Comcast

Engineer 3, Cyber Security Engineering-0752

Comcast  •  Philadelphia, PA (Remote)  •  2 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

DUTIES: Contribute to a team responsible for developing and maintaining software security systems; perform web application penetration testing using Burp Suite, and custom Bash and Python scripts; detect and remediate vulnerabilities using scanning tools including Nuclei, Qualys, and Nessus; use Linux for penetration testing, vulnerability exploitation, and scripting automation in Kali Linux or any other Linux distribution, including performing Linux command-line operations, privilege escalation, shell scripting, and network packet analysis; design and implement custom tools using Python to detect vulnerabilities; ensure security of AWS cloud environments, including using IAM policies, security groups, S3 bucket configurations, and cloud-native monitoring tools; manage incident response activities related to product security, including investigation, root cause analysis, and remediation of vulnerabilities; research, validate, and document the lifecycle of reported vulnerabilities in Comcast's products; assess the overall security maturity and systems architecture of products to launch bug bounty programs; leverage the researcher community in identifying potential vulnerabilities; validate, research, prioritize, and escalate reported vulnerabilities as appropriate; manage each reported vulnerability and the communications of its status with internal and external parties until resolution; manage a queue of reported vulnerabilities to ensure findings are promptly addressed, catalogued, and internally distributed to appropriate internal stakeholders; partner with other teams in the security organization to build and test remediation strategies; document all information including the mitigation and remediation of reported vulnerabilities; collaborate with internal teams to map the systems architecture of a product and define the scope of systems to be included as targets for bug bounty programs; and work with the Quality Assurance team to determine if applications fit specification and technical requirements. Position is eligible to work remotely one or more days per week, per company policy.

REQUIREMENTS: Bachelor’s degree, or foreign equivalent, in Computer Science, Engineering, or related technical field, and two (2) years of experience developing and maintaining software security systems; performing web application penetration testing using tools including Burp Suite, and custom Bash or Python scripts; detecting and remediating vulnerabilities using scanning tools including Nuclei, Qualys, and Nessus; using Linux for penetration testing, vulnerability exploitation, and scripting automation in Kali Linux or any other Linux distribution, with Linux experience in command-line operations, privilege escalation, shell scripting, and network packet analysis; designing and implementing custom tools using Python to detect vulnerabilities; and managing incident response activities related to product security, including investigation, root cause analysis, and remediation of vulnerabilities. Applicant must possess Offensive Security (OffSec) Certified Professional (OSCP) certification.

Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Skills

Bash Scripts, Burp Suite, Shell Scripting

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.


Please visit the benefits summary on our careers site for more details.

Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.

Comcast

About Comcast

Welcome to Comcast. From the connectivity and platforms we provide to the content and experiences we create, we bring people together, globally. Our people think the world of our work, and that’s why our work is the best in the world.

Industry
Telecommunications
Company Size
10,000+ employees
Headquarters
Philadelphia, PA
Year Founded
Unknown
Social Media