SECURITY CONSULTANT - Cox Communications Atlanta, GA, USA Bookmark Share Print 513 0 0

Listing Description

At Cox, we’re forward-thinking innovators who put people first. Our award-winning workplace culture is centered on inclusion and kindness, and we’re looking for people to join our mission to be a force for good in the world. Come build a better future with us across automotive, communications, the environment and more.

We want to do everything we can to keep our employees safe and healthy. Therefore, where permitted by applicable law, you will need to be fully vaccinated against COVID-19 to be considered for this U.S.-based job. Reasonable accommodations for medical and religious objections will of course be considered.

Keep reading to learn more about this opportunity to join the Cox family of businesses.

Cox Communications is the largest private telecom company in America, and we proudly serve six million homes and businesses across 18 states. At Cox, we are committed to creating meaningful moments of human connection, not only with our products and services, but also with our career opportunities. Come connect with us and let’s build a better future together.

Summary

The Cox Communication (CCI) Product Security team is seeking a Product Security Consultant for an exciting opportunity to drive the next evolution in securing CCI products.  This role will be responsible for supporting the Product Security Leads to evolve and mature the secure product development lifecycle as part of Cox Communication’s broader initiative of a secure product portfolio.  The Product Security Consultant will provide consultative guidance to product development teams and support completion of the activities of our risk-centric secure development framework.  Key activities include onboarding product teams into the Secure Development Lifecycle Framework, reviewing Threat Models, scheduling automated and manual code reviews, and assisting products teams with rationalizing and prioritizing remediation plans to address insecure design and vulnerabilities with our products.  Additionally, the Product Security Consultant will help socialize the broader CCI Product Security program initiative to standardize the secure product life-cycle management approach.

 This is technical (non-supervisory) role.

 Responsibilities

• Guide, inform, and support the successful release of products while following our product security program for all products within the business unit portfolio
• Support efforts to institutionalize secure product lifecycle practices

• Support the Product Security Lead (PSL) to create action plans based on results of product security threat models, secure code reviews, penetration tests and other security testing/assessments
• Engage with product development to manage product security risk assessments
• Provide input and support to product development teams throughout the product development lifecycle on a variety of product security requirements including but not limited to secure coding and design, secure code reviews, security testing, third-party component risk assessment and mitigation
• Support initiatives to maintain up-to-date product inventory entries, to include product lifecycle status, risk profile and remediation validation
• Maintain a close relationship with the technical product security testing team to deliver against the strategic priorities and projects
• Provide consultative advice and insights into the maintenance of product security procedures, directives, and technology controls
• Ensure product development teams practice ‘Secure by Design’ through validation of Cox product security requirements in design and architecture, and ensure information security artifacts align with industry standards or regulatory requirements (i.e., PCI-DSS, HIPAA, GDRP, NIST, CMMC, etc.)
• Provide guidance to aid the business to prioritize cyber-risk remediation and mitigation activities
• Maintain current knowledge on security procedures, directives and technology controls including application testing, threat modeling and attack, penetration testing, data classification and handling
• Participate in industry working groups and provide insights back to product development teams on leading practices and regulations
• Provide coaching and consultations on secure development practices to the business and product development teams
• Perform other duties and responsibilities, as assigned

Qualifications

 Where permitted by applicable law, must be fully vaccinated against Covid-19 to be considered for this U.S based job.  Reasonable accommodations for medical and religious objections will be considered)

• Bachelor’s degree, 2+ years of experience in product development or product lifecycle management
• 2+ years of experience with information security controls or security risk management
• Excellent interpersonal, written, and verbal communications skills; demonstrated ability to communicate highly technical concepts to non-technical audiences
• Ability to translate a business objectives into cybersecurity terms and vice versa
• Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively

Preferred Skills

• Degree in Computer Science, Cybersecurity, or related field
• Experience conducting security product reviews
• Experience with both/either automated (i.e., SAST, DAST, SCA, etc.) and manual secure code reviews (Penetration Testing)
• Awareness of ‘Secure by Design’ principles and secure development frameworks – i.e., BSIMM, SANS, OWASP, ISACA, etc.
• Current knowledge of cybersecurity trends and remediation or mitigation approaches
• Certification related to information security & privacy – i.e., CSSLP, CISSP, etc.
• Telecom/Cable industry experience
• Threat Modeling methodologies (i.e., PASTA, STRIDE)

Who We Are

About Cox Communications

Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. We're dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique.

About Cox 

We are the Cox family of businesses. We’ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us.  Our primary divisions – Cox Communications and Cox Automotive – are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators.  We’re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation.  We’re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you’ll be going with us, and the common purpose that unites us at coxenterprises.com. 

Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO).  For more details on what benefits you may be offered, visit our benefits page.  

Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations:  Cox accepts resumes only from agencies with which we formally engage their services.   Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.

Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta, GA, US

Other Locations: Phoenix, AZ; Raleigh, NC; Hampton, VA;

Division: Cox Communications Inc

Job Level: Individual Contributor

Travel: No

Schedule: Full-time

Shift: Day Job

Requisition Number: 222722