Comcast Eng3, Network Engineering(Arch & Dsgn) in Mount Laurel, New Jersey

Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.

The Data Center Network Engineering team is looking for engineers that can help design, sustain and secure today's infrastructure with an eye towards the future in network virtualization, programmability and application delivery. Integration within the team will allow the engineer to work in a collaborative environment focused on the standards and best practices defined with the following technology: Firewall, Web Application Firewall (WAF), Global Site Load Balancing (GSLB), and Server Load Balancing (SLB).

Main Responsibilities

o Work with application developers to understand application fingerprints and data flows and to configure policy point devices to pass appropriate traffic and only appropriate traffic in concert with existing security policies

o Work with security policy point vendors to evaluate new and emerging products for relevance within Comcast security model

o Understand security zone concepts in the context of a large ISP

o Create layer three drawings for location of, type of, and number of network policy points including but not limited to Firewalls and ACL's creating an appropriate number of trust zones, in concert with existing security policies

o Assist application developers to understand end to end traffic flows and to create and implement troubleshooting and test scripts

o Evaluation of firewall and router logs and traffic routing validating that appropriate traffic is being passed between application elements

o Enhance current security practices and participate in the review of security incidents to identify solutions that will prevent future occurrences.

o Design and refine security processes, and create documentation and training material hold training sessions as required

o Take lead role as assigned on various interdepartmental projects

o Provide advanced technical support for policy point device problems

o Follow Engineering design life cycle with proper documentation handoff to Operations and Implementation groups ensuring that all detailed designs adhere to established network standards

o Maintain consistent records and documentation of all detailed network designs and configuration data

o Keep the appropriate people informed and aware of the status and progress of work activities and business issues that affect the department

Experience:

o At least 5 years of direct experience in the design and comprehensive understanding of IP Security concepts including well-known services, ports, and protocols and socket programming.

o Solid familiarity with at least one, preferably 2 firewall vendors such as F5, Fortinet, and Checkpoint

o Solid familiarity with the following centralized firewall policy managers: F5 BiG-IQ, Fortinet FortiManager, Checkpoint Provider-1

o Solid understanding of Web Application Firewall (WAF) functions and experience designing within a large data center environment: F5 ASM, Fortinet FortiWeb

o Understand well known network exploit techniques such as SYN flooding and IP fragmentation and relevant defense strategies against such attacks.

o Understand centralized authentication authorization and accounting services such as those provided by RADIUS servers and/or certificate authority servers and the integration of such servers into security posture for network elements such as servers, databases and routers.

o Will be cognizant of application and network interactions and impacts such as bandwidth, latency and security.

o Experience mapping business requirements to technology capabilities, identifying gaps and omissions, and designing end-to-end solutions.

o Creative, self-motivated team player willing to take the lead to develop cutting-edge solutions.

o Clear and effective verbal and written communications skills.

o Demonstrated initiative to initiate and build relationships both internally and externally with minimal supervision/direction from management.

o Proven ability to manage multiple tasks/projects as well as to lead small, directed projects.

Job Specification:

- Bachelor's Degree or Equivalent

- Engineering, Computer Science

- Generally requires 5-8 years related experience

Employees at all levels are expect to:

- Understand our Operating Principles; make them the guidelines for how you do your job

- Own the customer experience-think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services

- Know your stuff-be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences

- Win as a team-make big things happen by working together and being open to new ideas

- Be an active part of the Net Promoter System-a way of working that brings more employee and customer feedback into the company-by joining huddles, making call backs and helping us elevate opportunities to do better for our customers

- Drive results and growth

- Respect and promote inclusion and diversity

- Do what's right for each other, our customers, investors and our communities

Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.