Comcast Cybersecurity: Senior Program Manager - Security Compliance

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

Comcast’s Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.

Job Description

In this role 

The Program Manager – Security Compliance is responsible for managing and maintaining security compliance and assurance and is a key point of contact to the business for customer requests related to product security compliance. This role will be key in achieving compliance to relevant control frameworks such as ISO 27001, SOC1 & SOC2, CMMC etc. including internal policies and standards. You’ll work with a team of resources who provide advisory services and assistance to business areas to understand the scope of the products and services and determine/demonstrate compliance to the relevant security and control framework. 

 

What you will do 

• Keep abreast of regulatory guidelines e.g. SOC 2, ISO 27001, CMMC etc. and help develop the controls necessary for Comcast to meet those guidelines. 

• Drive controls assurance activities for monitoring compliance, conduct assurance testing and reporting of controls. Provide input and guidance to non-compliant areas and provide recommendations on remediation approaches. 

• Manage vendors to perform readiness assessments and annual audits/attestations for compliance to the relevant control frameworks. Define objectives, goals, and scope of assessments with key stakeholders and internal teams. Obtain management support and commitment for resources to support engagements. 

• Gather, maintain, and organize all required documentation for certification audits, ensuring accurate and up-to-date records. 

• Support business customer and legal requests related to security assurance. Help define and document security requirements/uplift needed to support new or changed products, or customer requirements. 

• Help develop business-relevant reports and metrics to drive remediation and compliance efforts across the Comcast footprint. 

• Contribute to Cyber Risk Management activities by providing input and guidance as necessary. 

• Generally, contribute to the security compliance program with input and recommendations and participate in key stakeholder meetings. 

• Become a subject matter expert on Comcast policies and standards. 

• Develop strong relationships with relevant Comcast control and business process owners. 

Must Have Skills:

• Strong understanding of security and industry compliance frameworks and standards including NIST, SOC 2, CMMC, etc.  

• Strong interpersonal, verbal presentation and written communication skills. 

• Demonstrate a proactive approach to engaging daily tasks and long-term projects. 

• Demonstrate strong organizational and time management skills.  

• Comfortable in an environment of rapid change and complexity. 

• Strong technical foundation in enterprise and systems security desired. 

 

What you can expect:

• A cool and casual work environment with chances to showcase your skills  

• A culture of innovation and continuous learning 

• Training, support, and mentoring to expand and evolve your expertise 

• Opportunities to impact the security of Comcast products in millions of homes and businesses 

What we require 

• Bachelor’s degree in Information Security, Information Technology or a related discipline, or the equivalent combination of education, technical training, or work/military experience 

• A relevant security or audit certification (e.g., CISSP, CISA, CISM, CRISC) is a plus. 

 

• ​

  ​​​About Our Perks & Benefits:

  We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.

Here's a look at just some of the perks and benefits we make available to our US-based employees:

• Medical & Dental
• 401(k) Savings Plan
• Generous paid time off
• Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
• Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.

• Learn more at jobs.comcast.com/life-at-comcast/benefits

  We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.

• This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

• Comcast is an EOE/Veterans/Disabled/LGBT employer.

• Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.

 

Skills

Controls Assurance, ISO 27000, IT Governance Risk and Compliance (GRC), NIST Standards

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.

Please visit the benefits summary on our careers site for more details.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Certifications (if applicable)

CISM - Certified Information Security Manager - The Information Systems Audit and Control Association, Inc., CISSP - Certified Information Systems Security Professional - (ISC)², Project Management Professional Certification (PMP) - Project Management Institute (PMI)

Relative Work Experience

7-10 Years

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.