Share this Job

IT Manager, Compliance

Apply now »

Date: Jul 24, 2021

Location: Painted Post, NY, US, 14870 Charlotte, NC, US, 28216

Company: Corning

Requisition Number: 47346


Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

Purpose of Position: Responsible for planning, performing, monitoring and reporting on IT regulatory controls and compliance as well as other assigned projects within the Corning Information Technology division. Provide regulatory analysis and guidance throughout the compliance lifecycle process for the Concert Program & associated projects. Provide continuous monitoring of regulatory policies, programs, controls, compliance artifacts, and standards in support of government and industry security compliance.


Roles and Responsibilities:

  • Perform assigned Concert program compliance leadership role with minimal supervision, which may include planning, analysis, design and implementation of controls, customer interaction, testing, and reporting procedures in accordance with appropriate professional and  corporate standards.
  • Review regulations and provide feedback and guidance to Concert leadership teams (and PMs). Based upon analysis, develop recommendations on controls to address needs and gaps due to ERP Transformation and drive remediations.
  • Participate in the evaluation, development and maintenance of policies, procedures and training as they pertain to regulatory and customer compliance requirements.
  • In partnership with ACR, Info Security and other organizations provide project initiation and development support for new software installations for compliance related Program elements.
  • Hold discussions with stake holders regarding possible processes and control weaknesses. Prepare draft reports to management to communicate results including recommendations for improving regulatory information system practices and controls.
  • Ability to perform compliance assessments within cloud and complex IT environments
  • Obtain buy-in and ownership from management for observations and remediation plans.
  • Work with Internal Audit, external auditors, management, and staff to identify feasible control solutions and resolutions (if exist) to control gaps and opportunities for improvement.
  • Plan and execute compliance reviews.
  • Provide guidance, interpretation, and education to the Concert Program on regulatory requirements and policies, as needed.


Education Requirements: Bachelors (4 year) degree in Computer Information Systems, Information Technology, or related field


Work Requirements: 8+ years combined compliance, audit, technology risk, security and/or information technology experience


Required Skills:

  • Familiarity with technical assessments and audit methodologies for technical systems (including, but not limited to, application security, system management, OS/database administration) as well as IT auditing processes.
  • High degree of personal integrity; promotes high standards of ethical conduct and behaviors consistent with organizational and government standards
  • Self-starter operating with minimal supervision/oversight
  • Ability to build effective working relationships & collaborate with people from a broad spectrum within IT and across the company
  • Professional, positive communicator delivering clear, concise information in either verbal or written format
  • Strong communication; written and verbal skills. There will be frequent interactions with internal and external stakeholders.
  • Ability to travel both domestically and internationally, up to 25%


Desired Skills:

  • Strong understanding of Corning’s IT environment or previous experience in an IT support or development role related to applications development, server, database, or network infrastructure preferred
  • General knowledge of government regulatory compliance and control frameworks such as SOX, ITAR, EAR, Data Privacy (GDPR, BCR, CCPA, etc.), COSO, COBiT, PCI-DSS, SANS Top 20 Security Controls, and HIPAA
  • Experience in conducting IT controls assessments based on ISO 27001/27002 and 27018, ISAE3402, SOC 1 and SOC 2 Type 2 reports
  • Strong project management skills
  • Experience with Governance, Risk, and Compliance (GRC) tools
  • General knowledge of internal control concepts, principles, and risk analysis


Desired Certifications:

  • CRISC (Certified in Risk and Information Systems Control)
  • CISA (Certified Information Systems Auditor)
  • CISSP (Certified Information System Security Professional) – or willingness to obtain within 1 year


This position does not support immigration sponsorship.


We prohibit discrimination on the basis of race, color, gender, age, religion, national origin, sexual orientation, gender identity or expression, disability, veteran status or any other legally protected status.


We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Nearest Major Market: Corning