Comcast Cybersecurity: Penetration Tester (level 5)

Comcast - Philadelphia, PA

posted 17 days ago

Full-time - Principal
Philadelphia, PA
Broadcasting and Content Providers

About the position

The Principal Penetration Tester at Comcast is a senior role within the Security Assessment Team, responsible for conducting comprehensive security assessments across various platforms, including web applications, networks, mobile, and cloud environments. This position emphasizes collaboration, mentorship, and continuous learning, allowing the individual to take ownership of projects and contribute to enhancing the company's security infrastructure and offensive capabilities.

Responsibilities

  • Perform vulnerability scanning and penetration testing across diverse systems, applications, and environments.
  • Analyze and prioritize findings based on the Common Vulnerabilities and Exposures (CVE) database and the Common Vulnerability Scoring System (CVSS).
  • Execute application penetration tests for APIs, mobile SDKs, cloud environments, and web applications from both open and closed-box perspectives.
  • Contribute to and maintain the team's tools, labs, and attack infrastructure; actively share knowledge through internal wikis and repositories.
  • Lead security research and development efforts and provide technical leadership.
  • Develop remediation strategies and architect solutions to challenging cybersecurity gaps.
  • Effectively communicate findings and recommendations to both technical and non-technical stakeholders, preparing comprehensive reports and presentations.
  • Stay informed on the latest cybersecurity trends, techniques, and vulnerabilities by following industry publications and threat feeds.

Requirements

  • 7+ years of experience in penetration testing with hands-on experience using tools like Burp Suite, Metasploit, Nessus, Nmap, and other security testing tools.
  • Proficiency in cloud platforms - AWS, GCP, Azure and mobile app security testing.
  • Solid understanding of the OWASP Top 10, CVSS, and CVE databases.
  • Scripting experience with Python, Bash, Ruby, C/C++, C#, or Java to automate testing processes and streamline remediation.
  • Strong network and application penetration testing skills, with experience in Linux and Windows environments.
  • Practical experience with networking protocols (IPv4/IPv6), packet capture (PCAP), and advanced techniques like pivoting and tunneling across segmented networks.

Benefits

  • Medical & Dental
  • 401(k) Savings Plan
  • Generous paid time off
  • Life Milestones - from adoption assistance, childcare resources, pet insurance, and more
  • Courtesy Services - free digital TV and internet for full-time employees in serviceable areas
  • Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service