Sr. Cybersecurity Architect
Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
Comcast is seeking a Senior Security Architect to join its Security Architecture & Technology Solutions Group. The ideal candidate will possess a strong technical information and product security background with an emphasis on security architectures. This person will focus on reviewing, providing guidance and working with lead security architects to enhance the company's security engineering and architecture across many different customer facing products, applications, cloud, systems, endpoints, network and infrastructure as well as support our IT enterprise applications, network, endpoints and systems. The role will also collaborate with stakeholders across security and technology groups to support strengthening security. There will also be opportunities to work on security initiatives and other security related work.
This person, is able to think through individual customer facing products and internal information security for our enterprise. This person must have experience designing and reviewing security architectures and technology architectures. This person is able to identify and drive issues to closure. This individual must be a consensus builder, a team player and work within an open security posture environment.
Contribute to and/or lead various security architecture review efforts to ensure products include security into design, development and operations.
Contribute to and/or lead threat modeling efforts against products, tools and enterprise applications that Comcast designs, builds and operates.
Identify and document security issues.
Risk rank security issues with product and enterprise teams.
Stay current with security technologies, trends, vulnerabilities and threats.
Inform management including business sponsors on security risks and should be able to translate security risks to business impact.
Work with many teams to support security technology through the product and enterprise lifecycle.
Define the use cases for solutions, design the solution to help with prototyping and development, and take solution through to launch and market.
Author requirements and user stories to include development, integration and operational detail necessary for security.
Interfaces with many teams across the organization to ensure an efficient and effective security solution meets the business needs.
Ensures solutions are well engineered, operable, maintainable, and delivered on schedule.
Guide threat analysis, technology assurance and technical auditing
Works to and is an advocate to ensure compliance for security best practices including but not limited to the following coding standards, design, platform, cloud and network specific design concerns.
Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
Applies new and innovative ideas to old or new problems. Fosters environments that encourages innovation. Contributes to and supports effort to further build intellectual property via patents.
Review third party security technology across multiple platforms and products.
Support test, troubleshooting and operational issues alignment with security designs and architectures.
Provide security advice on data security issues, compliance, and privacy requirements such as PCI, CPNI, HIPAA, FCC Regulations, SOX, Subscriber PII, etc.
Security and technical expertise in cloud technologies such as OpenStack, AWS And Azure.
Possibly work with big data, metrics and data analytics tools to help manage large volumes of security reporting systems.
Support building a culture of security by educating others and advocating an open security posture.
Consistent exercise of independent judgment and discretion in matters of significance.
Other duties and responsibilities as assigned.
Architected security for products, enterprise, information and other initiatives
Proficient at protocols and APIs
Proficient at the secure software development lifecycle and devops
Proficient at identity, authentication and authorization systems
Proficient at understanding cryptographic trust based systems
Cloud security knowledge preferred
Data and database security
Federation, SSO, IDS, IPS, Host Based Firewall, VPN, Wi-Fi, Video, Internet, Voice, DNS, DHCP, HTTPS/TLS, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido
Knowledgeable in PCI, CPNI, HIPAA, ISO 27001, FCC Regulations, SOX, Subscriber PII, etc
Coding experience preferred but not required
Excellent written and verbal communication skills, interpersonal and collaborative skills
Poise and ability to act calmly and competently in high-pressure, high-stress situations
Enjoys working in a demanding, and a very dynamic environment
Good natured and positive with people
Security expertise in one or more relevant areas
Must have strong problem-solving skills
Ability to manage multiple projects with strict timelines
High level of personal integrity
Ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
High degree of initiative and be well organized
8 years experience in security and technology based industry
5 years experience working with various security architectures
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (
LPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), Other software development lifecycle certifications
- Bachelors Degree or Equivalent
Field of Study
- Engineering, Computer Science, CyberSecurity or related field
Comcast is an EOE/Veterans/Disabled/LGBT employer
Website : http://www.comcast.com
Comcast Corporation operates as a media and technology company worldwide. It operates through Cable Communications, Cable Networks, Broadcast Television, Filmed Entertainment, and Theme Parks segments. The Cable Communications segment offers video, high-speed Internet, and voice services to residential and business customers under the XFINITY brand name. This segment also provides business services, such as cellular backhaul services to mobile network operators; Ethernet network services; and online advertising services. The Cable Networks segment operates national cable networks, which provide entertainment, news and information, and sports content; regional sports and news networks; international channels; and cable television production operations, as well as owns digital media properties. The Broadcast Television segment operates NBC and Telemundo broadcast networks, NBC and Telemundo owned local broadcast television stations, and broadcast television production operations, as well as owns digital media properties. The Filmed Entertainment segment produces, acquires, markets, and distributes live-action and animated filmed entertainment under the Universal Pictures, Focus Features, and Illumination names. This segment also develops, produces, and licenses stage plays, as well as owns digital media properties. The Theme Parks segment operates theme parks; studios; Island of adventures; and a dining, retail, and entertainment complex. Comcast Corporation was founded in 1963 and is headquartered in Philadelphia, Pennsylvania.