Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. **Job Summary** Responsible for planning and designing new software and web applications. Analyzes, tests and assists with the integration of new applications. Oversees the documentation of all development activity. Trains non-technical personnel. Assists with tracking performance metrics. Provides guidance and support to other Engineers. Integrates knowledge of business and functional priorities. Acts as a key contributor in a complex and crucial environment. May lead teams or projects and shares expertise. **Job Description** **Core Responsibilities** + Perform vulnerability scanning and penetration testing across diverse systems, applications, technologiesand environments. + Identifyprogram improvement opportunities and develop processes to mature and scale the Pen Testing program. + Present thought leadership in new and emerging advanced security trends, vulnerabilities and attack techniques. + Lead security research and development efforts and provide technical leadership. + Develop remediation strategies and architect solution to challenging cybersecurity gaps. + Execute application penetration tests for APIs, mobile SDKs, cloud environments and web applications from both open and closed-box perspectives. + Analyze and prioritize findings based on the Common Vulnerabilities and Exposures (CVE) database, the Common Vulnerability Scoring System (CVSS) and internal Risk Rating system. + Contribute to and maintain the team’s tools, labs, and attack infrastructure; actively share knowledge through internal wikis and repositories. + Effectively communicate findings and recommendations to both technical and non-technical stakeholders, preparing comprehensive reports and presentations. + Stay informed on the latest cybersecurity trends, techniques, and vulnerabilities by following industry publications and threat feeds. **Employees at all levels are expected to:** + 12+ years of experience in penetration testing with hands-on experience using tools like Burp Suite, Metasploit, Nessus, Nmap, etc. + Extensive experience in strategic planning and executing large-scale, enterprise-wide security initiatives to address complex security challenges. + Proven experience in leading security research and development initiatives. Contributions such as research publications, CVEs, CTF participation, and conference presentations are considered valuable additions. + Demonstrated ability to work independently on complex assessments while collaborating with cross-functional teams. + Proven expertise in mentoring and providing guidance to junior team members.Advanced proficiency in cloud platforms - AWS, GCP, Azure and mobile app security testing. + Complete understanding of the OWASP Top 10, CVSS, and CVE databases. + Strong scripting experience with Python, Bash, Ruby, C/C++, C#, or Java to automate testing processes and streamline remediation. + Hands-on experience with Kubernetes and a solid understanding of hardware communication protocols (e.g., I2C, SPI, UART) are a plus. + Strong analytical, problem-solving, and communication skills, with attention to detail and a proactive mindset. + Strong presentation skills + Certifications such as: OSCP, OSWA, OSWE or similar. **Disclaimer:** + This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. **Comcast is an EOE/Veterans/Disabled/LGBT employer.** Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary (https://jobs.comcast.com/benefits) on our careers site for more details. **Education** Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. **Relevant Work Experience** 10 Years +, 5-7 Years, 2-5 Years, 0-2 Years, 15 Years +, 7-10 Years **Job Family Group:** Engineering