Posted:
11/7/2024, 4:00:00 PM
Location(s):
Philadelphia, Pennsylvania, United States ⋅ Pennsylvania, United States
Experience Level(s):
Mid Level ⋅ Senior
Field(s):
IT & Security
Workplace Type:
Hybrid
Job Summary
We are looking for an experienced Principal Penetration Tester (Engineering Level 5) to join our Security Assessment Team. In this role, you will be responsible for conducting a variety of security assessments, including web application, network, mobile, and cloud penetration testing, as well as participating in red team exercises. You’ll also contribute to ongoing efforts to strengthen our security infrastructure and offensive capabilities.Job Description
Key Responsibilities:
Perform vulnerability scanning and penetration testing across diverse systems, applications, and environments.
Analyze and prioritize findings based on the Common Vulnerabilities and Exposures (CVE) database and the Common Vulnerability Scoring System (CVSS).
Execute application penetration tests for APIs, mobile SDKs, cloud environments and web applications from both open and closed-box perspectives.
Contribute to and maintain the team’s tools, labs, and attack infrastructure; actively share knowledge through internal wikis and repositories.
Lead security research and development efforts and provide technical leadership.
Develop remediation strategies and architect solution to challenging cybersecurity gaps.
Effectively communicate findings and recommendations to both technical and non-technical stakeholders, preparing comprehensive reports and presentations.
Stay informed on the latest cybersecurity trends, techniques, and vulnerabilities by following industry publications and threat feeds.
Qualifications:
7+ years of experience in penetration testing with hands-on experience using tools like Burp Suite, Metasploit, Nessus, Nmap, and other security testing tools.
Proficiency in cloud platforms - AWS, GCP, Azure and mobile app security testing.
Solid understanding of the OWASP Top 10, CVSS, and CVE databases.
Scripting experience with Python, Bash, Ruby, C/C++, C#, or Java to automate testing processes and streamline remediation.
Strong network and application penetration testing skills, with experience in Linux and Windows environments.
Practical experience with networking protocols (IPv4/IPv6), packet capture (PCAP), and advanced techniques like pivoting and tunneling across segmented networks.
We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.
Here's a look at just some of the perks and benefits we make available to our US-based employees:
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.
*This position is unable to provide work authorization sponsorship or immigration support now or in the future.*
Comcast is an EOE/Veterans/Disabled/LGBT employer.
Skills
Cybersecurity, Information Security, Python (Programming Language), Vulnerability ManagementWe believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.
Please visit the benefits summary on our careers site for more details.
Education
Bachelor's DegreeWhile possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.Certifications (if applicable)
Relative Work Experience
10 Years +Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.Website: http://corporate.comcast.com/
Headquarter Location: Philadelphia, Pennsylvania, United States
Employee Count: 10001+
Year Founded: 1963
IPO Status: Public
Last Funding Type: Grant
Industries: Internet ⋅ Telecommunications ⋅ TV ⋅ Video ⋅ Web Hosting