|Preferred GIAC Certifications||GCUX|
|Contact Name||Julie Sutton|
Odds are that the email you read this morning traveled over Corning Optical Fiber; the smartphone you used had a Corning cover lens; and the vehicle you took to work had cleaner emissions because of a Corning catalytic substrate. Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.
Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.
The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies. Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes. IT also delivers Information Technology applications, infrastructure, and project services in a cost-efficient manner to Corning worldwide.
The Technical Leader, Cyber Security is a technical leadership position in the Corning Information Security organization. In this role, you will coordinate and deliver a Security Operations Center function that can detect and respond to cyber security incidents, perform or direct digital forensic investigations and support e-discovery processes, and ensure the availability and lifecycle management of the incident response (IR) toolset. The ideal candidate will be a hands-on leader with substantive cyber security experience including threat intelligence, intrusion detection & response, and digital forensics. A solid understanding of advanced and emerging cyber threat TTPs, and detection and investigation methods, is required.
• Act as a subject matter expert on active and emerging cyber threat trends and lead the enablement of capabilities to detect and respond to same.
• Enable development of a team of cyber threat analysts skilled in incident response, digital forensic investigations, and e-discovery.
• Manage the response to cyber security incidents, including the preparation of summary reports
• Partner with the Cyber Security Manager to define and refine effective incident response playbooks/processes for a range of threat scenarios
• Refine, or define and deliver operating metrics which reflect the efficacy and efficiency of the team
• Partner with and direct the tools management team to engineer tools to identify, respond, or remediate threats (to include open source tools)
• Prior IR experience, to include leading in an incident, pursuing process improvement, and integrating into appropriate shared knowledge base content development with stakeholders
• Ability to successfully facilitate collaboration across multiple functions, departments and levels
• In-depth experience with all facets of digital forensics and incident response, including application to both on-prem and cloud environments
• Demonstrated threat hunting experience with scripting languages, automation tooling, SIEM and EDR solutions
• Able to identify inefficiencies in existing processes, develop automated solutions, and apply data enrichment where appropriate
• Familiarity with security orchestration, automation and response, with an emphasis on building complex playbooks for automating routines.
• Knowledge, understanding, and ability to apply technical security standards and tools
• Expert knowledge of Windows, Mac and Linux based operating systems
• Substantive technical cyber security expertise related to current and emerging threats, such as business email compromise, ransomware, and advanced persistent threats.
• Strong analytical critical thinking skills; able to understand/anticipate how threat scenarios could evolve and develop effective response plans
• Excellent conceptualization, analytical and logic skills
• Strong analytical, documentation and communication skills
• Strong teamwork and collaboration skills
• Familiarity with security instrumentation and incident response in cloud services
• Professional certification in cyber/information security (GIAC, CISSP, CISM etc.) or demonstrated comparable experience.
Required Education: Bachelor’s degree in Information Technology, Computer Science, or a related field; or five to eight (5-8) years of relevant experience in lieu of a degree.
Required Experience: Six (6) or more years of general and progressive Information Technology experience with a minimum of three (3) years of experience in incident response and digital forensics (DFIR) (Equivalent experience or certifications such as MCSE, MCSA Server 2012, CCNA, RHCE, GCUX, Linux Plus, and others considered)
• Limited/related to training & capability development efforts
• Some off-hours/on-call may be required
What sets us apart? Corning’s unwavered commitment to Diversity. Diversity is integral to Corning’s belief in the fundamental dignity of the individual – one of Corning’s seven Values. We are committed to providing an environment where all employees can thrive. This begins with an understanding that our global workforce consists of a rich mixture of diverse people. This diversity will continue to be a source of our strength as well as a competitive advantage.
If you have a passionate belief in the power of innovation to change the world; and if you are up to the challenge of working for a world-class organization that makes real, profitable advanced materials, then visit Corning’s website at www.corning.com
This position does not support immigration sponsorship.