Key skills
PythonBashAWSAzureSplunkServiceNowOWASPCloud Security
About this role
Comcast is a global company providing comprehensive ad platforms for publishers, advertisers, and media buyers. They are seeking a Cybersecurity Site Reliability Engineer to integrate security into software and cloud environments, develop cloud-based security tools, and manage security systems while collaborating with engineering teams.
Responsibilities:
- Work in tandem with engineering teams to integrate security into the software and cloud environments
- Develop cloud-based security tools for cloud systems, including AWS or Azure
- Write automation scripts using Python or Bash
- Manage security systems within Linux or Windows, including applying patches, configuring firewalls, and monitoring for unauthorized changes
- Use Vulnerability Management Tools including Qualys or Rapid7
- Design secure systems and software frameworks using OWASP and NIST Cybersecurity Framework
- Analyze security logs using Splunk and Vector
- Perform secure configuration management using CIS Benchmarks and OPENS Software
- Perform digital asset identification and inventory management using Splunk and ServiceNow
- Write code and scripts to support Infrastructure as code (IaC), configuration management, and automated security implementation and monitoring resolution
- Evaluate, test, and manage endpoint security solutions across a variety of operating systems and container architectures
- Partner with cross-functional engineering teams to deliver security solutions seamlessly into the system/application architecture and environments
- Conduct technical engineering analyses to determine impact of security software or solutions on the application and infrastructure environment, ensuring security enhancements do not impede operational efficiency
- Monitor and tune system performance, ensuring optimal operation while enforcing security measures such as intrusion detection and prevention
- Analyze real-time security data to adjust and optimize system configuration, achieving a balance between security posture and system functionality
- Develop secure automation strategies that enhance infrastructure configuration and management without compromising security
- Engage with software and infrastructure engineers to develop security solutions tailored to application workloads and operational requirements
- Advocate for and implement robust security controls, including but not limited to cloud security, application security, access management, encryption, and endpoint protection
- Provide technical expert guidance on security best practices, fostering a culture of proactive security across engineering disciplines
Requirements:
- Bachelor's degree, or foreign equivalent, in Computer Science, Engineering, or related technical field
- two (2) years of experience developing cloud-based security tools for cloud systems, including AWS or Azure
- writing automation scripts using Python or Bash
- managing security systems within Linux or Windows, including applying patches, configuring firewalls, and monitoring for unauthorized changes
- using Vulnerability Management Tools including Qualys or Rapid7
- one (1) year includes designing secure systems and software frameworks using OWASP and NIST Cybersecurity Framework
- analyzing security logs using Splunk and Vector
- performing secure configuration management using CIS Benchmarks and OPENS Software
- performing digital asset identification and inventory management using Splunk and ServiceNow