Comcast's Technology & Product organization works at the intersection of media and technology. Our innovative teams are continually developing and delivering products that transform the customer experience. From creating apps like TVGo to new features such as the Talking Guide on the X1 platform, we work every day to make a positive impact through innovation in the pursuit of building amazing products that are enjoyable, easy to use and accessible across all platforms. The team also develops and supports our evolving network architecture, including next-generation consumer systems and technologies, infrastructure and engineering, network integration and management tools, and technical standards.
Can you manage multiple complex priorities and competing agendas without express authority over delivery teams?
Are you able to translate the needs of the business into actionable activities for the information security team?
Do you have a track record of successfully overseeing implementation of security programs across the enterprise?
Can you exercise professional skepticism when identifying and assessing risk?
If yes, we want to hear from you!
IN THIS ROLE
Reporting to Comcast's Vice President, Security Solutions Delivery, you will be working with some of the leading security experts as well leaders of the Comcast Business units, your job will be to oversee the execution of Information Security Risk Management practices across all Comcast business units. As a trusted advisor, you will need to understand the requirements of the business, find acceptable, cost-effective solutions that meet security goals, and communicate the importance of information security to all levels of the business. In addition, you will ensure the business complies with all Information Security Policies and continuously monitor and report on risks
WHAT YOU WILL DO
- Oversee the establishment and execution of the Information Security Program within each business
- Oversee the integration of security risks within the enterprise operational risk framework
- Perform annual information security risk assessments; report risks and remediation plans at the business until level
- Actively participate in the information security incident response process; help shape remediation plans
- Ensure all applications and systems within each business adhere to the Access Management strategy; establish user access logs to monitor critical data access, including PII.
- Build a T&P Security Product and Service catalog and work with the BISO team and the rest of the T&P security team to keep it updated at a bi-annual cadence.
- Review and provide input into the Information Security Policy and Standards
- Establish reporting on the state and efficacy of security controls for the business units
- Ensure clear lines of communication between Business Units and the security team
- Secure ongoing funding for special/complex security projects
- Evangelizing security awareness across the business
WHAT SUCCESS LOOKS LIKE
- Increased levels of security across designated Business Unit AMB
- Improved compliance with security standards and policies across Business Unit teams AMB
- Greater awareness of information security and data privacy requirements (globally)
- Adoption of Enterprise Information Security Standards throughout the business environment
WHAT YOU SHOULD POSSESS
- Ability to interpret and apply policies and regulations across a large, complex business
- Analytical aptitude, investigative and critical questioning nature; data-driven decision making skills
- Excellent interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Project management experience
- Strong understanding of audit/risk management methodologies and regulatory requirements for information security, privacy and data security
- CISSP, CISM, GIAC, OSCP or other relevant security certifications
WHAT YOU CAN EXPECT
- A cool and casual work environment where you will sharpen and showcase your skills within a team focused on beating cyber criminals
- A place that values results and teamwork, mentors our people, and supports individuals as they pave their own way to success
- A culture of continuous learning and innovation with formal and informal learning and growth opportunities
WHAT WE REQUIRE
- Bachelor's Degree or equivalent experience
- 10+ years of information technology, IT project/program management, or cyber security related experience.
- Ability to travel as needed.
- Discipline to handle confidential matters with appropriate sensitivity
- Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
- Other duties and responsibilities as assigned
Comcast is an EOE/Veterans/Disabled/LGBT employer