Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
As a Firewall Engineer you will join a dedicated, professional team responsible for network reliability engineering in the Comcast network. This position is responsible for network operating, deploying, managing, and continuously improving Comcast's Datacenter firewall network as well as associated infrastructure in a 7/24 environment.
The Firewall Engineer II works with and may directly lead external vendors, third parties, and associated agencies, when necessary, to address issues across the Comcast ecosystem, peering arrangements, inter-operability issues, etc. This individual works with limited supervision and direction while executing associated functions and responsibilities. Follows operational practices and independently determines/develops approaches for non-routine solutions. Receives general direction in areas of focus. May serve as lead on projects.
* Implement new security technologies and systems in accordance with security industry standards and Comcast Change Management procedures.
* Perform configuration updates, such as proactive maintenances, upgrades and enhancements.
* Provide engineering support and operational focus for multiple security detection and alerting tools, including:
* Network Access Control (NAC)
* Access Control Lists (ACL)
* Sev One
* Firewall Rules and Policy Pushes
* Work collaboratively with multidisciplinary teams to support and operate newly implemented technologies and support existing environments.
* Provide advanced application level support for the resolution of firewall system faults, including system patches and policy pushes
* Leverage network management tools for the identification, prevention and response to security incidents, faults and network outages.
* Participate in the root cause analysis (RCA) investigation of critical network firewall incidents and prepare incident reports documenting the findings. Identify root problem cause, and provide recommendations to improve reliability and availability, or reduce recovery time.
* Proactive identification and reporting of security gaps and vulnerabilities to the critical business information, systems and network infrastructure.
* Provides clear, crisp, and concise technical communication and coordination during medium outage scenarios.
* Directly executes changes, in the network and across systems, focused on deploying new services, implementing changes, and stabilizing products following established change management processes. Accountable for configuration management techniques, post maintenance validation, and excellent communication
* Other duties as assigned.
* Bachelor's Degree in Networking, System Security, Computer Science, or related field.
* Network and/or security certifications such as SANS GIAC, Security+, SSCP or other security certifications, CCNA
* Desired: CISSP
Knowledge and Experience:
* Minimum 2 to 4 years of experience within information security, network security, or firewalls
* Working knowledge of complex networking technologies, including: IPv4 and IPv6 addressing, routing, switching, load balancing, DNS, DHCP, NAT rules and ACLs
* Experience with the following: SSL, TLS, HTTPS, PGP, DES, SSH, SCP, Kerberos, IPSEC, PKI
* Knowledge of complex network operating environments in a large-scale high-availability environment, including remotely-hosted or cloud-based service offerings..
* Experience with information security methodologies.
* In-depth troubleshooting and strong analytic skills.
* Experience with firewall policy creation and rule updates, configuration and troubleshooting; firewall administration experience required.
* Experience with security policy orchestration/rule automation technology.
* Experience with best practice change management procedures.
* Knowledge of industry standards like ISO 27001 and PCI.
* Ability to work under pressure.
* Comfortable with interfacing with other internal or external organizations regarding service failure and incident response situations.
Comcast is an EOE/Veterans/Disabled/LGBT employer