Analyst 3, Compliance

Comcast Hudson, NH

About the Job

Business Unit:

Job Summary:
Responsible for incorporating operational and compliance monitoring of
security controls and policies, review of security logs, reconciling
security events, escalation of security violations, risk assessment and
risk management principles. Supports the IT Policy and Compliance office
and provides technical and collaborative incident responses for IT
Security Operations. Has in-depth experience, knowledge and skills in
own discipline. Usually determines own work priorities. Acts as resource
for colleagues with less experience.

Employees at all levels are expect to:

- Understand our Operating Principles; make them the guidelines for how
you do your job
- Own the customer experience-think and act in ways that put our
customers first, give them seamless digital options at every touchpoint,
and make them promoters of our products and services
- Know your stuff-be enthusiastic learners, users and advocates of our
game-changing technology, products and services, especially our digital
tools and experiences
- Win as a team-make big things happen by working together and being
open to new ideas
- Be an active part of the Net Promoter System-a way of working that
brings more employee and customer feedback into the company-by joining
huddles, making call backs and helping us elevate opportunities to do
better for our customers
- Drive results and growth
- Respect and promote inclusion and diversity
- Do what's right for each other, our customers, investors and our

Core Responsibilities:
- Oversees and assists with internal and external IT/security audit
program development, coordination, and remediation. Coordinates
internal/external vulnerability scans and assessments. Reviews results
and tracks remediation.
- Ensures evidence collection methods are conducted, managed, and
archived in a manner consistent with provided guidelines, to maintain
preservation and protection of data and evidence.
- Creates policies and procedures related to the Information Security
processes. Provides security requirements support for new projects and
technology initiatives.
- Inspects the state of IT security controls, routinely reviews security
logs, responds to security alerts, reconciles security events,
escalates policy violations, assists with IT forensic investigations,
and inspects security configurations of IT systems.
- Develops consistent and repeatable processes to increase efficiency of
tasks and other requests. Summarizes investigation findings for
higher-level investigators and/or management.
- Works diligently with other parties to ensure security and compliance
issues are addressed and resolved in a timely fashion.
- Compiles metrics for information security incidents and requests to
allow for trending to assist in reviews of current processes, identify
awareness needs, and facilitate measurement of continuous improvement.
- Ensures security controls are properly administered and maintained.
Participates in the implementation of IT security controls aiming at
protecting company information assets. Performs regular risk analysis to
proactively identify and assesses potential items of risk and
opportunities of vulnerability in the IT environment.
- Maintains compliance programs, IT Exception reviews, audit comment
closure, and continuous monitoring activities.
- Develops, publishes, and communicates Security Operating procedures
and guidelines along with IT policies and standards.
- Consistent exercise of independent judgment and discretion in matters
of significance.
- Regular, consistent and punctual attendance. Must be able to work
nights and weekends, variable schedule(s) as necessary.
- Other duties and responsibilities as assigned.

Job Specification:
- Bachelors Degree or Equivalent
- Field of Study-Information Science Technology, Preferred
- Certifications- CISSP Preferred, CISA Preferred
- Generally requires 5-7 years related experience

Comcast is an EOE/Veterans/Disabled/LGBT employer