Senior Cybersecurity Engineer
Hackajob
Other Engineering
United States
Posted on Mar 25, 2026
hackajob is collaborating with Comcast to connect them with exceptional professionals for this role.
As a Senior Cybersecurity Engineer, you'll play a critical role in securing applications and network platforms in Comcast's Technology Product organization. This role combines hands-on security engineering with software development, requiring expertise in cloud security, secure development practices, and automation. You'll design and implement security controls, develop security tooling, and mentor teams. This position offers the opportunity to make measurable impact on security posture while collaborating with cross-functional teams in a dynamic, innovation-driven culture.
Core Responsibilities
Designs and implements cybersecurity controls for Secure Development Lifecycle (SDL), cloud infrastructure, and vulnerability management programs
Develops and maintain security automation tools, scripts, and integrations using Python, SQL, and cloud-native services
Conducts secure code reviews in GitHub repositories and assess third-party applications for security vulnerabilities
Provides technical remediation guidance and security architecture consultation to development teams
Builds and operate security monitoring solutions with KPIs to measure program effectiveness
Collaborates with DevOps teams on Infrastructure as Code (IaC) security using Terraform and AWS security services
Mentors team members on security best practices and emerging threats
Drives security initiatives to completion while balancing scope, timeline, and resource constraints
Communicates security risks and technical findings to both technical and executive audiences
Develops and maintains KPIs relating to security initiatives
Ensures program milestones are accomplished and ensures overall committed timelines are met
Required Qualifications
5+ years of experience in cybersecurity engineering or related field
Experience with cloud (AWS required; Azure/GCP a plus)
Hands-on software development: Python, SQL, Shell scripting
Database security and administration experience (PostgreSQL, MySQL, MongoDB)
Experience with Infrastructure as Code (Terraform, CloudFormation)
Strong understanding of vulnerability management lifecycle and CVE remediation
Knowledge of cryptography fundamentals: PKI, encryption standards, certificate management
Experience with authentication protocols: SAML, OAuth, MFA, SSO, OIDC
Proficiency with Linux/Windows system administration and container technologies (Docker, Kubernetes)
Network security fundamentals: firewalls, ACLs, VPNs, security groups
Demonstrated ability to manage multiple security projects simultaneously
Preferred Qualifications
Experience with threat modeling
Experience with secure CI/CD pipeline implementation (GitHub Actions, Jenkins, GitLab, Terraform)
Familiarity with API security (REST, GraphQL) and microservices architectures
Experience with serverless architectures and immutable infrastructure
Experience with Static Code Analysis and Software Composition Analysis tools (Snyk, Coverity, Dependabot)
Knowledge of container security scanning
Experience with Vulnerability Management, Patch Management, CVEs
Familiarity with secrets management (HashiCorp Vault, AWS Secrets Manager)
Experience with security testing frameworks (OWASP, Burp Suite)
Understanding of zero-trust architecture principles
Experience with CIS Benchmarks and Linux/Windows server hardening
Cybersecurity certifications (CISSP, CEH, OSCP, AWS Security Specialty, CCSP)
As a Senior Cybersecurity Engineer, you'll play a critical role in securing applications and network platforms in Comcast's Technology Product organization. This role combines hands-on security engineering with software development, requiring expertise in cloud security, secure development practices, and automation. You'll design and implement security controls, develop security tooling, and mentor teams. This position offers the opportunity to make measurable impact on security posture while collaborating with cross-functional teams in a dynamic, innovation-driven culture.
Core Responsibilities
Designs and implements cybersecurity controls for Secure Development Lifecycle (SDL), cloud infrastructure, and vulnerability management programs
Develops and maintain security automation tools, scripts, and integrations using Python, SQL, and cloud-native services
Conducts secure code reviews in GitHub repositories and assess third-party applications for security vulnerabilities
Provides technical remediation guidance and security architecture consultation to development teams
Builds and operate security monitoring solutions with KPIs to measure program effectiveness
Collaborates with DevOps teams on Infrastructure as Code (IaC) security using Terraform and AWS security services
Mentors team members on security best practices and emerging threats
Drives security initiatives to completion while balancing scope, timeline, and resource constraints
Communicates security risks and technical findings to both technical and executive audiences
Develops and maintains KPIs relating to security initiatives
Ensures program milestones are accomplished and ensures overall committed timelines are met
Required Qualifications
5+ years of experience in cybersecurity engineering or related field
Experience with cloud (AWS required; Azure/GCP a plus)
Hands-on software development: Python, SQL, Shell scripting
Database security and administration experience (PostgreSQL, MySQL, MongoDB)
Experience with Infrastructure as Code (Terraform, CloudFormation)
Strong understanding of vulnerability management lifecycle and CVE remediation
Knowledge of cryptography fundamentals: PKI, encryption standards, certificate management
Experience with authentication protocols: SAML, OAuth, MFA, SSO, OIDC
Proficiency with Linux/Windows system administration and container technologies (Docker, Kubernetes)
Network security fundamentals: firewalls, ACLs, VPNs, security groups
Demonstrated ability to manage multiple security projects simultaneously
Preferred Qualifications
Experience with threat modeling
Experience with secure CI/CD pipeline implementation (GitHub Actions, Jenkins, GitLab, Terraform)
Familiarity with API security (REST, GraphQL) and microservices architectures
Experience with serverless architectures and immutable infrastructure
Experience with Static Code Analysis and Software Composition Analysis tools (Snyk, Coverity, Dependabot)
Knowledge of container security scanning
Experience with Vulnerability Management, Patch Management, CVEs
Familiarity with secrets management (HashiCorp Vault, AWS Secrets Manager)
Experience with security testing frameworks (OWASP, Burp Suite)
Understanding of zero-trust architecture principles
Experience with CIS Benchmarks and Linux/Windows server hardening
Cybersecurity certifications (CISSP, CEH, OSCP, AWS Security Specialty, CCSP)
