Sr. Lead Analyst, Cybersecurity

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert: Email jobs to me

Location: Charlotte, NC, US, 28216 Corning, NY, US, 14831

Company: Corning

Requisition Number: 68453

The company built on breakthroughs.
Join us.

Corning is one of the world’s leading innovators in glass, ceramic, and materials science. From the depths of the ocean to the farthest reaches of space, our technologies push the boundaries of what’s possible.

How do we do this? With our people. They break through limitations and expectations– not once in a career, but every day. They help move our company,and the world, forward.

At Corning, there are endless possibilities for making an impact. You can help connect the unconnected, drive the future of automobiles, transform at-home entertainment, and ensure the delivery of lifesaving medicines. And so much more.

Come break through with us.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies. Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes. IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

Corning is searching for a Sr Lead Analyst, Cybersecurity, to join our team in the U.S.!

In this position, you will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our cyber threat intelligence processes and capabilities. Using various intelligence sources including open-source intelligence to development custom detections and mitigation opportunities to protect global manufacturing operations. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership in order to maintain appropriate levels of situational awareness.

This role can be worked remotely within the continental United States.

• Develop, create, and distribute Cyber Threat Intelligence (CTI) reports for new or emerging threats and threat vectors to all stakeholders.
• Support the develop detections to identify adversary activity at all levels of attack paths using multiple platforms and tools.
• Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections, mitigations against highly dynamic threats to the enterprise for at all levels of adversary attack paths.
• Analyze network and host activity associated with intrusion attempts by advanced attackers.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts.
• Employ advanced forensic tools and techniques for attack reconstruction and threat intelligence gathering streamlining, documenting, and sharing updated processes.
• Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits to provide reporting, mitigations, and detections for cyber risks.
• Participate in and collaborate on all sharing platforms and working groups using achieve common goals.
• Provide on-call support for incident response efforts outside of core hours as needed.

For compliance with U.S. regulatory requirements, this position is limited to citizens of the United States, lawful permanent residents, or protected individuals as defined by 8 U.S.C. 1324b(a)(3).

• Bachelor’s degree in information security, Computer Science, or similar field
• 7+ years of threat analysis and incident response experience. (additional years of relevant experience may be considered in lieu of Bachelor’s degree)
• Experience performing "deep dive" analysis and correlation of log data and forensic artifacts from multiple sources.
• Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc.
• EDR tools, Microsoft Defender preferred. Splunk (preferred) or similar SIEM-type platform.
• Conventional network and host-based intrusion analysis, digital forensics, or malware analysis.
• Strong understanding of Operating Systems and Network Protocols.
• Proficiency with Microsoft Windows administrative tools, and the Unix/Linux command line.
• Must meet the following requirement: Current U.S. Citizen, lawful permanent resident of the U.S., or protected individual as defined by 8 U.S.C. 1324b(a)(3)
• Previous experience as Threat Researcher and/or Intelligence Analyst.
• Capable and comfortable communicating actionable threat intelligence to both technical and executive-level stakeholders.
• Relevant certifications such as (CISSP, SANS GIAC, CEH, etc.) preferred.
• Familiarity with customizing Sysmon.
• Familiarity with common languages (like PowerShell and Python) to parse logs, automate processes, and integrate systems.
• Capable to perform adversary emulation to validate mitigations and detections.
• Experience with dynamic malware analysis, and reverse engineering.
• Experience in cryptography or cryptanalysis.
• Ability to create, modify, and implement both Snort and YARA signatures, sharing best practices with colleagues.
• Published research papers at conferences or through other mediums (blogs, articles).
• Working knowledge of Computer Network Exploitation (CNE), or Computer Network Attack (CNA) tools and techniques.
• A deep understanding of advanced cyber threats targeting enterprises, along with the tools, tactics, and procedures used by those threats.
• Experience applying threat and data modeling, advanced data correlation, and statistical analysis to develop alerts, notable events, investigative dashboards, and metrics driven reports.

Travel Requirement

• Up to 10%

This position does not support immigration sponsorship.

The range for this position is$126,013.00-$173,268.00assuming full time status. Starting pay for the successful applicant is dependent on a variety of job-related factors, including but not limited to geographic location, market demands, experience, training, and education. The benefits available for this position are dependent on hours worked and may include medical, dental, vision, 401(k) plan, pension plan, life insurance coverage, disability benefits, and PTO.

A job that shapes a life.

Corning offers you the total package.

Your well-being is our priority. Our compensation and benefits package supports your health and wellness, financial, and career from day one

• As part of our commitment to your financial well-being, we provide a 100% company-paid pension benefit that grows throughout your career. We also offer a 401(k) savings plan with company matching contributions.
• Our health and well-being benefits include medical, dental, vision, paid parental leave, family building support, fitness, company-paid life insurance, disability, and disease management programs.
• Company-wide bonuses and long-term incentives, align with key business results and ensure you are rewarded when the company performs well – when Corning wins, we all win.
• Getting paid for our work is important but feeling appreciated and recognized for those contributions motivates us much more. That’s why Corning offers a peer-to-peer recognition program to celebrate success by recognizing colleagues who demonstrate above-and-beyond behaviors.

We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To request an accommodation, please contact us at accommodations@corning.com .