Comcast Cybersecurity: Cyber Threat Hunter

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

Comcast delivers the most innovative and one of the largest ISP infrastructures in the world delivering connectivity to millions of customers from homes to Fortune 100 enterprises. Our team is responsible to scan this environment to identify risks at internet scale. We navigate massive data at scale, looking for hard to find signatures of new and evolving risks to Comcast's enterprise and the internet. Join this team to investigate data at massive scale to help shape the future of cybersecurity at internet scale.

Job Description Summary

This role will use open source research as well as acquired datasets to hunt for systemic risks at scale (e.g., botnets, CVE exploitation, ransomware networks). Then this role will partner with the appropriate teams across Comcast and the telco industry to identify remediation actions.
Do you dream of finding systemic threats to the internet at scale? Do you want to apply your knowledge of threat hunting to identify these risks and work to remediate them with Comcast's best and brightest cyber risk remediation teams? Then this is the role for you.

On any given day you will spend time parsing external threat feeds (both purchased and open source threat blogs from other research teams) and determining its applicability to our current analyses. With that intel you will work with threat researchers across other organizations to better understand the source of the threat, update analyses based on this understanding and ultimately work to create protection or remediation pathways based on this analysis and understanding.

On some days we will need to respond to industry emergencies (e.g., recent Salt Typhoon attacks). During these incidents you will spend a great deal of time coordinating with internal and external partners to discover these threats, identify indicators of compromise and communicate those with threat research and remediation partners.

Job Description

Responsibilities

• Work with cyber subject matter experts to create analysis goals 
• As appropriate create analysis hypotheses based on understood cyber threats 
• Work with partner teams to acquire data needed for current and future analyses
• Identify systemic data gaps including (but not limited to) network, authentication, endpoint and OSINT sources
• Prepare written analysis of findings and analysis steps (e.g., powerpoint, word) 
• Present findings to internal and external audiences, including when possible the impact of the discovered threat 
• Prepare written findings to allow further investigation, analysis, remediation by appropriate team (e.g., CSOC, Security Intelligence)  

Requirements:

• 10+ years of cybersecurity experience
• 3-5 years of experience identifying cyber threats with live datasets
• 3-5 years of experience identifying at scale cyber threats (e.g., botnets, ransomware campaigns)
• 2 years of experience reporting on cyber threats (e.g., conferences, open publications)
• Experience with Network threat hunting (e.g., SOCKs analysis, https header understanding)
• Experience in analytics platforms (Preferably Databricks or Snowflake)
• Experience with packet analysis tools such as wireshark
• Experience with technical briefings such as threat reports
• Understanding of cyber threat remediation techniques and processes such as SOC ticketing
• Understanding of Python or SQL

• Proven analytical and problem-solving ability
• Working experience analyzing cyber data (e.g., network, endpoint, authentication) with an understanding of their comprised technologies (e.g., SSO, DHCP lease cycles, network layers, IP v4/v6)
• Knowledge of complex network operating environments, including remotely hosted or cloud-based service offerings
• Experience with trouble ticketing procedures and have strong written and verbal communication skills 
• Ability to work under pressure and discretely describe discovered vulnerabilities 
• Comfortable with interfacing with other internal or external organizations 

Employees at all levels are expected to:

Understand our Operating Principles; make them the guidelines for how you do your job.
Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
Win as a team - make big things happen by working together and being open to new ideas.
Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
Drive results and growth.
Respect and promote inclusion & diversity.
Do what's right for each other, our customers, investors and our communities.

Disclaimer:

This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Skills

Communication, Cyber Threat Hunting, Data Analysis, Network Analytics

Compensation

This job can be performed in New Jersey with a Pay Range of $143,275.41 - $214,913.12

Comcast intends to offer the selected candidate base pay dependent on job-related, non-discriminatory factors such as experience. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work.    Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus.  Additionally, Comcast provides best-in-class Benefits to eligible employees.  We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most.  That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Certifications (if applicable)

Relevant Work Experience

10 Years +

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.