The Security Architect 6, is responsible for developing security reference designs and security solutions based upon the business and security requirements. The candidate for this role will work closely with security architects, developers and other security and non-security stakeholders to help transform the technical vision to implementable security solutions or design standards. This individual will assist Comcast by supporting the strategic technical leadership across multiple programs that seek to improve or innovate cyber security capability across all aspects of the Comcast brand. In this role the ideal candidate will help identify and vet new or emerging technologies necessary to assure success and security of Comcast services and products. They will deliver technical objectives of across multiple security roadmaps. The individual will have a strong working knowledge of cloud security and will be able to provide the technical acumen necessary to support the full security development lifecycle.
• Develop implementable security designs from different security and application architectures
• Provide feedback and guidance in the development of new security architectures.
• Develop reusable security cloud templates for implementing secure architectures across the business
• Design and build CI/CD pipelines that incorporate the security standards
• Design and initiate technical security standards which demonstrate implementable configurations
• Act as a thought leader to assist Security DevOps teams in designing practical solutions
• Identify security solution technical requirements and specifications
• Develops, publishes and presents leading edge security technical white papers and research projects.
• Transform security architecture frameworks and referential architectural into working prototypes or designs which are transitioned into next generation security standards
• Applies complex technical and security solutions to business problems.
• Presents and communicates complex concepts to a variety of technical and non-technical stakeholders.
• Assists with the rationalization of incumbent and new architectures and technical solutions.
• Contributes to the development of security threat and capability roadmaps
• Assists stakeholders with facilitation of security technology planning activities, documentation of implementations, innovation and security tool rationalization.
• Must have broad technical knowledge of all common security domains.
• Must have experience with virtual, elastic, and cloud compute
• System orchestration and control infrastructure elements, API integration frameworks, AWS, Azure, Openstack, and proprietary virtualization operating environments
• Must have experience working with Security DevOps
• Must have experience building hardened system images for physical and virtual environments, including, OS, application, and network devices based on security technical standards identification and configuration
• Must have experience developing touchless and automated system configuration workflows
• Must have expertise in security development and solution engineering, security operations management, incident management, governance and solution delivery and life-cycle management
• Strong working and practical knowledge of TCP/IP and UDP/IP networking
• Experience with security protocols including SSL/TLS, HTTPS, PGP, AES, DES, SSH, SCP, Kerberos, OAuth, SAML, IPSEC, PKI
• Mastery understanding of the Internet protocol version 4 and 6 suite, e.g. Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow/cflowd and POP3
• Technical knowledge of; enterprise networking, next generation firewalls, stateless inspection, deep packet inspection, signature and signature-less detection, encryption, log aggregation and correlation, security data analytics, hyper-V systems and controls, change management, and performance and capacity management
• Process and procedure knowledge of governance, compliance, risk management and audit control systems and functions
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity in all situations
• Superb written and oral communication skills
• Proficient knowledge of NIST, PCI, SOX and other cyber security standards
Education Level: Minimum Bachelor’s Degree, Preferred Advanced Degree
Field of Study: Information Sciences Technology, Cyber Security, Computer Engineering
Certifications: Relevant cyber security certifications, such as AWS/Azure Architect, CISSP, CISM, CISA, CCSP, GIAC are highly desired
Years of Experience: Generally requires 11+ years related experience
Travel: Up to 20%, ability to travel within the Comcast geographic areas, primarily Philadelphia, PA and Moorestown, NJ
Comcast is an EOE/Veterans/Disabled/LGBT employer