Share this Job

Cybersecurity Intelligence and Response Team Manager, Remote

Apply now »

Date: Aug 13, 2022

Location: Charlotte, NC, US, 28216

Company: Corning

Requisition Number: 56302


Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.


As Cybersecurity Intelligence and Response Team (CSIRT) Manager you will remotely lead the team responsible for situational security awareness by pulling together information from a variety of systems and normalizing and correlating the information. The CSIRT provides detection and reaction services for information security incidents within the company and e-discovery support. The ideal candidate will bring a fresh perspective to the team and be passionate about protecting, defending, and responding to information security related events.


This remote role has the ability to be virtual


Leadership responsibilities will include:


• Demonstrate the ability to build, lead, manage and motivate teams in a dynamic environment.

• Oversee the development, maintenance, and delivery of standard procedures related to the CSIRT, and driving innovations

• Lead the team by providing direction and guidance to team members in handling issues

• Ensure staffing coverage

• Coordination with IT and non-IT organizations related to security for escalation of issues

• Demonstrated understanding of Information Security and Networking required


Additional responsibilities will include but are not limited to:


• Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change.

• Provide detection of and response to security events and incidents within the company network

• Assist with e-discovery support to the company legal department

• Develop and maintaining information security metrics.

• Provide operational support to core security and incident response teams

• Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing through team collaboration.

• Perform annual staff appraisals.

• Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.

• Other duties as assigned.




• Bachelor’s degree or 7+ years experience leading a technical team.


Required Skills:


• 5 years of previous supervisory experience leading a technical team

• 5+ years of experience in information security working in an enterprise environment

• 3+ years of experience working on computer security team in a SOC environment

• Exceptional operational rigor with extensive real-world experience in ITIL methodologies and frameworks for IT operations.

• Experience in designing, implementing, and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.

• Ability to create shift schedules to ensure 24x7 on-call and coverage by support personnel in off hours.

• In-depth knowledge of modern security concepts and how to apply them.


Desired Skills:


• Experience building and managing a cybersecurity intelligence and/or incident response teams, internal or outsourced, highly preferred

• Security log management experience

• Strong analytical, documentation, and communication skills

• Understanding of different security processes and technologies

• Knowledge of forensics

• Understanding of network traffic analysis

• Experience with trouble ticketing and change management tools

• Some departmental budget management

• Understanding of basic Windows registry and Windows event log analysis.

• GIAC Security and/or CISSP, CISM, CASP+ Certification(s) highly preferred

• Experience with enterprise information security incident and event management (SIEM) tools such as Splunk or other SIEM-like tools.

• Knowledge of two or more of the following languages (Perl, Python, C, C++, C#, Objective C, Ruby, Lisp, Scheme, IA-32/IA-32e assembly, ARM, Power PC, MIPS, SPARC, Shell, SQL, HTML, CSS, XSLT, XML, Java, or EnScript)

• Understanding of intelligence driven network defense, and behavioral based threat models, such as ATT&CK, Cyber Kill Chain, Diamond Model, etc.

• Experience with Security Orchestration, Automation, & Response (SOAR)


This position does not support immigration sponsorship.


We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.


We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Nearest Major Market: Charlotte