Sr. Cyber Incident Responder at Comcast

Posted in Telecommunications 27 days ago.

This job brought to you by Professional Diversity Network, Inc

Type: Full Time
Location: Moorestown, New Jersey





Job Description:

Comcast brings together the best in media and technology. We drive innovation to create the world’s best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.

Comcast Cyber Security (CCS) team leads the cyber risk program for the Cable business. CCS is composed of a team of transformative security professionals expanding in multiple directions, across boundaries and, most of all, in the way we think. Here, innovation is not simply about defending our network and systems, it's about transforming the cybersecurity efforts across our company. Ready to make a difference? Come join our Team!

Broadly regarded as innovators and thought leaders, our executive team has served in key industry security roles, on the boards of national and community-based organizations, and in a number of Federal and Legislative initiatives. We have spent decades investing in the technology and information security capabilities that help us protect and defend our company; we have developed solutions that are practical today and scalable for tomorrow; and we have created collaborative teams dedicated to innovation across each of our businesses to share our best thinking.
What We're Looking For:
Senior Cyber Incident Responder
We're looking for a Cyber Security Operations Center Senior Incident Handler to help lead our transformation to a proactive intelligence driven SIRT program posture. This role is expected to respond to crises or urgent events of interest to mitigate immediate and potential threats.
What You'll Do:
- Responsibilities:
Conduct thorough cyber security investigations and help coordinate mitigation & response between Cyber Operations and technology stakeholders driving incidents to timely and complete resolution
Provide input to incident summaries, post-mortem and executive reports
Contribute to use-case development for security monitoring, with a focus on cloud
Contribute to the identification of threat intelligence derived from activities facing the business leveraging multiple platforms, automation and community memberships
Synthesizes and places intelligence information in context; draws insights about the possible implications
Contribute to defining targets for threat hunting & deception technology
Contribute to the efforts to operate a successful SOC by driving innovation, process improvement, security alert efficiencies and provide 360 feedback to internal stakeholders to improve the cyber security program
Provide Seniority and oversight for the lower tier SIRT teams
Analyze data, perform application, log, OS, disk, network level analysis for troubleshooting and researching events and alerts, discover and identify its source, purpose, intent, and if malicious or abnormal, then operate within the incident response procedures
Develop incident response automation playbooks for orchestration and for rapid response efficiencies
Collaborate and participate continuously with key technology teams and critical projects to proactively gain knowledge of Comcast systems
Maintain a critical eye and an obsessive attention to detail
Other duties and responsibilities as assigned.
Experience:
Typically 8+ years experience in IT Security including security operations and being a senior or lead engineer or analyst in a Security Operations or MSSP or mature internal team
Ability to design incident response for cloud platforms (AWS/AZURE, etc.) preferred
Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies
Knowledge of computer networking concepts and protocols, and network security practices
Working knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
Knowledge of cyber threats and vulnerabilities
Knowledge of specific operational impacts (ability to assess risks) of cybersecurity lapses
Knowledge of incident response and handling methodologies
Knowledge of network traffic analysis methods and packet-level analysis
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
Experience with query languages such as SQL variants; hiveQL, prestoQL, ArielQL, SPL (Splunk), and Lucene (Kibana)
Familiar and experienced with scripting languages such as bash, python, and/or powershell.
Demonstrated experience with Microsoft Windows and *NIX operating systems including command-line tasks and scripting.
Understanding of the Lockheed Kill-Chain and/or MITRE ATT&CK framework.
Knowledge of threats and various attacker methods including tactics/techniques/procedures (TTP’s)
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks)
Analyzing security logs including deep seeded knowledge to from a range of sources, including SIEM
Direct experience with endpoint security platforms & advanced Windows Eventlog
Threat Intelligence-in the context of using it in a Security Operations environment
Industry recognized certifications such as: SANS GIAC GCIA, GCIH, GCFA, GNFA, GCTI, GREM or CEH, CISA, CISSP, etc.
Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field


Comcast is anEOE/Veterans/Disabled/LGBT employerand all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.