Sr. Analyst, Cybersecurity

Requisition Number: 69544

The company built on breakthroughs. ​  
Join us.​  

Corning is one of the world’s leading innovators in glass, ceramic, and materials science. From the depths of the ocean to the farthest reaches of space, our technologies push the boundaries of what’s possible.  ​  

How do we do this? With our people. They break through limitations and expectations – not once in a career, but every day. They help move our company, and the world, forward. ​  

​At Corning, there are endless possibilities for making an impact. You can help connect the unconnected, drive the future of automobiles, transform at-home entertainment, and ensure the delivery of lifesaving medicines. And so much more.​   

​Come break through with us.  

The global Information Technology (IT) Function is leading efforts to align IT and Business Strategy, leverage IT investments, and optimize end to end business processes and associated information integration technologies.  Through these efforts, IT helps to improve the competitive position of Corning's businesses through IT enabled processes.  IT also delivers Information Technology applications, infrastructure, and project services in a cost efficient manner to Corning worldwide.

Scope of Position:

The Senior Analyst for Cybersecurity will perform data analysis, incident response, investigative analysis, and research on existing and emerging cyber threats, particularly those directed against the company's global networks. You will be charged with part of leading the maturation and optimization of our EDR capability through the development of custom content that focuses on threat actor TTPs and reduces false positives. You will be expected to "think like an adversary" and engage in threat hunting operations leveraging your understanding of the tactics, techniques and procedures employed by advanced threats combined with intelligence from multiple sources and provide reporting and briefings to other teams and leadership to maintain appropriate levels of situational awareness.

RESPONSIBILITIES:

• Review and build host-based detection content in EDR solutions such as Sentinel One, Microsoft Defender and other leading vendors.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output and mentor cyber analysts.
• Leverage understanding of tactics, techniques and procedures associated with advanced threats to create and evolve custom detections that mitigate highly dynamic threats to the enterprise.
• Proactively research advanced and emerging cyber threats, and apply analytical understanding of attacker methodologies, system vulnerabilities, and key indicators of attacks and exploits in threat hunting efforts
• Execute as needed in each of the six phases of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned
• Collaborate using information and knowledge sharing networks and professional relationships.

Education and Experience:

• Bachelor's degree and 5+ years of threat analysis and/or incident response experience - additional years of relevant experience may be considered in lieu of Bachelor's degree
• Relevant certifications (CISSP, SANS GIAC, CEH, etc.)

REQUIREMENTS:

• Threat analysis and/or incident response experience
• Understanding of cyber threat models, including ATT&CK, Cyber Kill Chain, Racetrack, Diamond Model, etc.
• Experience working with EDR tools
• Experience with a SIEM-type platform
• Experience performing analysis and correlation of log data and forensic artifacts from multiple sources.
• Must be proficient, verbally and in writing with the English language.