Comcast Cybersecurity: Cybersecurity Incident Response Engineer

Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)

Job Summary

Comcast’s Security Incident Response Team (SIRT) is the frontline defense against cyber threats, safeguarding millions of customers and critical infrastructure. Joining our team means working with cutting-edge technologies like SOAR (Security Orchestration Automation and Response), advanced threat intelligence platforms, and cloud-native security tools to tackle complex, high-impact incidents. What sets us apart is the scale and sophistication of our environment—few organizations offer the opportunity to respond to threats at this magnitude while driving innovation in automation, orchestration, and proactive threat hunting. We’re not just reacting; we’re shaping the future of security operations with initiatives like AI, streamlined playbooks, and cross-functional collaboration across engineering and legal teams. If you’re passionate about solving real-world security challenges, making measurable impact, and growing your expertise in a dynamic, high-performance culture, SIRT at Comcast is where you want to be.

Job Description

This position is ineligible for visa sponsorship.  To be considered for this role, you must be legally authorized to work in the United States and not require sponsorship for employment now or in the future.

Core Responsibilities

• Monitors networks for security events and alerts to potential/active threats, intrusions, and/or compromises.
• Restores environment after an incident and ensures that the managed security service has thorough detection capabilities in place for emerging threats.
• Performs service requests from internal/external teams.
• Maintains an advanced understanding of cyber security threats, vulnerabilities, attacks, responsible groups, motivations and techniques.
• Continues to assess the evolving threats and new technologies, solutions, and services to stay ahead of them through research.
• May perform documentation, vetting and weaponization of identified vulnerabilities for operational use.
• Evaluates event flows to identify common risks and vulnerabilities to develop and implement solutions.
• Assists with security audits, risk analysis, network forensics and penetration testing.
• Provides assistance in monitoring the security of all designated networks and systems.
• May prepare detailed incident reports and technical briefs for the IT security team.
• Conducts After Action Reviews (AAR)  to improve the response process including updating playbooks.
• Familiarizes self with company goals and strategies in order to achieve short-term goals with resolution.
• Strives to achieve personal goals and those set forth by management.
• Consistent exercise of independent judgment and discretion in matters of significance.
• Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
• Other duties and responsibilities as assigned.

Requirements (2–5 years of experience):

• Proven experience leading or supporting incident response activities
• Ability to review and interpret logs to identify potential attacks or anomalies
• Strong analytical skills to recognize evolving attack patterns and adapt response strategies
• Hands-on experience identifying and mitigating phishing attempts
• Skilled in interpreting different types of attacks across various log sources
• Ability to validate and assess Indicators of Compromise for accuracy and relevance
• Solid understanding of network protocols and architecture
• Experience analyzing Windows and Linux environments for security threats
• Familiarity with securing cloud platforms and services
• Experience with Security Information and Event Management (SIEM) platforms for monitoring and analysis
• Knowledge of Endpoint Detection and Response (EDR) tools and processes for endpoint security
• Understanding of authentication mechanisms and identity management
• Ability to analyze and secure endpoints across diverse environments
• Strong verbal and written communication skills for clear reporting and collaboration
• Ability to work effectively within cross-functional teams in fast-paced environments

Employees at all levels are expected to:

• Understand our Operating Principles; make them the guidelines for how you do your job.
• Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
• Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
• Win as a team - make big things happen by working together and being open to new ideas.
• Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
• Drive results and growth.
• Support a culture of inclusion in how you work and lead.
• Do what's right for each other, our customers, investors and our communities.

Disclaimer:

This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.

Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Comcast will consider for employment applicants with arrest or conviction records in accordance with the requirements of applicable law, including the San Francisco Fair Chance Ordinance, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Please note that federal state, or local laws and regulations may restrict or prohibit Comcast from hiring individuals convicted of certain crimes. Additionally, an applicant’s criminal history may have a direct, adverse, and negative relationship on the job duties of this position, which may result in the withdrawal of a conditional offer of employment.

Skills:

Log Analysis; Cyber Incident Response; Critical Thinking; Anti-Phishing

Salary:

National Pay Range: $59,512.60 USD-$139,482.65 USD Illinois Pay Range: $63,232.13 USD - $122,744.73 USD Colorado Pay Range: $66,951.67 USD - $128,324.03 USD Hawaii Pay Range: $78,110.28 USD - $117,165.42 USD Washington DC Pay Range: $85,549.36 USD - $128,324.03 USD Maryland Pay Range: $70,671.21 USD - $128,324.03 USD Minnesota Pay Range: $66,951.67 USD - $117,165.42 USD New York Pay Range: $70,671.21 USD - $139,482.65 USD Washington Pay Range: $66,951.67 USD - $133,903.34 USD California Pay Range: $66,951.67 USD - $139,482.65 USD New Jersey Pay Range: $74,390.74 USD - $133,903.34 USD Vermont Pay Range: $70,671.21 USD - $111,586.12 USD Massachusetts Pay Range: $74,390.74 USD - $133,903.34 USD

Comcast intends to offer the selected candidate base pay within this range, dependent on job-related, non-discriminatory factors such as experience. The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

Education

Bachelor's Degree

While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

Relevant Work Experience

2-5 Years