Comcast Cybersecurity: IAM Senior Engineer

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

Responsible for how users within the company are given an identity - and how it is protected, including saving critical applications, data and systems from unauthorized access while managing the identities and access rights of people both inside and outside the organization. Responsible for contributing towards the Define, Build, Implement and Maintain processes to secure the organizations resources. These resources includes user identities, physical assets as well as the wide range of business applications that users use every day to access intellectual property or confidential information. Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards. Integrates knowledge of business and functional priorities. Acts as a key contributor in a complex and crucial environment. May lead teams or projects and shares expertise.

Job Description

Job Description: 

IAM Senior Developer for myComcastAccess team will partner with engineering team to develop secure, resilient, cost-effective, and scalable solutions on enterprise identity and access management platform across variety of use cases according to business needs. The Senior Developer works closely with Senior Engineers to support day to day engineering, maintenance, and support efforts for all identity and access management technology. The role serves as a subject matter expert in the areas of identity and management, privileged access management, and general information security best practices across all technology domains. 

 

What You’ll Do: 

• Responsible for roadmap design, architecture, planning and requirements to deliver and support a modern enterprise myComcastAccess IAM program based on industry standards, best practices, and guidelines for the cloud and across the enterprise. 
• Understand business stakeholder needs and design appropriate solutions that enhance the end customer experience 
• Partner with the IAM & Product engineering teams to set priorities for architecture and design for a best practice path of successful adoption and implementation across the enterprise 
• Partner with Comcast Cloud Platform in development of reference architectures and secure design patterns for IAM that will be leveraged by the enterprise 
• Review and assess implementation approach, potential risks etc. 
• Perform hands on work in upgrading the Radiant Logic Infrastructure, maintenance and development of Radiant Logic components.
• Perform hands on work in SailPoint tooling and have understanding of all aspects of SDLC.

Desired skills: 

• 8+ years demonstrated experience designing, architecting, implementing, operating, and maintaining Radiant Logic Virtual Directory Service (VDS) including both the Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS) components. 
• Demonstrated experience integrating data sources/applications into VDS, configuring VDS data access views and permissions, and correlating and synchronizing identities. 
• Install, configure, and maintain Radiant Logic's RadiantOne products. 
• Customize and optimize RadiantOne for specific business requirements and use cases. 
• Integrate RadiantOne with existing identity and access management systems, directories, databases, and applications Knowledge of protocols such as SCIM, SOAP, REST and APIs 
• Knowledge within building cloud infrastructure (VNET, compute, storage, set up) 
• Containerization expertise within cloud (AKS, Docker or alternate) 
• Experience with cloud marketplace/SaaS marketplace 
• Experience working with Azure/AWS DevOps or similar tools for tracking, developing, deploying software 
• Knowledge in Public Cloud Automation tooling, automation experience using configuration management tools such as Ansible. 
• Strong hands-on experience with industry standard SSO technologies and protocols (OAuth, OpenID Connect, FIDO, SCIM, LDAP, SAML) 
• Knowledge of LDAP and Active Directory services, MFA, Risk based authentication and privileged access management 
• Holistic view of IAM (Authentication and Authorization Data, Endpoint Security, Network Security, Policy Engine) 
• Technical expertise and experience with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and IDM integration across domains 
• Experimental mindset to drive innovation 
• Innovative thinking with a passion for problem-solving 
• Strong oral and written communication skills 
• Excellent communication and drive for customer experience 
• Good customer liaison skills across all organization levels 
• Works well under pressure and delivers quality solutions in a fast and compliant manner 

EDUCATION: 

• Required 8+ Years’ Bachelor's degree Computer Science, Computer Engineering, or a related technical discipline. 
• Preferred certifications: CISSP, CISM/CISA 

Skills

Active Directory (AD), Application Development, Automation Technology, Cloud Infrastructure, Cloud Platform, Containerization, Directory Services, Identity Access Management (IAM), Microsoft Entra ID (Azure Active Directory), Privileged Access Management (PAM), Security Compliance, Single Sign-On (SSO), Software as a Service (SaaS), Software Development Life Cycle (SDLC), Virtual Directory

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.

Please visit the benefits summary on our careers site for more details.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Certifications (if applicable)

Relative Work Experience

7-10 Years

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.