Splunk Engineer

Requisition Number: 58764

Corning is vital to progress – in the industries we help shape and in the world we share.

We invent life-changing technologies using materials science. Our scientific and manufacturing expertise, boundless curiosity, and commitment to purposeful invention place us at the center of the way the world interacts, works, learns, and lives.

Our sustained investment in research, development, and invention means we’re always ready to solve the toughest challenges alongside our customers. 

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

Scope of Position: As a key member of this team you will be part of a highly collaborative environment that provides tremendous opportunity for growth. You will support a global security initiative to design, build, implement, and maintain a security focused Splunk environment. You will work closely with engineers across the company, and directly interface with our cyber threat analysts to understand their mission and capabilities. You will function as a Splunk SME for the company, leveraging your expertise to provide solutions that meet customer needs, including the development of Insider Risk content, and developing a strong Splunk skillset across the team. This role has the ability to be virtual

Responsibilities:

• Partner with cyber threat analysts, and other Splunk stakeholders to develop practical solutions that meet their needs

• Support the Insider Risk program with the development of insider threat Splunk content

• Develop, and continually evolve Splunk content that supports the cybersecurity and operations missions

• Contribute to the design and creation of new detection techniques, and improving existing ones

• Support the full system engineering lifecycle of the Splunk environment, including requirements analysis, design, development, and system integrations

• Support the creation and maintenance of documentation and diagrams of the Splunk architecture and environment

• Function as a Splunk SME and coach to develop strong Splunk skills across the Cybersecurity Operations organization

• Provide on-call support for incident response efforts outside of core hours as needed.

Education and Experience:

• 4+ years of Splunk engineering experience

• Relevant certifications: (CompTIA Security+, Splunk Core Certified User, Splunk Core Certified Power User, Splunk Enterprise Security Certified Admin, AWS Certified Solutions Architect, etc.)

Required Skills:

• Demonstrated on the job experience integrating and correlating large sets of data (syslog, security events, etc.)

• Ability to prepare, process, analyze, and visualize significant amounts of events from multiple data sources while keeping the big picture in mind

• Proficiency and demonstrated experience managing/deploying large scale distributed Splunk environments

• Proficiency and demonstrated ability working with Splunk Enterprise Security

• Proficiency and demonstrated experience on-boarding new data, including custom parsing rules and CIM

• Experience with Virtualization Platforms (Hypervisor, vSphere, etc.)

• Demonstrated critical thinker mindset, and problem-solving skills • Effective communicator, ability to report complicated security events at comprehendible level for all levels of leadership

• Excellent written and verbal communication skills, with the ability to process and present complex information

Preferred Skills:

• Experience with Cloud technologies and environments (Azure, AWS, etc.)

• Experience with Incident Response and associated tools/technologies (IDS, IPS, SIEM, etc.)

• Experience with networking (TCP/IP, topology, sockets, and security) operating systems (Windows and Linux), and web technologies (firewalls, proxies, etc.)

• Experience with configuring Splunk Enterprise Security dashboards

• Experience with configuring Splunk Enterprise Security customer queries, alerts, and rules

• Previous experience in a cybersecurity-oriented role (threat analyst, incident responder)

• Experience with standard security principles, policies, standards, and industry best practices

Travel Requirement

• Up to 10%

This role does not sponsor immigration.  

Corning Puts YOU First! 

We are committed to supporting your health, financial, career development, and life goals as you grow professionally and personally to achieve your highest potential. All benefits begin as soon as you start your career at Corning. 

• Our monetary peer-to-peer recognition program is tied to our Values and celebrates you and your colleagues’ contributions. 
• Health and well-being benefits include medical, dental, vision, mental health/substance use, fitness, and disease management programs.  
• Financial benefits include a 401(k) savings plan with company matching contributions and a 100% company-paid pension benefit that grows steadily throughout your career. 
• Companywide bonus and attractive short- and long-term compensation programs are available based on your role and responsibilities.   
• Professional development programs help you grow and achieve your career goals. 

We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

The range for this position is ($106,000 - $147,000. Starting pay for the successful applicant is dependent on a variety of job-related factors, including but not limited to geographic location, market demands, experience, training, and education. The benefits available for this position include medical, dental, vision, 401(k) plan, pension plan, life insurance coverage, disability benefits, and PTO.