Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Information Security Forensics & Incident Response Lead
Company Corning, Inc.
Location Remote - US
Preferred GIAC Certifications GCFE/500; GASF/585; GBFA/498
Travel 10%
Salary Not provided
Contact Name Julie Sutton
Contact Email suttonjm/at/
Expires 2021-01-20

Job Description

Odds are that the email you read this morning travelled over Corning Optical Fiber; the smartphone you used had a Corning cover lens; and the vehicle you took to work had cleaner emissions because of a Corning catalytic substrate. Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies. Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes. IT also delivers Information Technology applications, infrastructure, and project services in a cost-efficient manner to Corning worldwide.

As the Forensics Team Lead, you will be managing a group of highly productive employees to implement the forensics critical function of our incident response. You will be working with standard forensics tools such as Encase and other tools. Due to the nature of incident response, we are looking for someone who can effectively communicate with managers and individual contributors in an incident response situation.
When not working on an incident, you will be preparing your team, infrastructure, and processes for the next breach. This entails leading and training your team and integrating other functional areas.
An effective forensics team lead will build, lead, and manage a team of technical security operations staff that will actively operate, maintain, customize, and configure information security tools and processes in support of the information security program.
Basic Qualifications:
• Bachelor Degree Information Technology, Computer Science, or related field or equivalent experience.
GCFE/500; GASF/585; GBFA/498 preferred.
• 10 or more years’ general information technology experience with 5 years of experience in the area of information security.
• Experience in information security incident response, forensic data collection procedures, issue tracking, and methodically working a technical problem.
• Demonstrated experience in the field of digital media forensics
• Demonstrated experience in mobile device data extraction and analysis
• In-depth experience with file system forensics
• In-depth experience with registry analysis
• In-depth experience with Internet history analysis
• Understanding of steganography and encryption detection and analysis
• Understanding of managing complex large data set analysis
• In-depth experience with timeline analysis
• Experience with forensic media imaging
• In-depth experience with email analysis
• In-depth experience with signature and hash analysis
• Demonstrated experience with forensics tools such as EnCase, Forensic Toolkit, F-Response
• Programming experience using Python
• Strong documentation and written communication skills with technical report writing experience
Additional Information:
• Demonstrated strength in resolving conflicts and influencing stakeholders by active listening and effective communication techniques.
• Able to use good judgment in the management and mentorship of professional resources with various degrees of experience and aptitude.
• Demonstrated technical acuity in the field of Information Technology Operations and/or Security Operations.
• Knowledge, understanding, and ability to apply technical security standards and tools.
• Excellent conceptualization, analytical and logic skills.
• Ability to troubleshoot and mentor technical staff in formulating conclusions and judgments.
• Ability to successfully facilitate collaboration across multiple functions, departments and levels.
• Travel: Limited/related to training & capability development efforts
• Some off-hours/on-call may be required

What sets us apart? Corning’s unwavered commitment to Diversity. Diversity is integral to Corning’s belief in the fundamental dignity of the individual – one of Corning’s seven Values. We are committed to providing an environment where all employees can thrive. This begins with an understanding that our global workforce consists of a rich mixture of diverse people. This diversity will continue to be a source of our strength as well as a competitive advantage.

If you have a passionate belief in the power of innovation to change the world; and if you are up to the challenge of working for a world-class organization that makes real, profitable advanced materials, then visit Corning’s website at