Share this Job

Sr. Manager, Vulnerability & Threat Management (Charlotte, NC or Corning, NY or Remote)

Apply now »

Date: Jul 19, 2022

Location: Charlotte, NC, US, 28216 Corning, NY, US, 14831

Company: Corning

Requisition Number: 56405

 

Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

 

Scope of Position:

Corning has an immediate opening for a motivated Threat & Vulnerability Management leader to join Corning's Global Cybersecurity Operations organization. Our goal is to stay ahead of and maintain a technical advantage over our adversaries using the latest technical advancements by providing global capabilities that our Cyber Defenders rely on. While the primary focus for this position is vulnerability identification and remediation, you will gain cross-functional experience as you interface directly with our cyber defenders to understand their mission and capabilities. As a key part of this team, your responsibilities will include all aspects of the vulnerability management, including operation of the company’s vulnerability scanning solution – Qualys, prioritizing remediation efforts, communicating with leadership and system owners to drive remediation closure, and developing effective metrics. In this position, you will have opportunities to interact with both leadership and key stakeholders across the enterprise and will be challenged and provided a tremendous opportunity for growth in a highly collaborative environment.

 

This role has the ability to be virtual.

 

Responsibilities:

• Lead and coordinate the activities of the Threat & Vulnerability Management team.

• Optimize and enhance the vulnerability scanning capability, Qualys.

• Improve and mature vulnerability reporting to key stakeholders, and drive remediation efforts by communicating, clearly articulating, and prioritizing risk and impact to all stakeholders to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents.

• Deliver and enhance existing vulnerability and remediation metrics

• Develop the integration and automation strategy around multiple VM toolsets

• Perform risk-based technical assessments on technical vulnerabilities.

• Stay abreast of emerging threats, and promote understanding of associated risk with stakeholders

• Review and analyze vulnerability data to identify trends and patterns.

• Deliver vulnerability findings and drive remediation efforts

• Advising employees responsible for remediation on the best reduction and remediation practices.

• Influence the development of vulnerability management standards and security policies.

• Oversee the vulnerability management processes, suggesting applicable change controls, and security exceptions.

• Design and implement new or enhanced vulnerability reporting and monitoring solutions.

• Assist and support incident response as needed

 

Education and Experience:

• 4+ years of Vulnerability & Threat Management or related experience

 

Required Skills:

• Strong experience with vulnerability management

• Demonstrated ability to lead, manage, and develop high performing teams

• Effective coaching, mentoring, and collaboration skills

• Experience presenting to both technical and non-technical audiences

• Experience communicating risk to leadership

• Strong risk-based prioritization abilities

• Demonstrated written communication skills, with a focus on providing clarity of remediation efforts to both system owners and leadership

 

Preferred Skills:

• Experience with intelligence driven defense approach

• Experience in assessing Industrial Control Systems (ICS) , Operation Technologies (OT), and manufacturing networks

• Experience conducting or leading incident response efforts

• Experience with threat models, such as Diamond, Cyber Kill Chain, ATT&CK, Racetrack, etc.

• Experience with penetration testing

• Experience with exploit research Travel Requirement

• Negligible; Up to 10%

 

We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.

 

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.


Nearest Major Market: Charlotte