Engineer 2, Firewall support
- Implement new security technologies and systems in accordance with security industry standards and Comcast Change Management procedures.
- Perform configuration updates, such as proactive maintenances, upgrades and enhancements.
- Provide engineering support and operational focus for multiple security detection and alerting tools, including:
- Network Access Control (NAC)
- Access Control Lists (ACL)
- Sev One
- Firewall Rules and Policy Pushes
- Work collaboratively with multidisciplinary teams to support and operate newly implemented technologies and support existing environments.
- Provide advanced application level support for the resolution of firewall system faults, including system patches and policy pushes
- Leverage network management tools for the identification, prevention and response to security incidents, faults and network outages.
- Participate in the root cause analysis (RCA) investigation of critical network firewall incidents and prepare incident reports documenting the findings. Identify root problem cause, and provide recommendations to improve reliability and availability, or reduce recovery time.
- Proactive identification and reporting of security gaps and vulnerabilities to the critical business information, systems and network infrastructure.
- Provides clear, crisp, and concise technical communication and coordination during medium outage scenarios.
- Directly executes changes, in the network and across systems, focused on deploying new services, implementing changes, and stabilizing products following established change management processes. Accountable for configuration management techniques, post maintenance validation, and excellent communication
- Other duties as assigned.
- Bachelor's Degree in Networking, System Security, Computer Science, or related field.
- Network and/or security certifications such as SANS GIAC, Security+, SSCP or other security certifications, CCNA
- Desired: CISSP
Knowledge and Experience:
- Minimum 2 to 4 years of experience within information security, network security, or firewalls
- Working knowledge of complex networking technologies, including: IPv4 and IPv6 addressing, routing, switching, load balancing, DNS, DHCP, NAT rules and ACLs
- Experience with the following: SSL, TLS, HTTPS, PGP, DES, SSH, SCP, Kerberos, IPSEC, PKI
- Knowledge of complex network operating environments in a large-scale high-availability environment, including remotely-hosted or cloud-based service offerings..
- Experience with information security methodologies.
- In-depth troubleshooting and strong analytic skills.
- Experience with firewall policy creation and rule updates, configuration and troubleshooting; firewall administration experience required.
- Experience with security policy orchestration/rule automation technology.
- Experience with best practice change management procedures.
- Knowledge of industry standards like ISO 27001 and PCI.
- Ability to work under pressure.
- Comfortable with interfacing with other internal or external organizations regarding service failure and incident response situations.
Comcast is an EOE/Veterans/Disabled/LGBT employer