Company name
Comcast
Location
Philadelphia, PA, United States
Employment Type
Full-Time
Industry
Engineering, It
Posted on
Feb 10, 2023
Profile
Comcast's Technology, Product & Experience organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards. Because our employees are our most valuable asset, we offer a flexible working environment to balance the need to work independently wherever you choose, with days that require collaboration at one of our offices. Our roles primarily reside inside or around one of our Tech Hubs (Philadelphia and surrounding suburbs, Denver, Austin, Silicon Valley, Washington DC/N. Virginia).
Job Summary
The Product Security Engineer is primarily responsible for researching, validating, and documenting the lifecycle of reported vulnerabilities in Comcast's products. Additionally, the Product Security Engineer will assess the overall security maturity and systems architecture of products to launch bug bounty programs. Through these programs the engineer will leverage the researcher community in identifying potential vulnerabilities. Finally, the Product Security Engineer will stay current on the latest cyber security threats and security research methods to stay ahead of the curve in vulnerability detection. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do what's right for each other, our customers, investors and our communities
Job Description
The core responsibilities of this position are as follows:
Validate, research, prioritize, and escalate reported vulnerabilities as appropriate.
Manage each reported vulnerability and the communications of its status with internal and external parties until resolution.
Manage a queue of reported vulnerabilities to ensure findings are promptly addressed, catalogued, and internally distributed to appropriate internal stakeholders.
Partner with other teams in the security organization to build and test remediation strategies.
Attend technical calls with internal or external parties regarding reported vulnerabilities.
Document all information including the mitigation and remediation of reported vulnerabilities.
Collaborate with internal teams to map systems architecture of a product and define the scope of systems to be included as targets for bug bounty programs.
Communicate effectively with external security researchers on the behalf of Comcast.
Identify trends in security research methods and develop tools for proactive vulnerability detection.
Identify gaps within existing internal security practices and propose enhancements where necessary.
Skill and Abilities
Experience with the management and remediation of vulnerabilities.
Experience in developing and utilizing various security tools focused on discovering vulnerabilities within networks and applications.
Knowledge of product and software development lifecycles.
Familiarity with responsible disclosure practices.
Possession of excellent oral and written communication skills, including communicating effectively under normal and stressful situations.
Ability to convey technical concepts relating to vulnerability details to a non-technical audience.
Knowledge of a wide range of networking concepts, analysis tools, operating systems, software, and security controls.
Experience with software development methodologies and the software used within large/agile environments including source code version control.
Experience with numerous methods of penetration testing and/or systems auditing tools and practices.
Broad knowledge of systems administration (*nix/Windows), network engineering, and security engineering.
Employees at all levels are expected to:
Understand our Operating Principles; make them the guidelines for how you do your job.
Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
Win as a team - make big things happen by working together and being open to new ideas.
Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
Drive results and growth.
Respect and promote inclusion & diversity.
Do what's right for each other, our customers, investors and our communities.
Disclaimer:This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.Comcast is an EOE/Veterans/Disabled/LGBT employer.
Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other basis protected by applicable law.
Education
Bachelor's Degree
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Relevant Work Experience
5-7 Years
Salary:
National Pay Range: $67,195.18 USD-$157,488.71 USD
Comcast intends to offer the selected candidate base pay within this range, dependent on job-related, non-discriminatory factors such as experience.
Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality - to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary (https://jobs.comcast.com/life-at-comcast/benefits) on our careers site for more details.
Company info
Comcast
Website : http://corporate.comcast.com