Comcast Cybersecurity: Principal Security Architect
PA - Philadelphia, 1800 Arch St
Comcast
Comcast NBCUniversal creates incredible technology and entertainment that connects millions of people to the moments and experiences that matter most.Job Summary
The ideal candidate will be familiar with Threat Model assessment techniques (Stride, Dread) as well as disciplines such as Architecture and the Software Development Lifecycle (SDLC). Familiarity with Red Team activities such as penetration testing, vulnerability scanning, vulnerability remediation and cloud environments.Job Description
Responsibilities
Executes on Threat Modeling Assessment program.
Perform threat modeling to identify use cases, threat agents, attack vectors and patterns, design patterns, and compensating controls needed to mitigate risk.
Acts as a Cyber Resilience champion of the Threat Modeling Assessment program.
Participate in SDLC process and architecture approval routines related to cyber threat modeling.
Creates and delivers reports that capture identified risks, controls, assets, trust zones and enhancement requirements.
Partners with stakeholders on Threat Modeling Assessment Issues to create action plans identified during fieldwork.
Ability to concurrently perform multiple Threat Modeling engagements.
Determines alignment of Cyber Resilience controls in practice with those from authoritative sources such as OWASP, NIST SP 800-53 and ISO 27002 to provide holistic insight into current capabilities and risk themes as well as best practices.
Understands the impact of cyber risks as it relates to both firm and industry wide impacts to technical and security dependencies and single points of failure to enhance mitigation activities.
Educates and provides subject matter expertise to support the business on cyber hygiene activities and enhancements based on business related impacts.
Qualifications and Skills
Certified Information Systems Security Professional (CISSP)
Deep understanding of software architecture and security architectural elements as they relate to risks and controls. Ability to accurately capture and enhance architectural diagrams.
10+ years of direct work experience with elements of security architecture and cyber threats.
Working knowledge of business and cyber risk management process and controls, industry practices, and frameworks (e.g., NIST 800-53, ISO 27000 family).
Broad knowledge of cloud technologies (Related certifications a plus).
Detail oriented, with proven ability to question the status quo and apply resilience activities to enhance capabilities, as appropriate.
Strong organizational skills, with proven ability to successfully manage multiple, concurrent priorities and team members as the program is built out.
Ability to communicate and work effectively in a matrixed environment and across various organizational levels, where flexibility, collaboration, and adaptability are important at all levels.
Strong analytical skills and attention to detail.
Able to communicate technical issues to a non-technical executive audience.
Maintain a business cyber threat mindset to understand underlying risks and weaknesses to properly assist in mitigation and enhancement activities.
Strong desire to continually deliver a quality and meaningful work product in a timely and efficient manner.
BA/BS in Computer Engineering, Computer Science, Information Systems, Cyber Security, Business Administration, or demonstrated relevant industry background and/or military experience.
Nice to Have Certifications:
CCSP Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Microsoft Certified: Cybersecurity Architect Expert (MS SC-100 Exam), Certified Network Defense Architect (CNDA), CREST Registered Technical Security Architect (CRTSA), Global Information Assurance Certifications Defensible Security Architect (GDSA from GIAC) certifications preferred.
About Our Perks & Benefits:
We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.
Here's a look at just some of the perks and benefits we make available to our US-based employees:
- Medical & Dental
- 401(k) Savings Plan
- Generous paid time off
- Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
- Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
- Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.
Learn more at jobs.comcast.com/life-at-comcast/benefits
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.
Disclaimer:
*This position is unable to provide work authorization sponsorship or immigration support now or in the future.*
- This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
Skills
Enterprise Architecture Framework, Information Security, Software ArchitecturesWe believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.
Please visit the benefits summary on our careers site for more details.
Education
Bachelor's DegreeWhile possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.Certifications (if applicable)
Relative Work Experience
10 Years +Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCSP CISA CISSP Cloud Computer Science CREST GIAC ISO 27000 ISO 27002 NIST NIST 800-53 OWASP Pentesting Red team Risk management SDLC
Perks/benefits: Career development Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.