Comcast Careers

Principal Engineer, Security IAM

Moorestown, NJ
Other (Telecommunications)

Job Description

Business Unit:

Comcast Information and Infrastructure Security is the core CyberSecurity team at Comcast. TPX is a team composed of transformative security professionals that are expanding in multiple directions, across borders and, most of all, in the way we think. Here, innovation isn't simply about defending our network and systems, it's about transforming the cybersecurity efforts across our company. Ready to make a difference? Come join our Team!

Broadly regarded as innovators and thought leaders, our executive team has served in key industry security roles, on the boards of national and community-based organizations, and in a number of Federal and Legislative initiatives. We have spent decades investing in the technology and information security capabilities that help us protect and defend our company; we have developed solutions that are practical for today and scalable for tomorrow; and we have created collaborative teams that are dedicated to innovation across each of our businesses.

The Senior Engineer of Identity & Access Management is an open, collaborative and strategy execution leader and will reside within Comcast's CyberSecurity Identity and Access Management organization. The Senior Engineer of Identity & Access Management is responsible for assisting in the development, design, management and application of Comcast's identity and access management services. The incumbent is familiar with the complete range of IAM technologies including Provisioning, Federation, Role/Entitlement Reviews, Authentication and Access Management. These services allow Comcast to protect, control and maintain identity information for employees, contractors and business partners. The incumbent stays current with both internal and external IAM best practices and strategies. Responsibilities include clear communication of engineering strategies, management and mentoring of senior enterprise security engineers, deep knowledge of IDM and Access Management platforms and excellent business acumen. The incumbent's core responsibilities have global implications and he/she will work with infrastructure and systems development areas throughout Comcast to provide the highest level of service to the Comcast business. A key focus of the role is the transformation of Comcast's Identity and Access Management solution to a hybrid on premise and cloud delivery model.

Core Responsibilities
- Provide expertise and understanding of the Comcast Identity Management landscape working with leadership to design, engineer and expand the IDM service footprint.
- Demonstrate technical and leadership skills to perform strategy, solution architecture, project management tasks, technical design and analysis in the delivery of these services.
- Build, test and rollout of enterprise Identity and Access Management solutions in collaboration with internal and external resources.
- Serve as a subject matter expert to the business stakeholders, understanding their core business processes and business priorities which can be enhanced using IDM solutions.
- Provide technical Engineering and vision for customers' application platforms.
- Ability to support negotiations on scope of work as well as manage work with outside vendors / integrators. This includes SOW, MSA, NDA's, along with full financial tracking and defining business benefits.
- Review IDM and Access Management solution designs. Working with Managed Partner services: ensure innovation, security, and business requirements are met, while also keeping a keen eye on improving the associate's experience with technology.
- Collaborate cross-functionally with other technology teams and security organization.
- Participate in the defining of an enterprise IDM Engineering strategy, with a roadmap of key deliverables and timelines, and deliver consistently
- Mentor other members of the team on IDM best practices
- Maintain up-to-date knowledge by researching new technologies and software products, participating in educational opportunities and conferences, and reading professional publications
- Foundational knowledge of Identity Management technologies such as SailPoint, PingID, CA, Okta, Microsoft MIM, Oracle Identity suite.
- Significant experience working with large tier security vendors leading RFI/RFP's and contributing to industry standards and working groups
- Experience with cloud providers such as Azure, AWS, Oracle Cloud, etc.
- Develop SLA's, KPI's, and service metrics for IAM services.

Required Qualifications
- 5+ years of IDM Engineering and building of Access Management Platforms and Solutions
- 10+ years of experience managing and providing technical leadership for complex enterprise security projects/programs for a large enterprise organization
- Experience with CA Identity Suite preferred: Identity Manager, Connectors, Identity Governance, Siteminder
- Experience with enterprise Identity and Access Management products
- Experience with Active Directory, SSO, Federation, ADFS, SAML, OAuth, OpenID
- Experience with cloud based identity solutions: Azure, AWS, etc.
- Programming experience: C, C++, Java, Java Script, JSON, Scripting, HTML, etc.
- Specific experience managing projects / programs from concept through implementation (supporting oversight processes) using a structured project management methodology across the entire project life cycle yet not a project manager per se

Education Level: Bachelor's Degree
Field of Study: System Engineering, System Development, Cyber Security, Computer Science, Identity Management, Access Management or related field
Preferred: CISSP, CISA, GIAC, etc.
Years' Experience: 5+ years related experience in large enterprise Identity environments.

Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.