Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
It is the responsibility of Comcast Business Information Security Director to plan, direct and coordinate tasks to protect, safeguard and secure company assets.
Successful candidate will be responsible for managing and overseeing the Information Security policies, standards, and practices implemented across Comcast Business' Managed Enterprise Services.
Develop initiatives, security strategies, key goals, and activities to integrate policies and guidelines.
Define Information Security risk management methodologies and processes.
Collaborate extensively with the leaders and other related functions to ensure implementation of standards for appropriate security checkpoints and encryption methods.
Lead a cross-functional team and provide security guidance to product owners as it relates to hardware and application systems included in product development
Develop and implements strategy for functional area(s)
Assists in the preparation of budgets and forecasts
Review critical infrastructure to ensure components meet security requirements for data protection
Select, develop, and evaluate personnel to ensure efficient operations within team
Manage and supervise third parties (contractors, consultants, etc.) and perform various tasks for company hosted and web-enabled solutions
Protect customer and employee information
Widespread adoption of security practices and tools
Balance business and security risk
Reduce cyber risk with minimal business impact
Assist teams with adopting security practices and tools
Analyze threats / vulnerabilities and how they impact the risk for a given product
Keep up-to-date w/ changing technology and regulatory landscape
Lead a team to conduct product security assessments and help with security-oriented projects
Collaborate with development, operations teams
Engage with product development on latest security threats, tools, and practices
Overcome potential barriers between security and business
Expand relationship network
Ensure business goals are well understood
Help prioritize product features / initiatives
Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary
Other duties and responsibilities as assigned
Must have experience interpreting security policies and incorporating security requirements in greenfield and legacy systems.
Must have knowledge of secure coding practices, static and dynamic application security assessments and analyzing reports to determine remediation path.
Must have deep understanding risk classification and of the varying levels of risk vulnerability and risk management experience.
Must have experience establishing security baselines, performing self-audits and reporting risks to management.
Bachelor's Degree or Equivalent in Technology
CISSP a plus
Generally, requires 10+ years related experience
Comcast is an EOE/Veterans/Disabled/LGBT employer