Architect 5, Architecture

Comcast   •  

Philadelphia, PA

Industry: Media


11 - 15 years

Posted 30 days ago

This key role is part of T&P Digital First Security team. The ideal candidate will work internally with App/Dev/Platform teams and externally with Comcast global security teams to ensure application and system security posture for the Digital First organization is improved to world class security standards. This includes helping and guiding application development and platform teams to design and architect secure applications ground up, implementing secure coding practices, evaluating cloud environment being established in AWS/Azure to ensure security considerations are implemented and met for best practices. This is a perfect opportunity for the successful candidate to become a part of an innovative, energetic team that believes; 'security must not be an afterthought, nor is an impediment to delivery velocity but can be achieved as a balancing act b/w managing risk and ensuring high quality delivery velocity'.

Key Functions:

  • Perform security assessment and compliance activities by using assessment tools and procedures for the Comcast's Digital First Organization
  • Continue to engage and build relationship with Comcast global Technology and Product Security teams
  • Plan, research and design robust security architectures in partnership with App/Dev/platform teams for any Application/IT project
  • Conduct and facilitate Threat modelling workshops
  • Perform/participate in security architecture review (SAR) to ensure all security architecture design best practices and standards are met
  • Perform planning and remediation of application static, dynamic and run-time code analysis (SAST, DAST, IAST/RASP) and also work with application and internal teams for to ensure secure coding practices are implemented
  • Support the research of emerging technology, requisite security requirements, and emerging threats and develop way-forwards to meet organizational goals
  • Oversee security awareness programs and educational efforts
  • Respond to security-related incidents and provide a thorough post-event analysis
  • Min 2 years' experience in Cloud Security Design / Implementation / Management with exposure to AWS / Azure Native Security
  • Strong understanding and exposure to Network Security, Operating System Security, Web Security and End Point Security
  • Research security standards, security systems and authentication protocols, keep abreast with latest trends in the cyber security industry
  • PCI Compliance Experience to conduct PCI Compliance activities
    • Strong understanding of PCI concepts
    • Assist with planning and remediation of internal and external vulnerability, and external penetration scans, as needed
    • Determine, document, and publicize the availability of PCI technical requirements
    • Work with various departments to ensure that they are aware of and understand the technical PCI requirements that they must adhere to and sign off on
    • Contribute content on PCI compliant requirements to support resources, including knowledgebase articles, quick reference cards, webinars, and training classes to raise understanding of PCI compliance
  • Assist in evaluation, selection and implementation of encryption solutions and key management systems
  • Assist in Vulnerability remediation in coordination with other ops / application teams
  • Configure and run penetration test & Analysis and Suggestions


  • Architected security for products, enterprise, information and other initiatives
  • Proficient at the secure software development lifecycle and DevSecOps
  • Proficient at identity, authentication and authorization systems
  • Good understanding of cryptographic trust based systems
  • Cloud security knowledge preferred
  • Data and database security
  • Federation, SSO, IDS, IPS, Host Based Firewall, WAF (Web Application Firewall), DNS, DHCP, HTTPS/TLS, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido knowledge preferred
  • Knowledgeable in compliance standards like: PCI, CPNI, ISO 27001, FCC Regulations, SOX, Subscriber PII
  • Coding experience preferred but not required
  • Security expertise in one or more relevant areas
  • Knowledge of Intrusion Detection & Prevention Systems


  • 10+ years of experience in security and technology based industry
  • 5 years of experience working with various security architectures


  • Following certifications are a plus- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (LPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP)


  • Bachelor's Degree in Information Systems, Computer Science, Management Information System, Cyber Security or Engineering

    Industry Recognized Certifications in Security:

  • CISSP (Certified Information Security System Professional Preferred
  • CISM (Certified Information Security Manager)
  • CISA (Certified Information Systems Auditor)
  • CEH (Certified Ethical Hacker)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Other relevant certifications

    Personal Characteristics:

  • Technology savvy, resourceful and self-motivated
  • Natural passion and curiosity to problem solving
  • Continuous self-learner, through various mediums
  • Consistent exercise of independent judgment and discretion in matters of significance
  • Proven ability to operating with collaboration
  • Comfortable working with technical and non-technical teams, business stakeholders, technical and business leadership
  • Analytical, planning, negotiation and facilitation skills
  • Ability to multi-task and manage multiple initiatives without direct supervision
  • Proficient communication skills, both verbal and written