Enterprise Key Management Implementation Engineer

Comcast Moorestown, NJ

About the Job

Business Unit:

Comcast Technology and Product Security (T&PS) is looking for a developer (DevOps) to support integration of high-risk applications (e.g. payment processing) to our Enterprise Key Management (EKM) platform for managing the lifecycle of keys used for encrypting sensitive data. The key management lifecycle includes issuance of new keys, renew or revoke existing keys, etc. This "Principal" developer position is within the Data Protection team and will be responsible for writing API code for application integrations. Work collaboratively with business units for seamless integration of their applications with the centralized EKM platform. Should have experience coding/configuring on different platforms (Databases, JAVA applications). Act as a key contributor in a complex and crucial environment. Provide technical leadership, design guidance and mentorship to junior team members. Define long-term technology roadmaps and ensures compliance with all internal and external policies and standards.

Key Responsibilities:

Ensure programs are envisioned, designed, developed, and implemented across the enterprise to meet business needs
Subject Matter Expert (SME) for designing and architecting solutions to handle future growth and implement new functionalities as they become available
Manage and maintain existing key management infrastructure
Plan for and execute upgrades to the key management environment
Investigate current key management technologies in use at Comcast
Understand market drivers and directions in key management
Maintain key management architectural and technical roadmaps
Monitor current and future trends, technology and information that will positively affect organizational projects; applies and integrates emerging technological trends to new and existing systems architecture
Responsible for interacting with Comcast business units and socializing EKM program with business stakeholders. Partner closely with business units to ensure security program goals and objectives are well understood
Understanding of encryption key management and the ability to educate the application owners and developers on the appropriate path to EKM
Understand the application architecture and the pros/cons of different methods of integration with EKM platform (Web Services vs API)
Understand encryption within databases and help integrate with EKM
Understanding client requirements and how they translate to new application features
Design creative prototypes according to specifications
Write high quality source code to program complete applications within deadlines
Perform unit and integration testing before launch
Conduct functional and non-functional testing
Troubleshoot and debug applications
Evaluate existing applications to reprogram, update and add new features
Develop technical documents and handbooks to accurately represent application design and code
Lead technical bridges and provides troubleshooting direction. Provides guidance and recommended solutions to complex technical issues
Play a key role in working with product vendor for proper tool functioning and ensure product related issues are addressed in a timely manner
Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary


Proven experience as application developer
Experience in designing and building applications
Ability to program in at least one programming language such as C#, Java (J2EE) etc.
In-depth knowledge of programming for diverse operating systems and platforms using development tools
Excellent understanding of software design and programming principles
Analytical thinking and problem-solving capability
Experience with configuration and maintenance of Key Management Platforms (such as Gemalto/Thales/Microsoft Azure Key vault)
Familiarity with KMIP and other key management protocols
Good understanding of application architecture and integration using APIs
Experience with web services like SOAP/REST
Experience with configuration of Databases(Oracle, MySQL)
Comprehensive understanding of encryption protocols (SSL, TLS)
Strong knowledge of asymmetric and symmetric cryptography
Good understanding of legal and regulatory impacts of key management strategy (PCI, SOX)
Demonstrates flexibility and ability to effectively handle multiple projects simultaneously
Great attention to detail and time-management skills
A team player with excellent communication skills

Education Level: Bachelor's Degree or Equivalent in technology or security field
Certifications: CISSP preferred, one of the following is preferred MCSD, AWS, Oracle OCP, Red Hat JBoss
Years of Experience: Generally requires 10+ years of industry experience

Comcast is an EOE/Veterans/Disabled/LGBT employer

Comcast is anEOE/Veterans/Disabled/LGBT employerand all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.