Build Your Career in Cybersecurity -
YOUR WAY

Job Summary

This role supports the Comcast Business Enterprise Solutions teams and the

PCI-as-a-Service delivery to customers. Responsible for incorporating

operational and compliance monitoring of security controls and policies, review

of security logs, reconciling security events, escalation of security violations or

lack of timely remediation, risk assessment and risk management principles.

Implements strategies and maintains subject matter expertise on industry best

practices, particularly PCI. Ensures continuous measurement and communication of required metrics. Integrates knowledge of business and functional priorities.

Company Overview

Comcast Business offers a suite of Connectivity, Communications, Networking, Cybersecurity, Wireless, and Managed Solutions to help global organizations of all sizes prepare for what’s next. Powered by the nation’s largest Gig-speed broadband network and backed by 24/7 customer support, Comcast Business is the nation’s largest technology provider to small businesses and one of the leading service providers to the Enterprise market. Comcast Business has been consistently recognized by industry analysts and associations as a leader and innovator, and one of the fastest growing providers of Ethernet services.

• Manage day to day operations and service level agreements from the 3rd party security vendor to meet customer obligations.
• Coordinate the deployment of agents within client environment and work with client and 3rd party security vendor to configure the agent for monitoring of sensitive files and folders and ensure centralized reporting.
• Ensure continuous compliance of controls (e.g. agents continue to report-in, device log health, etc.)
• Review daily log file reports from 3rd party security vendor and highlight potential errors or anomalies. Investigate and escalate issues to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope.
• Review or conduct internal vulnerability scans for new rogue devices or failed scans. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Review monthly external monthly vulnerability scans. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Coordinate annual internal and external penetration tests with client and 3rd party security vendor. Escalate to relevant information security, technology, operations team within Comcast for Comcast managed devices, or escalate to client for devices outside of Comcast managed services scope. Launch or work with 3rd party security vendor to launch maintenance scans to ensure passing scans. Summarize status, findings and trends to internal and external leadership.
• Work directly with customers to understand and resolve issues, building strong client relationships; Translate complex technical issues into simple terms for customers.; Communicate confidently with customers or internal team members (e.g., sales, product, engineering, project, and development teams) to ensure customer satisfaction.
• Coordinate annual Self-Assessment Questionnaire (SAQ) PCI-DSS requirement with clients and 3rd party security vendor. Provide on-demand SAQ portal support to clients in coordination with 3rd party security vendor. Report status, findings and trends to internal and external leadership.
• Coordinate system accessibility for Comcast and Client, and ensure access is appropriate and managed.
• Create or contribute to the development of policies and procedures related to assigned information security processes. Develops consistent and repeatable processes to support day to day operations and meet service levels. Develops, publishes, and communicates operating procedures and guidelines along, with any relevant policies and standard to support the assigned information security processes.
• Compile metrics for key processes to allow for accurate status reporting and trending to assist in review of current processes and identify areas for performance/continuous improvement.
• Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
• Other duties and responsibilities as assigned.
• Ability to travel up to approximately 15% (Domestic USA)

Required Qualifications:

• Hands-on experience with the remediation of security vulnerabilities
• Excellent written and verbal communication skills
• High level of attention to detail when working with various data formats, ensuring data integrity throughout the process.
• Ability to consume large amounts of data in various forms and have proficiency in data collection, processing, and analysis using tools such as Excel, custom tools, and other data analytics platforms.
• Ability to analyze large data sets for trends, inconsistencies and insights, and translating them into actionable recommendations.
• Excellent problem-solving and troubleshooting skills, including experience diagnosing, troubleshooting, and resolving issues efficiently (e.g. performing/tracking RCAs and identifying/ resolving bottlenecks.
• Expertise in advanced Excel functionalities (e.g., VLOOKUPs, Pivots, complex formulas) and the ability to write scripts (e.g., Python, VB) to automate repetitive tasks is a plus
• Organizational skills to manage status, documentation and updates across various stakeholders
• Must take PCI DSS certification within first 6 months of employment. Familiarity with other security/industry standards (e.g., NIST, CVSSv3, OWASP etc.)

