Comcast is seeking a Principal Security Architect to join its Comcast Technology Solutions Group. The ideal candidate will possess a strong technical information and product security background with an emphasis on security architectures, as well as a strong ability to communicate and interact with both engineers and executives. This person will focus on reviewing, providing guidance and working with lead security architects to enhance the company's security engineering and architecture across many different customer facing products, applications, cloud, systems, endpoints, network and infrastructure. The role will also collaborate with stakeholders across security and technology groups to support strengthening security. There will also be opportunities to work on security initiatives and other security related work.
This person, is able to think through individual customer facing products and internal information security for our enterprise. This person must have experience designing and reviewing security architectures and technology architectures. This person is able to identify and drive issues to closure. This individual must be a consensus builder, a team player and work within an open security posture environment.
* Responsible for managing and overseeing security initiatives within Comcast Technology Solutions (CTS).
* Support building a culture of security by educating others and advocating an open security posture.
* Cooperate closely with CTS' Business Information Security Officer (BISO) and the enterprise Cybersecurity organization to identify and resolve security concerns within CTS.
* Interface with designated security leads in each of CTS' business units to help prioritize and escalate awareness of issues.
* Participate in Comcast's enterprise Security Guild and oversee CTS' Security Guild.
* Communicate to teams and executives regarding CTS Security incidents, vulnerabilities, mitigations and resolutions.
* Contribute to and/or lead various security architecture review efforts to ensure products include security into design, development and operations.
* Contribute to and/or lead threat modeling efforts against products, tools and enterprise applications that Comcast designs, builds and operates.
* Identify and document security issues.
* Risk rank security issues with product and enterprise teams.
* Stay current with security technologies, trends, vulnerabilities and threats.
* Inform management including business sponsors on security risks and should be able to translate security risks to business impact.
* Work with many teams to support security technology through the product and enterprise lifecycle.
* Author requirements and user stories to include development, integration and operational detail necessary for security.
* Interfaces with many teams across the organization to ensure an efficient and effective security solution meets the business needs.
* Advise on solutions to ensure they are well engineered, operable, maintainable, and delivered on schedule.
* Guide threat analysis, technology assurance and technical auditing
* Works to and is an advocate to ensure compliance for security best practices including but not limited to the following: coding standards, design, platform, cloud, networkspecific design concerns and user access reviews.
* Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
* Applies new and innovative ideas to old or new problems. Fosters environments that encourages innovation. Contributes to and supports effort to further build intellectual property via patents.
* Review third party security technology across multiple platforms and products and ensure practices and controls align with enterprise standards.
* Support test, troubleshooting and operational issues alignment with security designs and architectures.
* Partner with Comcast enterprise Cybersecurity to promote DevSecOps best practices.
* Serve as the lead for CTS for enterprise privacy initiatives. Provide CTS with security advice on data security issues, compliance, and privacy requirements such as PCI, CPNI, HIPAA, FCC Regulations, SOX, Subscriber PII, etc.
* Security and technical expertise in cloud technologies such as OpenStack, AWS, and Azure.
* Possibly work with big data, metrics and data analytics tools to help manage large volumes of security reporting systems.
* Consistent exercise of independent judgment and discretion in matters of significance.
* Other duties and responsibilities as assigned.
* Architected security for products, enterprise, information and other initiatives
* Excellent written and verbal communication skills, interpersonal and collaborative skills
* Proficient at protocols and APIs
* Proficient at the secure software development lifecycle and DevOps
* Proficient at identity, authentication and authorization systems
* Proficient at understanding cryptographic trust-based systems
* Cloud security knowledge preferred
* Data and database security
* Federation, SSO, IDS, IPS, Host Based Firewall, VPN, Wi-Fi, Video, Internet, Voice, DNS, DHCP, HTTPS/TLS, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido
* Knowledgeable in PCI, CPNI, HIPAA, ISO 27001, FCC Regulations, SOX, Subscriber PII, etc.
* Coding experience preferred but not required
* Poise and ability to act calmly and competently in high-pressure, high-stress situations
* Enjoys working in a demanding, and a very dynamic environment
* Good natured and positive with people
* Security expertise in one or more relevant areas
* Must have strong problem-solving skills
* Ability to manage multiple projects with strict timelines
* High level of personal integrity
* Ability to professionally handle confidential matters with an appropriate level of judgment and maturity
* High degree of initiative and well organized
* 11+ years of experience in engineering, software, or technology-based industry
* 5+ years of experience working in a security-related role, with various security architectures
* Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (LPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), Other software development lifecycle certifications
* Bachelor's Degree or Equivalent
Field of Study
* Engineering, Computer Science, Cybersecurity or related field
Comcast is an EOE/Veterans/Disabled/LGBT employer