Sr. Security Software Engineer -2426

Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast.

Job Summary

Job Description

DUTIES:                               Provide technical leadership in planning, designing, and building new security software solutions using Java, C#, and Python in an Agile development environment; perform Static Application Security Analysis (SAST) using Checkmarx; perform Software Composition Analysis (SCA) using Mend and Whitesource; use CI/CD tools, including Concourse, Azure DevOps Server, and Jenkins for application security automation, integration of security code, code review and penetration testing; perform dynamic, static, and manual application security testing using Burp Suite Pro; perform DevSecOps engineering and ensure teams adhere to Comcast DevSecOps and other security practices; build security into enterprise architecture; analyze, test and assist with the integration of existing security solutions; collaborate with teams and vendors to automate and integrate security processes and solutions into CI/CD pipelines; enhance source code analysis tools (SAST/DAST/IAST) including configuration and operation of tools and evaluating new tools; collaborate with Comcast Security teams to build and implement Cloud Security and Data Security solutions; design, implement and perform security testing to improve the security posture of the engineering organization; contribute to the security knowledge base and document development activities; and guide and mentor junior level engineers. Position is eligible for 100% remote work.

REQUIREMENTS:             Bachelor’s degree, or foreign equivalent, in Computer Science, Engineering, or related technical field, and five (5) years of experience developing security software solutions using Java, C#, and Python in an Agile development environment; performing Static Application Security Analysis (SAST) using Checkmarx; performing Software Composition Analysis (SCA) using Mend and Whitesource; using CI/CD tools, including Concourse, Azure DevOps Server, or Jenkins, for application security automation, integration of security code, code review, and penetration testing; and performing dynamic, static, and manual application security testing using Burp Suite Pro

Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Skills

We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.

Please visit the benefits summary on our careers site for more details.