Comcast Executive Director, Vulnerability Management in Philadelphia, Pennsylvania
Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
We are looking for an experienced cybersecurity technologist/leader to help lead Comcast's Product Security and Privacy practice. This leader will collaborate with the organization's key stakeholders and the broader Comcast community to develop and deliver upon a security strategy to identify and address areas of risk and ensure the protection of customer and internal data. She/he will leverage their technical expertise and strong business acumen to define objectives, and establish priorities, and appropriate milestones in the development and management of a security strategy, specifically Vulnerability Management. This leader should have broad knowledge/experience in a number of areas related to technology and cyber security. This leader must have broad knowledge/experience in technology and cyber security, use a collaborative approach in influencing senior leadership and their teams in the prioritization of security remediation, and be comfortable/successful in a fast-moving technical environment. The ideal candidate will be collaborative and be comfortable/successful in a fast-moving technical environment. This individual will be a forward-thinking security leader who is dedicated to a rigorous and thoughtful approach to security that is able to be implemented at scale.
- Drive/create the approach to information security that addresses potential vulnerabilities within software product development, software supply chain, technology partnerships and ecosystem
- Drive vulnerability management operations across Comcasts' expansive footprint to ensure timely remediation. This includes asset management, scanning, patch management, vulnerability assessment/tracking, remediation engineering and reporting.
- Build and lead a team of technologists, some of whom will be embedded in product development teams.
- Remain ahead of the curve in terms of security engineering/security related technology and tools.
- Oversight for reporting on metrics, KPIs and SLAs.
- The ideal candidate will be an experienced security technology leader with a strong business acumen. This person will have a passion for leading/influencing teams, improving processes and identifying/executing new secure engineering practices that drive product security innovation.
- A proven track record delivering on a transformation and implementation of a secure engineering best practices throughout the product development process.
- This executive will have a strong grasp in all aspects of security disciplines, demonstrated success with mitigating risks and security threats with solutions that are cost effective, compliant, flexible, and as transparent as possible.
- The ability to empower, collaborate, motivate trust and confidence for his/her security change management program to win the confidence of key stakeholders in a matrixed environment.
- Deep subject matter expertise in the areas of vulnerability management, info security, threat modeling, secure development life cycle, Public Key Infrastructure (PKI), secure engineering practices, and related emerging best practices.
- 15 years of experience in a secure product engineering, software security product development, and/or software/hardware product security with 5 years of leadership experience.
- Proven ability to communicate with technology and business leaders.
- Bachelor's degree in related field, master's preferred.
- Exceptional oral and written communication skills.
- Advanced security certifications (CISSP, CSSLP, OSWE, CASS, GPEN, CEH or CISM) are appreciated.
Comcast is an EOE/Veterans/Disabled/LGBT employer