Comcast Cybersecurity: Principal Engineer, Security Incident Response Team
Company: Comcast Corporation
Location: Philadelphia
Posted on: October 18, 2024
Job Description:
Make your mark at Comcast -- a Fortune 30 global media and
technology company. From the connectivity and platforms we provide,
to the content and experiences we create, we reach hundreds of
millions of customers, viewers, and guests worldwide. Become part
of our award-winning technology team that turns big ideas into
cutting-edge products, platforms, and solutions that our customers
love. We create space to innovate, and we recognize, reward, and
invest in your ideas, while ensuring you can proudly bring your
authentic self to the workplace. Join us. You'll do the best work
of your career right here at Comcast. (In most cases, Comcast
prefers to have employees on-site collaborating unless the team has
been designated as virtual due to the nature of their work. If a
position is listed with both office locations and virtual
offerings, Comcast may be willing to consider candidates who live
greater than 100 miles from the office for the remote option.)Job
SummaryResponsible for acting as a team lead and providing internal
expertise in collaboration with various cross-functional project
teams. Directs and develops long-term objectives and plans related
to the company's technical vision. Provides innovative solutions
for complex cyber engineering developmental problems that are
competitive with industry and company standards. Responsible for
monitoring, identifying, investigating and analyzing all response
activities related to cybersecurity incidents within an
organization. Identifies security flaws and vulnerabilities;
responds to cybersecurity incidents, conducts threat analysis as
directed and addresses detected incidents. Conducts network or
software vulnerability assessments and penetration testing
utilizing reverse engineering techniques. Perform vulnerability
analysis and exploitation of applications, operating systems or
networks. Identifies intrusion or incident path and method.
Isolates, blocks or removes threat access. Evaluates system
security configurations. Evaluates findings and performs root cause
analysis. Performs analysis of complex software systems to
determine both functionality and intent of software systems.
Resolves highly complex malware and intrusion issues. Contributes
to the design, development and implementation of countermeasures,
system integration, and tools specific to Cyber and Information
Operations. Acts as a technical expert in own area within the
organization. May work independently or as part of a team on more
complex projects. Provides mentoring and guidance to more junior
team members. May be responsible for leading a team, but does not
directly manage people.Job DescriptionResponsibilities
- Lead response to Cyber Security Incidents of varying complexity
levels - including all steps from identification to final
closeout
- Identify activity of investigative interest based on a review
of system and application logs - differentiating likely malicious
activity from benign false positives.
- Assist the team in prioritizing threat detection alerts and
related signals into the Security Operations Center. -
- Serve as a technical subject matter expert for highly complex
incidents, tracking and documenting existing status for leadership
- and proposing next steps for all stakeholders.
- Ensure that full containment and eradication has occurred for
all incidents.
- Partner with impacted teams (e.g. business owners, application
owners, IT Teams, legal/comms) - to ensure all incident needs are
being met as well as timely restoration of service occurs as risk
allows.
- Provide clear and concise technical or executive level incident
briefings as required. -
- Document all relevant incident data using approved case notes
standards and propose improvements where appropriate.
- Oversee activities of more junior team members during key
incidents.
- Mentor junior team members in incident response best
practices.
- Recommend continual process improvements and advocate on behalf
of the team to other key cyber operations teams (e.g. detection,
hunting, digital forensics, intelligence etc).
- Support related projects with critical delivery deadlines as
needed.QualificationsRequired:
- Bachelor's Degree in Computer Science, Computer Engineering,
Cyber Security, or related industry/military experience.
- 7+ years' experience in Cyber Security, of which at least 5 or
more years should be in the Incident Response space with a focus on
significant, large scale incident investigations.
- Demonstrated experience leading and owning accountability for
incidents of significant complexity levels for all phases of
response.
- Strong technical understanding of the Incident Response process
and ability to speak with other business units from a technical
perspective.
- Familiarity with major threat actor groups and TTPs.
- Knowledge of common enterprise-grade endpoint and network
defense tools.
- Experience working with logging technologies and large data
sets.
- Broad working knowledge of major OS and cloud platform
technologies.
- Cyber Security advisory experience and ability to advise on a
multitude of problems with different solutions in mind.
- Excellent verbal and written communications skills.
- Experience working in a globally disbursed/follow the sun
model. - - - -
- Experience creating scripts and automation as needed to assist
in daily tasks.Nice to have:
- Previous experience in a Fortune 50 sized organization.
- Background in a large, well-known Incident Response services
organizations.
- Relevant industry certifications (e.g. CISSP, GCIH, GCFA,
GCIA)Employees at all levels are expected to:
- Understand our Operating Principles; make them the guidelines
for how you do your job.
- Own the customer experience - think and act in ways that put
our customers first, give them seamless digital options at every
touchpoint, and make them promoters of our products and
services.
- Know your stuff - be enthusiastic learners, users and advocates
of our game-changing technology, products, and services, especially
our digital tools and experiences.
- Win as a team - make big things happen by working together and
being open to new ideas.
- Be an active part of the Net Promoter System - a way of working
that brings more employee and customer feedback into the company -
by joining huddles, making call backs, and helping us elevate
opportunities to do better for our customers.
- Drive results and growth.
- Respect and promote inclusion & diversity.
- Do what's right for each other, our customers, investors, and
our communities.What You Can Expect:
- An encouraging and casual work environment with chances to
showcase your skills.
- A culture of innovation and continuous learning.
- Training, support, and mentoring to expand and evolve your
expertise.
- For more insight into our culture, check out: About Our Perks &
Benefits: -We are determined to create an environment where our
employees feel valued, understand our business goals, and are
motivated. -Here's a look at just some of the perks and benefits we
make available to our US-based employees:
- Medical & Dental
- 401(k) Savings Plan
- Generous paid time off
- Life Milestones - from adoption assistance, childcare
resources, pet insurance, and more, Comcast supports you at all
life stages.
- Courtesy Services - We offer all of our full-time employees in
serviceable areas discounted digital TV and internet.
- Discounted tickets for Universal Resorts, and free tickets to
our Universal theme parks!Learn more at Reasonable Accommodation
-We will ensure that individuals with disabilities are provided
reasonable accommodation to participate in the job application or
interview process, perform essential job functions, and receive
other benefits and privileges of employment. Please contact us to
request accommodation.Comcast is an EOE/Veterans/Disabled/LGBT
employer.Disclaimer:This information has been designed to indicate
the general nature and level of work performed by employees in this
role. It is not designed to contain or be interpreted as a
comprehensive inventory of all duties, responsibilities, and
qualifications.Comcast is proud to be an equal opportunity
workplace. We will consider all qualified applicants for employment
without regard to race, color, religion, age, sex, sexual
orientation, gender identity, national origin, disability, veteran
status, genetic information, or any other basis protected by
applicable law.Additionally, Comcast provides best-in-class
Benefits to eligible employees. We believe that benefits should
connect you to the support you need when it matters most, and
should help you care for those who matter most. That's why we
provide an array of options, expert guidance and always-on tools,
that are personalized to meet the needs of your reality - to help
support you physically, financially and emotionally through the big
milestones and in your everyday life. Please visit the on our
careers site for more details.EducationBachelor's DegreeWhile
possessing the stated degree is preferred, Comcast also may
consider applicants who hold some combination of coursework and
experience, or who have extensive related professional
experience.Relevant Work Experience10 Years +
Keywords: Comcast Corporation, Yonkers , Comcast Cybersecurity: Principal Engineer, Security Incident Response Team, Engineering , Philadelphia, New York
Didn't find what you're looking for? Search again!
Loading more jobs...