Comcast Cybersecurity: Information Security Analyst 3
PA - Philadelphia, 1701 John F Kennedy Blvd
Job SummaryThe Security Compliance Analyst will work with other Security Governance, Risk and Compliance (GRC) personnel, cybersecurity teams, and system/application owners to manage and maintain compliance data for monitoring compliance and facilitating non-compliance remediation and risk mitigation efforts.
- Engages with the Security Compliance and Governance teams to gain a deep understanding of regulatory standards, such as PCI and SOX
- Collaborates with security control providers to comprehend how control implementation aligns with corresponding compliance requirements.
- Works closely with security control providers and GRC teams to collect and manage compliance data efficiently.
- Collaborates with application/system owners and other stakeholders to collect and manage evidence, streamlining the compliance assessment process
- Coordinates with the applicable GRC team to communicate backend compliance reporting requirements, ensuring clear and effective information flow.
- Employs existing and designs new techniques to collect, manage, and track compliance data accurately and generate high- and low-level compliance.
- Tracks non-compliance remediation and risk mitigation efforts directed by the GRC, ensuring timely and effective resolution.
- Provides support in the publishing of periodic program metrics, covering overall compliance and monitoring initiatives.
Education Level: Bachelor’s Degree or Equivalent in technical discipline
Years of Experience: 5+ years of relevant experience in information security/compliance, including 2+ years of data analysis. (3 – 5 years of relevant experience in information security/compliance, including 1+ years of data analysis is acceptable)
- Deep understanding of cybersecurity principles and experience working with security frameworks and compliance standards such as PCI DSS, SOC 2, NIST, CIS Controls, ISO 27001 etc.
- Experience supporting security assessments, including compliance evaluation, evidence management, and alignment with control requirements.
- A robust technical background in information systems, including network and system architecture.
- Detail-oriented mindset with the ability to collect, manage, and track data accurately.
- Proficiency in using GRC tools and generating high- and low-level compliance reports.
- Effective communication skills, capable of conveying compliance requirements to both technical and non-technical stakeholders.
- Knowledge of GRC-directed non-compliance remediation processes.
- Strong analytical and problem-solving skills.
Nice to have skillset
- Proficiency in utilizing tools like project management tools like excel, power BI etc., handling and analyzing large datasets, and adeptly managing and tracking multiple priorities.
- Intermediate knowledge of networks & systems
- Intermediate knowledge of Excel – knowledge of vlookups and pivot tables a plus
- Understanding of SQL and database queries a plus
- Possesses knowledge of vulnerability scanning tools and offers guidance for effectively mitigating security vulnerabilities.
- Efficient writing skills and ability to produce compliance reports and detailed documentation.
- Having certifications such as Security Plus, CISSP, and related qualifications is beneficial.
About Our Perks & Benefits:
We are determined to create an environment where our employees feel valued, understand our business goals, and are motivated.
Here's a look at just some of the perks and benefits we make available to our US-based employees:
- Medical & Dental
- 401(k) Savings Plan
- Generous paid time off
- Life Milestones - from adoption assistance, childcare resources, pet insurance, and more, Comcast supports you at all life stages.
- Courtesy Services - We offer all of our full-time employees in serviceable areas free digital TV and internet.
- Discount tickets for Universal Resorts, including theme park tickets and onsite hotel rooms.
Learn more at jobs.comcast.com/life-at-comcast/benefits
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request an accommodation.
- This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.
Please visit the benefits summary on our careers site for more details.
EducationBachelor's DegreeWhile possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Certifications (if applicable)
Relative Work Experience5-7 YearsComcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Principal Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open C-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs