Comcast Cybersecurity: Engineer 4, Network Engineering - Security

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

At Comcast, ‘The Customer Experience’ is our first priority. The Senior Network Security Engineer, is an IT Professional, responsible for the design, engineering, implementation, advanced operations, and maintenance, of the company’s security solutions. This opportunity will have a strong focus in VPN & Wireless Connectivity currently specific to the Aruba product family, and competitive product knowledge is preferred (e.g., Fortinet, Juniper, Cisco, f5, etc.). Advanced knowledge of Aruba Controllers, APs, RAPs, Management Platforms, ClearPass, Guest, Mobility Master and Activate will be core responsibilities. Future aspects of the position will include intrusion detection and intrusion prevention postures and threat analysis for the same platform. Must be able to understand Comcast’s various business entities and provide sound knowledge of security techniques, latest protocols and defenses against new threats, viruses and other attacks. The ideal candidate would possess a thorough understanding and knowledge of the network, operating systems, network equipment and networking protocols. The position will also be responsible for analyzing and troubleshooting performance issues, maintaining documentation, and mentoring other team members. The selected candidate would be working as part of a dynamic and fast paced team!


Additional info about the role:

This role entails the comprehensive design and implementation of networking solutions for new Xfinity stores. Our team is responsible for the complete software design and configuration process using Aruba technologies. As part of our cybersecurity branch, we specialize in Aruba network access control, SDWAN management, and currently operate a unified security stack. We seek candidates with experience in other networking technologies, such as Cisco, to bring diverse expertise to our team.

Job Description

Responsibilities:

• Provide Engineering technical design, operations and support of the companies Aruba platform
• Direct responsibility for Architecting/Engineering and Operationalizing - Comcast Branch Office Connectivity
• Proactively analyze and recommend ways to optimize and utilize Comcast’s Aruba investment
• Report issues to HPE-Aruba TAC and Product Engineering organizations.
• Escalate where appropriate
• Collaboration in the development of mobility solutions; building test beds; conducting verification & validation testing; developing performance benchmarks
• Actively seek to educate and expand the Aruba technical expertise through informal workshops, coaching sessions, design reviews, and documentation for customer use
• Integrate as part and be accepted as part of the customer engineering and operations team
• Quickly assess and analyze pertinent data points in order to focus getting to root cause on customer issues with HPE-Aruba products
• Continuously educate and expand the technical expertise of the customer
• Operate inter-dependently with a diverse realm of personnel to draw expertise in problem-solving
• Maintain a sense of mission and focus on results that bring value to the customer
• Direct responsibility for Architecting/Engineering and Operationalizing Comcast Branch Office Connectivity.
• Administrate and build the Aruba BOC Xfinity Stores around 400+ and 10 Hub locations.
• Deploying Network Access Control (NAC) in Aruba Clearpass.

Qualifications:

• Minimum of Five (5) years practical hands on WLAN and 802.1x experience and expertise required.
• Ability to design, deploy and troubleshoot IP and wireless networks, which includes enterprise IP networking, IP network security, authentication, certificates, remote access, network access controls, and IP network management, required.
• Experience in trouble isolation and remediation at layers 1-4 (IP, MAC, RF, and some application level) required.
• Experience and understanding of LAN/WAN architectures and designs; mobile networking, and cloud networking, required.
• Experience with Aruba controllers, APs, Clearpass Policy Manager supporting role based access and NAC
• Good communications skills, both oral and written required.
• Experience working in customer technical support roles; assessing and triage of troubles, managing trouble tickets, and trouble resolution, required.
• Experience in addressing multi-variable trouble environments required.
• Methodical approach to trouble resolution required.
• Ability to accommodate non-standard work schedule required.
• Ability to integrate as part as part of the engineering and operations team required.
• Ability to quickly assess and analyze pertinent data points in order to focus getting to root cause on internal issues with HPE-Aruba products required.
• Ability to continuously educate and expand the technical expertise of the customer required.
• Ability to operate inter-dependently with a diverse realm of personnel to draw expertise in problem-solving required.
• Ability to maintain a sense of mission and focus on results that bring value to the customer required.
• Ability to attain Aruba certifications (ACMA, AWMP, ACCP, ACMP, ACCX), required.
• Codes and programs enhancements, updates, and changes for portions and subsystems of systems software, including operating systems, compliers, networking, utilities, databases, and Internet-related tools
• Executes established test plans and protocols for assigned portions of code; identifies, logs, and debugs assigned issues while opening feature requests.
• Develop partners to deliver reliable, cost effective and high quality solutions for low to moderately- complex products.

Skills:

• Experience with ISP, Telephony or Broadband/Narrowband transmission or transport infrastructure
• Large-scale network or systems administration experience administering carrier class based applications or network elements installed on physical and virtual platforms
• Strong working and practical knowledge of TCP/IP and UDP/IP networking.
• Experience with the following SSL, HTTPS, PGP, AES, DES, SSH, SCP, Kerberos, IPSEC, PKI
• Excellent understanding of the Internet protocol version 4 and 6 suite, e.g. Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow and POP3
• Experience with managing and hardening IOS/OS installation, configuration and backup and restoration, including development and management of workflows and operating standards, including design reviews, certification, production acceptance and testing for system commissioning
• Policy creation and rule design and updates for the administration security control systems
• Experience with development and regular preparation of management status and key metrics reports
• Should be comfortable with conducting complete system and application reviews and specifying security review guidelines
• Should be comfortable with developing and conducting security resilience testing and stress testing
• Should have strong process and procedure ownership experience for audit and control systems
• Broad technical background including enterprise networking, next generation firewalls, stateless inspection, deep packet inspection, signature and signature less detection, encryption, log aggregation and correlation, security data analytics, , change management, and performance and capacity management
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity
• Must be able to support on-call, escalation and high-paced/ fast tempo operating environments
• The successful applicant will also have good communication skills, be self-motivated, organized, capable of working independently, and possess solid decision making and project management skills.

Key Technologies:

1. Networking Technologies:

• Aruba: Controllers, APs, Clearpass Policy Manager, RAPs, Mobility Master.
• Cisco: Routers, Switches, Firewalls, VPNs.
• SDWAN: Management and implementation.
• TCP/IP and UDP/IP: Networking protocols.
• Routing Protocols: BGP, EIGRP.
• High Availability: HSRP, VRRP

2. Security Technologies:

• Firewalls: Cisco ASA, Checkpoint, Fortinet, Juniper SRX, F5 ASM.
• Encryption Technologies: SSL, HTTPS, PGP, AES, DES, SSH, SCP, Kerberos, IPSEC, PKI.
• Network Access Control: Aruba Clearpass.
• Intrusion Detection and Prevention: Systems and threat analysis.

3. Monitoring and Management Tools:

• Log Servers: Syslog, Splunk, Qradar.
• Network Monitoring: HP NNMi, Spectrum, Tivoli.

Skills

Network Engineering, Network Operations, Network Security

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.

Please visit the benefits summary on our careers site for more details.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Certifications (if applicable)

Relative Work Experience

7-10 Years

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.