Preferred Qualifications:

• Bachelor's Degree
• CISA, CISM, CISSP, ISA, or PCIP certifications
• 5-7 years of relevant work experience

About Our Perks & Benefits:

We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.

Here's a look at just some of the perks and benefits we make available to our US-based employees:

• Medical & Dental
• 401(k) Savings Plan
• Generous paid time off
• Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
• Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
• Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.

Learn more at jobs.comcast.com/life-at-comcast/benefits

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.

Disclaimer:

This position is unable to provide work authorization sponsorship or immigration support now or in the future.

This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Comcast is an EOE/Veterans/Disabled/LGBT employer.

Compensation

National Pay Range: $67,344.96 USD-$157,839.75 USD

Comcast intends to offer the selected candidate base pay dependent on job-related, non-discriminatory factors such as experience. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Comcast will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law, including the Los Angeles Fair Chance Initiative for Hiring Ordinance and the San Francisco Fair Chance Ordinance.

Summary

We are seeking a talented Developer with a strong background in Python programming and database architecture to join our team. You will play a key role in designing, developing, and maintaining our backend systems, ensuring data integrity and efficient performance.

Company Overview

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You'll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

• Design and implement database schemas using SQL Server, MySQL, or PostgreSQL
• Utilize Python libraries (Pandas, NumPy) for data manipulation and analysis
• Possess a basic understanding of user interfaces and design principles (HTML, etc.)
• Automate tasks and processes using scripting languages (Bash, Shell)
• Collaborate effectively with developers, designers, and other teams to deliver projects on time
• Effectively troubleshoot and resolve technical issues related to code and databases
• Clearly document and explain technical concepts to both technical and non-technical audiences

Required Qualifications:

• Must have experience maintaining full stack web applications using Python and relevant frameworks (Django, Flask)
• 6-8 years of experience with Python programming
• Familiarity with Python libraries such as Pandas and NumPy
• An understanding of database design principles and SQL
• Linux experience
• Experience with relational databases like SQL Server, MySQL, or PostgreSQL
• Familiarity with scripting languages (Bash, Shell)

Preferred Qualifications:

• Experience with cloud platforms like AWS or Azure (a plus)
• Design, develop, and maintain clear, concise, and visually appealing dashboards using Tableau best practices
• Leverage your analytical skills to identify trends and insights from data visualizations
• Collaborate with business stakeholders to understand their needs and translate them into actionable dashboards
• Prepare data for visualization, including cleaning, transforming, and creating calculated fields
• Build and maintain data connections to various data sources
• Conduct unit testing to ensure the accuracy and functionality of dashboards
• Stay up-to-date on the latest Tableau features and best practices

• We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.

• Here's a look at just some of the perks and benefits we make available to our US-based employees:

• Medical & Dental

• 401(k) Savings Plan

• Generous paid time off

• Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.

• Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.

• Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.

• This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications.

• We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance, and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially, and emotionally through the big milestones and in your everyday life.

• Please visit the benefits summary on our careers site for more details.

• Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.

• This position is unable to provide work authorization sponsorship or immigration support now or in the future.

• Comcast is an EOE/Veterans/Disabled/LGBT employer.

TITLE: CIAM ARCHITECT

STATUS: EXEMPT

REPORTS TO: VP - IT DIGITAL PLATFORMS

DEPARTMENT: IT - DIGITAL PLATFORM DELIVERY

JOB CODE: 11726

PAY RANGE: $137,300.00 - $150,000.00 ANNUALLY

GENERAL DESCRIPTION:

The CIAM Architect leads the Credit Union’s Customer Identity and Access Management (CIAM) initiatives. The architect will be responsible for designing, implementing, and managing CIAM solutions to ensure secure and seamless member experiences across our digital platforms. The architect will work with internal stakeholders and vendor partners responsible for managing user identities, access controls, and authentication processes.

The ideal candidate will have a strong background in customer identity and access management, digital banking platforms, cybersecurity, and project management, with a focus on delivering solutions that meet business objectives while maintaining compliance with regulatory standards.

