Comcast Cybersecurity: Principal Engineer, Advanced Threat Response

About the position

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You'll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Responsibilities

• Lead response to Cyber Security Incidents of varying complexity levels - including all steps from identification to final closeout
• Identify activity of investigative interest based on a review of system and application logs - differentiating likely malicious activity from benign false positives.
• Assist the team in prioritizing threat detection alerts and related signals into the Security Operations Center.
• Serve as a technical subject matter expert for highly complex incidents, tracking and documenting existing status for leadership - and proposing next steps for all stakeholders.
• Ensure that full containment and eradication has occurred for all incidents.
• Partner with impacted teams (e.g. business owners, application owners, IT Teams, legal/comms) - to ensure all incident needs are being met as well as timely restoration of service occurs as risk allows.
• Provide clear and concise technical or executive level incident briefings as required.
• Document all relevant incident data using approved case notes standards and propose improvements where appropriate.
• Oversee activities of more junior team members during key incidents.
• Mentor junior team members in incident response best practices.
• Recommend continual process improvements and advocate on behalf of the team to other key cyber operations teams (e.g. detection, hunting, digital forensics, intelligence etc).
• Support related projects with critical delivery deadlines as needed.

Requirements

• Bachelor's Degree in Computer Science, Computer Engineering, Cyber Security, or related industry/military experience.
• 7+ years' experience in Cyber Security, of which at least 5 or more years should be in the Incident Response space with a focus on significant, large scale incident investigations.
• Demonstrated experience leading and owning accountability for incidents of significant complexity levels for all phases of response.
• Strong technical understanding of the Incident Response process and ability to speak with other business units from a technical perspective.
• Familiarity with major threat actor groups and TTPs.
• Knowledge of common enterprise-grade endpoint and network defense tools.
• Experience working with logging technologies and large data sets.
• Broad working knowledge of major OS and cloud platform technologies.
• Cyber Security advisory experience and ability to advise on a multitude of problems with different solutions in mind.
• Excellent verbal and written communications skills.
• Experience working in a globally disbursed/follow the sun model.
• Experience creating scripts and automation as needed to assist in daily tasks.
• Previous experience in a Fortune 50 sized organization.
• Background in a large, well-known Incident Response services organizations.

Nice-to-haves

• Relevant industry certifications (e.g. CISSP, GCIH, GCFA, GCIA)

Benefits

• Medical & Dental
• 401(k) Savings Plan
• Generous paid time off
• Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
• Courtesy Services - We offer all of our full-time employees in serviceable areas discounted digital TV and internet.
• Discounted tickets for Universal Resorts, and free tickets to our Universal theme parks!