure Software Development Lifecycle methodologies, Threat Model and Secure Design concepts.

• Experience troubleshooting technical and non-technical operational issues with assets and applications.

• Understanding of OWASP Top 10, Comcast Cyber-Security Policies and Standards and Vendor management.

• Knowledge of Cloud and On-Prem Infrastructure and a wide range of operating systems and analysis tools/ software.

• Stays current on relevant business risks (e.g., current events, audit trends, emerging technologies, cyber security, etc.).

• Process and procedure knowledge of governance, compliance, privacy regulations, risk management, and audit control.

• Familiarity with cybersecurity frameworks such as NIST, ISO 27001, and SOC2.

• Must have strong verbal and written communication skills with an ability to develop a strong rapport across a variety of technical and non-technical teams.

• Experience working with data to analyze and provide insights for compliance reporting, remediation, and awareness.

• Delivers high-level consultation, facilitation, and analytical support on control-related issues to ensure internal controls are accurately aligned and implemented.

• Shows flexibility in prioritizing and completing tasks or stepping in to support execution, as appropriate.

• Exhibits willingness to tackle new areas and challenging topics.

• Demonstrates the ability to work in a complex, dynamic, and fast-paced environment.

• Acts in accordance with stated company policies and practices and maintains the highest degree of integrity in all activities and interactions.

Disclaimer:

• This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.

Please visit the benefits summary on our careers site for more details.

Education

Bachelor's Degree: Management Information Systems

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Certifications (if applicable)

Security+, CC, SSCP, CGRC, GSEC, CISM, CISSP - Security+, CC, SSCP, CGRC, GSEC, CISM, CISSP

Relative Work Experience

2-5 Years

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.