Comcast Cybersecurity: Security Network Engineering 4- Security

Company: Comcast
Location: Moorestown
Posted on: March 20, 2023

Job Description:

Job Description:

Comcast's Technology, Product & Experience organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards. Because our employees are our most valuable asset, we offer a flexible working environment to balance the need to work independently wherever you choose, with days that require collaboration at one of our offices. Our roles primarily reside inside or around one of our Tech Hubs (Philadelphia and surrounding suburbs, Denver, Austin, Silicon Valley, Washington DC/N. Virginia). Job SummaryAs a Sr. Security Engineer, you will join a dedicated, professional team responsible for network security in the Comcast network. The Senior Security Engineer position is responsible for the configuration, deployment and support of network security and engineering systems including Firewalls, VPN's, A10/SSLi, F5 SSLO/ASM/APM, Web Content Filtering/Proxy, Routers, Arista switches and supporting tools for managing secure connectivity. Job Description Responsibility includes monitoring performance, operation, enhancement and fault events and performing the appropriate response to adequately close or escalate the events to completion. ---The individual in this role will perform more advanced security systems configurations, upgrades and troubleshooting, as well design engineering solutions for security tools (i.e., firewalls, routers, Intrusion Detection/Prevention Systems, and rule automation). ---During a critical security connectivity event, this position will be authorized to make customized changes to the various security tools or system configurations to minimize the immediate impact to the business.--- Core Responsibilities: Perform proactive maintenance, upgrades and enhancements in accordance with National Change Management procedures. Recommend, design, implement and maintain security connectivity solutions including Checkpoint/Fortinet/F5/NSX/Palo Alto/Firepower firewalls, Symantec/Zscaler/iBoss Proxy, F5/A10 SSL decryption technology. Perform advanced troubleshooting of network connectivity issues involving security products, Firewall/ACL rules, complex routing and NAT rules. Develop, execute and document security system fault management support procedures for assigned systems. Perform configuration updates, such as modifying configurations, signature definitions or implementing new policies on various network security tools, as directed. Define and improve daily operating procedures and administration for assigned elements. Develop and document network security topology diagrams. Be able to leverage other network management tools used by the National Operations Centers or Local Management Centers in the identification and response to security connectivity incidents and faults. Ensure timely proactive identification and reporting of security gaps and vulnerabilities to the critical business information, systems and network infrastructure. Assist with security compliance audits to verify completeness of required configurations and verify system hardening. Participate in the problem investigation of connectivity issues and security events related to security devices, identify root problem cause, and provide recommendations to improve reliability and availability, or reduce recovery time. Weekly on-call shifts, rotating approximately once every 2 months. --- Knowledge and Experience Working knowledge of complex networking technologies, including IP Addressing v4/v6, routing, switching, load balancing, DNS, DHCP, NAT rules Knowledge of complex network operating environments, including remotely-hosted or cloud-based service offerings Advanced knowledge of information security methodologies Experience with Fortinet, Symantec, iBOSS, Zscaler, Forcepoint, A10, Gigamon Hands on with F5 technologies such as: ASM/APM/BigIQ Scripting in Python is big a plus Routing protocols including BGP and OSPF. In-depth troubleshooting and strong analytic skills. Minimum 7 to 10 years of experience in administration and operations of network and security gear (Arista/Juniper/Cisco routers and switches) Minimum of 7 to 10 years of experience with TCP/IP and UDP protocols and networking packet analysis Experience with firewall policy creation and rule updates, configuration and troubleshooting; firewall administration experience required. Experience with security policy orchestration/rule automation technology such as Tufin, Firemon, Algosec. Must be familiar with trouble ticketing procedures and have strong written and verbal communication skills. Proven analytical and problem-solving ability. Ability to work under pressure. Aptitude to work with others Ability to accept and learn from fault or incidents Comfortable with interfacing with other internal or external organizations regarding failure and incident response situations. --- Job Specification: Bachelor's Degree or Equivalent Engineering, Computer Science Generally, requires 7-11 years related experience Network and/or security certifications such as CCIE, CISSP and other SANS GIAC, Security+, SSCP or other security certifications. Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other basis protected by applicable law. Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Relevant Work Experience 7-10 Years Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality - to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

Keywords: Comcast, Philadelphia , Comcast Cybersecurity: Security Network Engineering 4- Security, Engineering , Moorestown, Pennsylvania