Comcast Careers

Program Manager 4, Security

Philadelphia, PA; West Chester, PA
Other (Telecommunications)

Job Description

Business Unit:

Job Summary:
Responsible for utilizing program management and technical skills to drive the successful establishment and maintenance of security policies and policy exceptions covering all organizations across the Comcast Cable footprint. & The individual delivers longer-term improvements and benefits in support of the organization risk management goals as they relate to security policies and exceptions. The successful candidate will also ensure and measure compliance and alignment of Comcast Governance processes, procedures, and technical configurations to the policies and will work closely within Cable technology teams and other stakeholder departments to govern exceptions and compliance.

Employees at all levels are expect to:

- Understand our Operating Principles; make them the guidelines for how& you do your job
- Own the customer experience-think and act in ways that put our& customers first, give them seamless digital options at every touchpoint,& and make them promoters of our products and services
- Know your stuff-be enthusiastic learners, users and advocates of our& game-changing technology, products and services, especially our digital& tools and experiences
- Win as a team-make big things happen by working together and being& open to new ideas
- Be an active part of the Net Promoter System-a way of working that& brings more employee and customer feedback into the company-by joining& huddles, making call backs and helping us elevate opportunities to do& better for our customers
- Drive results and growth& - Respect and promote inclusion and diversity
- Do what's right for each other, our customers, investors and our& communities


Core Responsibilities:

-& & Lead policy exception management activities ensuring complete and accurate data representing business processes, projects and technologies which do not conform to security policies and standards requirements
-& & Lead policy exception risk triage requests engaging multiple risk assessment teams
-& & Identify gaps in submitted exception requests ensuring accurate representation of exception risk, compensating controls, and remediation planning.
-& & Prepare policy exception management reporting materials for regular status reporting
-& & Regular interaction with multiple senior level governance committees
-& & Participate in the drafting, reviewing, and publishing of Security Policies & Standards which reflect the risk appetite for Comcast.
-& & Liaise with Security and divisional leads on aspects of Policy / Standards implementation (e.g., on the development of Business Unit specific procedures as required)
-& & Assess, research, and scope new Security Policy / Standards requests
-& & Build control awareness among stakeholders creating improved risk management and efficiencies in associated processes. &
-& & Maintain solid awareness of industry standards and best practices (in areas such as software development, IT security, etc.)
-& & Work with team members to help identify and assist in making program tradeoffs to balance scope, time, and costs.&
-& & Communicate updates on major milestones while keeping stakeholders informed of progress and issues.&
-& & Produce high-priority recurring and ad-hoc reports with the purpose of measuring progress towards goals, measuring performance against objectives, and identifying improvement opportunities in the areas of risk and compliance.& &


-& & Strong analytical, communication, presentation, and collaboration skills
-& & 8+ years of direct security experience or a combination of work experience and advanced degree
-& & Experience or familiarity with one or more of ISO 27000, ITIL, PCI, NIST CyberSecurity Framework, or COBIT frameworks
-& & Solid understanding of application security topics, including application security assessments, OWASP Top 10, or use of PII in applications
-& & Technical experience or exposure to one or more of security architecture, operating system security, or application security


Education/ Certifications:
Bachelor’s Degree or equivalent; Master’s degree preferred


CISSP: Certified Information Systems Security Professional
CISA: Certified Information Systems Auditor
CISM: Certified Information Security Manager


-& Strong organizational and planning skills
-& Strong written and verbal communication skills
-& Designing management and technical processes&
-& Documenting technical and functional requirements for software tools
-& Microsoft Office Suite

Comcast is an EOE/Veterans/Disabled/LGBT employer