This job has expired, please see additional jobs below
Director, Cybersecurity Operations and Services
Comcast
Moorestown, NJ, United States
Job Details - this job has expired, please see similar jobs below
Position Summary:
The Director of Cybersecurity Operations and Service is responsible for the overall execution of the tactical security control and management of Comcast public infrastructure, service delivery and enterprise-wide Information Security assets. This position will ensure all production security controls and technologies operate in compliance with all established polices and SLAs, across all aspects of the security operating framework. This position will oversee the operations of security control and technology management roadmaps, the development and delivery of security tool operating procedures, execution of security change management and 3rd party access request processes, assist with technology and security solution architecture planning and adoption. This position will also oversee the change management function and execution of Comcast Code Signing Service (CCSS) including signing of DOCSIS code. In addition, this position will lead the SSL certificate service that manages the issuing, renewal and revocation of over 2500 SSL certificates that are being used across the entire Comcast footprint.
The Director should have a deep technical understanding of application, host and network security practices. Must be familiar with security industry standards and best practices, and must be able to effectively work with development, engineering and operational counterparts, across a broad deeply technical environment in all security areas common within an IP Carrier Services Provider industry.
This role will forecast and coordinate with engineering counterparts on all aspects of the security solution lifecycle through proof of concept and financial modeling, to solution aging and decommissioning/displacement from operational production environments. The Director will assist their leadership with ensuring all security tools and technology are properly supported, implemented and sufficiently meet the needs for which they are deployed to protect vital network assets and services essential to providing the highest level service to our customers.
Core Responsibilities:
• Oversee the operations and security assurance organization, consisting of direct reports and indirect reports (including FTE employees, contract and MSS staff, external service providers and key technology partners and vendors). This includes hiring, training, staff development, performance management, on-call and crisis/incident support.
• Develop and manage information security budget forecast, expense, and technology, service and vendor roadmaps.
• Liaise with external agencies, such as law enforcement, standards and technology organization, advisory bodies and industry and peer working groups as necessary, to ensure that the organization maintains a strong security posture and technical congruency.
• Work directly with business units to facilitate change requests, code signing and delivery of SSL certificate lifecycle management to ensure compliance with risk management objectives and guidelines, and work with stakeholders throughout the enterprise on identifying acceptable levels of risk.
• Perform all required maintenance, support, administration and break/fix remediation, including root cause analysis, availability and capacity reporting, and routing health and performance monitoring.
• Sustain high-availability service levels and ensure fulfillment of business-wide service levels and operational support objectives.
• Demonstrates continuous effort to improve operational performance, streamline work processes and work cooperatively and provide quality seamless customer service.
• Possess broad knowledge of advanced technology, IP services, ISP operations, Telecommunications and DOCSIS/DAVIC infrastructure.
Education Level: Bachelor's Degree
Field of Study: Computer Engineering or Science, Information Sciences Technology, Cyber Security
Certifications: Relevant cyber security certifications, such as CISSP, CISM and/or PMP are highly desired
Years of Experience: Generally requires 10+ years related experience
Travel: Up to 20%, ability to travel within the Comcast geographic areas, primarily Philadelphia, PA and Moorestown, NJ
Skills and Qualifications:
• A minimum of 10 years of experience in cyber security operations and/or related security areas with at least 8 years of direct people management experience.
• Possess a Bachelor's degree or higher in the field of engineering, computer science or equivalent advance technology field of study
• Experience with ISP, Telephony or Broadband/Narrowband transmission or transport infrastructure
• Large-scale network or systems administration experience administering carrier class based applications or network elements installed on physical and non-physical platforms
• Strong working and practical knowledge of TCP/IP and UDP/IP networking.
• Experience with the following SSL, HTTPS, PGP, AES, DES, SSH, SCP, Kerberos, IPSEC, PKI
• Excellent understanding of the Internet protocol version 4 and 6 suite, e.g. Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow/cflowd and POP3
• Experience with managing and hardening IOS/OS installation, configuration and backup and restoration, including development and management of workflows and operating standards, including design reviews, certification, production acceptance and testing for system commissioning
• Policy creation and rule design and updates for the administration security control systems
• Experience with change management lifecycle, development and regular preparation of management status and key metrics reports
• Should have strong process and procedure ownership experience for audit and control systems
• Technical working knowledge and proficiency with firewalls, proxy, malware detection, network signature-based IDS/IPS, network anomaly detection, mitigation and behavioral analyzers
• Ability to translate cyber security threats from a technical perspective to business-line understanding and execution
Strong knowledge of BSS/OSS technology and other subscribed network service core applications
• Ability to manage extremely technical staff working on very sensitive subject areas and with extremely sensitive information
• Broad technical background including enterprise networking, next generation firewalls, stateless inspection, deep packet inspection, signature and signature less detection, encryption, log aggregation and correlation, security data analytics, , change management, and performance and capacity management
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity
• Must be able to support on-call, escalation and high-paced/ fast tempo operating environments
• Must be a strong communicator with exceptional verbal and written communication skills to translate the vision and strategy into clear priorities and direction, both internally and externally.
Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.