Make your mark at Comcast -- a Fortune 30 global media and technology company. From the connectivity and platforms we provide, to the content and experiences we create, we reach hundreds of millions of customers, viewers, and guests worldwide. Become part of our award-winning technology team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. Join us. You’ll do the best work of your career right here at Comcast. (In most cases, Comcast prefers to have employees on-site collaborating unless the team has been designated as virtual due to the nature of their work. If a position is listed with both office locations and virtual offerings, Comcast may be willing to consider candidates who live greater than 100 miles from the office for the remote option.)
Job Summary
In this role, the Principal Cybersecurity Engineer will lead the design, development, and deployment of advanced security frameworks encompassing Public Key Infrastructure (PKI), Hardware Security Modules (HSMs), Blockchain technologies, Secure Elements, and cryptographic token management for both embedded systems and enterprise platforms.
The ideal candidate will possess extensive hands-on experience in HSM administration (with a strong preference for Thales devices), X.509 certificate lifecycle management, and cryptographic key management operations. The engineer will collaborate closely with internal teams and external partners to translate complex security requirements into scalable, resilient, and compliant solutions.
This role requires a highly adaptable professional who can quickly master new languages and technologies, thrive in a dynamic environment, and work effectively across teams. A strong emphasis is placed on innovation, continuous improvement, and delivering secure, future-ready solutions.
Job Description
Core Responsibilities
- Design, develop, and implement advanced security software, frameworks, and applications supporting PKI, HSM, IoT, and cryptographic systems.
- Lead the architecture and deployment of secure communication protocols, certificate management systems, and cryptographic key infrastructures.
- Customize and enhance existing security applications while developing processes for software updates, patch management, and version control.
- Provide technical leadership and establish best practices, procedures, and guidelines for secure system design and implementation.
- Partner with Quality Assurance and DevSecOps teams to validate that all software and hardware integrations meet security and regulatory requirements.
- Collaborate with internal engineering, infrastructure, and security operations teams to align cybersecurity solutions with business and compliance needs.
- Demonstrate deep knowledge of cryptographic engineering concepts and methodologies, applying them effectively in enterprise and IoT environments.
- Other duties and responsibilities as assigned.
Required Qualifications and Experience:
- Bachelor's and/or Master’s degree in Computer Science, Information Security, or a related technical field
- 12+ years of professional experience in cybersecurity engineering or secure embedded software development
- Proven experience with Hardware Security Modules (HSMs), preferably Thales Luna or similar
- Strong knowledge of Public Key Infrastructure (PKI), X.509 certificate management, and cryptographic key operations
- Hands-on experience with IoT security frameworks, secure boot, and device identity management
- Solid understanding of encryption algorithms, digital signatures, and secure communication protocols (TLS, SSH, IPsec)
- Proficiency in C/C++, Python, or Java, with a good grasp of operating system fundamentals and secure coding practices
- Familiarity with Continuous Integration and Deployment tools (Jenkins, Concourse)
- Deep understanding of the HTTP/S protocol and web security concepts
- Experience working in Agile/Scrum development environments
- Strong critical thinking, independent problem-solving, and adaptability to new technologies
- Collaborative experience in multi-company or open-source industry projects
- Regular, consistent, and punctual attendance
Additional Preferred Skills
- Experience with Thales, Cybertrust or nCipher HSMs for key management and integration
- Background in embedded software development, especially RDK-based platforms
- Knowledge of secure firmware signing and OTA update processes
- Understanding of TPMs, secure enclaves, and lightweight cryptography for IoT
- Familiarity with CA, KMIP, and cloud KMS integrations (AWS, Azure, GCP)
- Experience with SSDLC practices and secure code review
Employees at all levels are expected to:
- Understand our Operating Principles; make them the guidelines for how you do your job.
- Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
- Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
- Win as a team - make big things happen by working together and being open to new ideas.
- Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
- Drive results and growth.
- Support a culture of inclusion in how you work and lead.
- Do what's right for each other, our customers, investors and our communities.
Disclaimer:
This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications.
Skills
Embedded C++, Embedded Software, Hardware Security Modules (HSM), Java
We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That's why we provide an array of options, expert guidance and always-on tools that are personalized to meet the needs of your reality—to help support you physically, financially and emotionally through the big milestones and in your everyday life.
Please visit the benefits summary on our careers site for more details.
Education
Bachelor's Degree: Computer Engineering
While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.
Certifications (if applicable)
CISSP - Certified Information Systems Security Professional - (ISC)²
Relevant Work Experience
10 Years +
Comcast is an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law.