Comcast Cybersecurity: Principal Product Security Architect
Comcast’s Technology, Product & Experience organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards. Because our employees are our most valuable asset, we offer a flexible working environment to balance the need to work independently wherever you choose, with days that require collaboration at one of our offices. Our roles primarily reside inside or around one of our Tech Hubs (Philadelphia and surrounding suburbs, Denver, Austin, Silicon Valley, Washington DC/N. Virginia).
Job SummaryThe Principal Product Security Architect will be a team leader responsible for providing internal expertise in the area of secure product development in collaboration with various cross-functional project teams. They will direct and develop long-term objectives and plans related to the company's technical vision while ensuring security is incorporated at every step along the way. They will provide innovative solutions for complex engineering developmental problems that are competitive with industry and company standards.
What you’ll do:
Take accountability for working with Comcast Technology, Product, and Experience teams to design, develop, deliver, and maintain secure products. You and your teammates will strive to secure Comcast technologies and infrastructure.
Play a leading role in the design of security features and ongoing verification of Company's product security posture. Acts as a Product Security subject matter expert for the company. Assists in researching next generation security technology options, and recommends feasible, affordable, scalable, and manageable Device/Application/Internet security safeguards. Assesses the security impact of technology strategies of new products and services, including database and network security.
- Recommend and ensure implementation of security designs and features in accordance with industry standards, generally accepted business practices and Company security policies.
- Collaborate with other Security Teams to consume and utilize enterprise security tools and services.
- Recommend solutions for defining security posture along with a training program for those that might be involved.
- Research new and/or updated technologies as they become available that pertain to our environment.
- Assist with regular penetration tests and vulnerability assessments.
- Communicate security requirements to project teams based on understanding of approved security policies, standards, and baselines.
Who you are/What you bring:
The ideal candidate will have a broad background in information and product security, and experience in defining, building, and analyzing systems. This role will span across many different security areas and requires coordination and collaboration with teams involved in servers, customer premise equipment, and mobile applications.
A security technology leader in a trusted position of oversight that brings passion for leading/influencing teams, improving processes and identifying/executing new secure engineering practices that drive product security innovation.
- Deep subject matter expertise in the areas of vulnerability management, security assessments, secure development life cycle, secure engineering practices, data protection, and related emerging best practices.
- Consistent exercise of independent judgment and discretion in matters of significance.
- Ability to engage development teams to develop plans that improve security posture in a timely manner.
- A proven track record delivering on a transformation and implementation of secure engineering best practices throughout the product development process.
- 10+ years of security engineering experience such as: secure product engineering, software security product development, and/or software/hardware product security with 5+ years of leadership experience.
- Experience performing security architecture reviews, penetration tests, security audits, threat models, vulnerability remediation, or secure software development
- Proven ability to communicate with technology and business leaders.
- Bachelor's degree in related field, master's preferred
- Knowledge of Product Development Life Cycle and Agile methodologies
Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other basis protected by applicable law.
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Relevant Work Experience
10 Years +
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the [Register to View] on our careers site for more details.