• Stay updated on emerging trends, technologies, and best practices in CIAM, security, and identity management domains through self-study, training, and participation in relevant industry forums and events.
• Develop and design CIAM solutions that integrate with existing identity and access management systems. Work with internal infrastructure, application, business and external third-party teams for identity related integrations.
• Ensure the architecture supports scalability and performance for handling large volumes of customer identities.
• Create seamless user experiences for customer registration, login, and account management.
• Design multi-factor authentication (MFA) and adaptive authentication mechanisms to enhance security.
• Monitor system performance and user activity to identify and address potential security threats or usability issues.
• Regularly update and maintain the CIAM system to adapt to changing business needs and technological advancements.
• Create documentation for system architecture, processes, and user guides.
• Provide training and support to teams using the CIAM system to ensure effective implementation and usage.
• Work with cross-functional teams, including developers, security experts, and business stakeholders, to align CIAM solutions with organizational goals.

EDUCATION: A bachelor's degree in computer science, information technology, cybersecurity, or a related field is preferred.

EXPERIENCE:

• At least 8 years of experience in Information Technology with a focus on customer identity and access management. Experience working in the financial services industry is strongly preferred.
• Proven experience leading CIAM implementation projects, including requirements analysis, solution design, implementation, testing, and deployment, with strong project management skills. Ability to work in an agile environment, following scrum methodology is preferred.
• Hands-on experience with PingOne Advanced Identity Cloud (formerly known as ForgeRock Identity Cloud) is required.

KNOWLEDGE / SKILLS:

• Technical Skills: Proficiency in identity protocols and standards (OAuth, OpenID Connect, SAML, LDAP, SCIM), CIAM platforms (ForgeRock/Ping), and integration technologies (APIs, SDKs).
• Security Knowledge: Deep understanding of cybersecurity and IAM principles, including authentication methods, authorization, federation, access control mechanisms, encryption, and secure coding practices, and user lifecycle management, with the ability to translate business requirements into effective IAM solutions.
• Compliance Expertise: Knowledge of privacy regulations (e.g., GDPR, CCPA) and industry standards (e.g., ISO 27001, NIST) related to customer data protection and compliance requirements.
• Communication Skills: Excellent verbal and written communication skills, with the ability to effectively communicate technical concepts to both technical and non-technical stakeholders. Familiar with the suite of Office products in relation to presenting ideas and documenting processes.
• Analytical Thinking: Strong analytical and problem-solving skills, with the ability to analyze complex issues, identify root causes, and propose effective solutions, proactively mitigate risks, and optimize CIAM processes for scalability and efficiency.
• Customer Focus: A customer-centric mindset with a focus on delivering solutions that enhance user experience while ensuring security and compliance.
• Adaptability: Ability to adapt to changing business requirements, technology landscapes, and security threats, with a continuous learning mindset to stay updated on industry trends and best practices.

LICENSES/CERTIFICATIONS:

A current certification in PingOne Advanced Identity Cloud (formerly known as ForgeRock Identity Cloud) is required

PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASKS:

• Effective oral and written communication skills required to assure the ongoing security and protection of Golden 1’s Information Technology and information assets.
• Must possess sufficient manual dexterity to skillfully operate an on-line computer terminal and other standard office equipment, such as financial calculators, personal computer, facsimile machine and telephone.

ORGANIZATIONAL CONTACTS & RELATIONSHIPS:

• INTERNAL: All levels of staff and management.
• EXTERNAL: Volunteers, external auditors, professional and community organizations, and law enforcement agencies.

PHYSICAL REQUIREMENTS:

• Prolonged sitting throughout the workday with occasional mobility required.
• Corrected vision within the normal range.
• Hearing within normal range. A device to enhance hearing will be provided if needed.
• Occasional movements throughout the department daily to interact with staff, accomplish tasks, etc.
• Unusually long work hours may be required to accomplish tasks.

THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY DUTIES TO BE PERFORMED BY THIS EMPLOYEE. HE OR SHE WILL BE REQUIRED TO FOLLOW OTHER INSTRUCTIONS AND TO PERFORM OTHER DUTIES REQUESTED BY HIS OR HER SUPERVISOR THAT ARE WITHIN HIS / HER KNOWLEDGE, SKILL AND ABILITY AS WELL AS HIS / HER MENTAL AND PHYSICAL ABILITIES.

REV. 11/13/2024