Security Engineer 2

Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.

Job Summary

"Responsible for contributing towards the build and maintenance of the organization's cyber security systems and infrastructure. Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards. Conducts security assessments and audits to identify cybersecurity risks within the company's networks, applications and operating systems. Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting. Tests company's internal systems to validate security and detect any computer and information security weaknesses. Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report. Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources. Applies long-term objectives and plans related to the company's technical vision to daily activity. Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards. Works with moderate guidance in own area of knowledge.Employees at all levels are expect to:- Understand our Operating Principles; make them the guidelines for how you do your job- Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services- Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences- Win as a team - make big things happen by working together and being open to new ideas- Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers- Drive results and growth- Respect and promote inclusion and diversity- Do what's right for each other, our customers, investors and our communities"

Job Description

What You Will Bring:

 - Good to have basic security experience in any domain 
- Must have knowledge of JSON or YAML languages.
- Sufficient experience in building Cloud fundamental services in GCP/Azure cloud. (Cloud compute, Azure Functions, IAM, etc)
- Good to have hands-on experience working in GCP/Azure security native tools (Azure Key Vault, IAM, Azure WAF, Azure DDOS protection Secure command center)
- Must have knowledge in security Compliance and standards(CIS, ISO-27001 , NIST).
- Good to have experience in third-party Security tools such as Prisma, Wiz, and TrendMicro.
- Must have good communication and collaboration with cross-functional teams for managing the observation remediation.

- Must have a core understanding of  Cloud developments and implementation for Fundamental services (Google Compute, Azure virtual machines, WAF, IAM)
- Must have good hands-on experience in Cloud native/3rd party security services (Palo Alto Prisma, WIZ, GCP Secure command canter, GCP Armor, Azure sentinel, DDOS protection)
- Must have good experience in developing a secure architecture by design cloud.
- Good to have experience in code development (Python, scripting, Terraform, Cloud formation, Ansible playbooks)
- Must have good knowledge in all end to end Cloud services for defining security best practices.
- Must have experiences in CSPM, CIEM security toolings
- Must have experience in implementing Security policies in Posture management tools.
- Must have knowledge in JSON or YAML to construct a IAC or to identify the misconfigurations in the IAC.
- Should have a good knowledge in security standards and best pratices (NIST, ISO, CIS,GDPR)
- Good to have communication and collaboration with cross fucntional team for managing the observations and remediation

 

1.     Extensive Cloud Security Engineering Experience: You possess a minimum of 5 years of hands-on experience in cloud security, specifically working with AWS, GCP, and Azure. Your in-depth knowledge of cloud architecture, networking, and security best practices allows you to design and implement robust security solutions.

2.     Technical Proficiency: You are proficient in a wide range of cloud security tools, technologies, and services, such as AWS Security Services (e.g., IAM, VPC, WAF, GuardDuty), GCP Security Services (e.g., Identity Platform, Cloud Security Command Center), and Azure Security Services (e.g., Azure Active Directory, Azure Security Center). Your expertise extends to cloud-native security controls, threat detection, incident response, and vulnerability management.

3.     Strong Security Mindset: You possess a deep understanding of security principles and frameworks, such as CIS Benchmarks, NIST, and ISO 27001. You have experience implementing security controls and conducting security audits and assessments to ensure compliance with industry standards and regulations.

4.     Analytical and Problem-Solving Skills: You have a strong analytical mindset with the ability to assess complex security risks and develop effective mitigation strategies. You can identify vulnerabilities, conduct security assessments, and provide recommendations for improving the overall security posture of our cloud environments.

What You Will Do:

1. Secure Cloud Architecture: Collaborate with cross-functional teams to design and build secure cloud architecture, ensuring the confidentiality, integrity, and availability of our cloud-based systems. Implement robust security controls and configurations across AWS, GCP, and Azure environments, following industry best practices and standards.

2. Security Tooling and Automation: Evaluate, select, and implement appropriate security tools and technologies to enhance cloud security. Develop and maintain automation scripts, templates, and playbooks for security operations, ensuring efficient and scalable security processes.

3. Security Architecture Review: Review and assess the security architecture of cloud-based applications and services. Collaborate with development teams to provide security recommendations and assist in the implementation of secure coding practices and security controls.

4. Security Documentation and Compliance: Develop and maintain security documentation, including security policies, standards, procedures, and guidelines specific to cloud environments. Stay updated with relevant compliance requirements and assist in compliance audits to ensure adherence to regulatory and industry standards.

5. Security Testing and Validation: Plan and execute security testing activities, including vulnerability assessments, penetration testing, and security code reviews, to identify and remediate security vulnerabilities in cloud environments. Validate the effectiveness of security controls and ensure compliance with security policies and standards.

6. Security Awareness and Training: Collaborate with teams across the organization to promote a culture of security awareness. Develop and deliver training sessions and educational materials to enhance the understanding of cloud security best practices and ensure proper security hygiene among technical teams.

7. Threat Modeling and Risk Assessment: Conduct threat modeling exercises to identify potential security risks and vulnerabilities in cloud infrastructure. Perform risk assessments and provide recommendations for mitigating risks and enhancing the overall security posture of the cloud environment.

8. Security Incident Response: Contribute to the development and improvement of incident response plans and playbooks for cloud security incidents. Participate in incident response activities, including investigations, containment, eradication, and recovery, to minimize the impact of security incidents.

9. Collaboration and Stakeholder Management: Work closely with cross-functional teams, such as infrastructure, development, and operations, to provide guidance and support on cloud security matters. Collaborate with stakeholders to address security requirements, provide technical expertise, and ensure security is integrated into the development and deployment processes.

This position offers an exciting opportunity to make a significant impact in a rapidly evolving cloud security landscape. If you are a proactive and knowledgeable Cloud Security Expert with a passion for protecting cloud infrastructure, we invite you to join our team and contribute to our ongoing success.

Please submit your resume and cover letter detailing your relevant experience and accomplishments to be considered for this role.

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.

Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Relevant Work Experience

2-5 Years

---