Share this Job

Cyber Security Automation Lead

Date: 12-Sep-2021

Location: Taipei, TW, 105

Company: Corning

Requisition Number: 45857



Corning is one of the world’s leading innovators in materials science. For more than 160 years, Corning has applied its unparalleled expertise in specialty glass, ceramics, and optical physics to develop products that have created new industries and transformed people’s lives.

Corning succeeds through sustained investment in R&D, a unique combination of material and process innovation, and close collaboration with customers to solve tough technology challenges.

Corning’s Display Technologies segment manufactures glass substrates for active matrix liquid crystal displays (“LCDs”) that are used primarily in LCD televisions, notebook computers and flat panel desktop monitors.



Purpose of the Position

The Cyber Security Automation Lead, is a technical position in the Corning Information Security organization. In this role, you will coordinate and deliver orchestrations and automations for the Security Operations Center functions that can automate and orchestrate cyber security event , and ensure the availability and lifecycle management of the incident response (IR) toolset. The ideal candidate will be a hands-on ability to lead and work independently, hold a substantive cyber security experience including threat intelligence, intrusion detection & response, and forensics. A solid understanding of advanced and emerging cyber orchestrations and automations methods as well as scripting capabilities to support these needs. Ability to script in the various toolsets provided by the vendor. Create and maintain playbooks/documentation in support of SOAR.


Day to Day Responsibilities

  • Manage SOAR and supporting services including monitoring, alarming, patching, and automation
  • Develop metrics and trends that demonstrate the platform's health and operational state.
  • Ability to script in the various toolsets provided by the vendor. This could be ServiceNow, Remedy, or other systems that allow for automation.
  • Define, document, and implement appropriate delivery, alarming, reporting, and automation of security-relevant log information.
  • Research and document security best practices to continually improve the deployment and use of supported systems.
  • Responsibilities include development of new security alerts and tuning existing alerts for improving detection and accuracy.
  • Assist users of the SOAR in real-time investigation and analysis • Provide technical expertise to create logic for the appropriate SOAR.
  • Provide security engineering and architecture guidance to SOC team members as needed
  • Provide in-depth knowledge in network protocols, architectures, equipment, services, and standards to allow the selection of correct technologies necessary to perform various IT assessments.
  • Develop and author guidance and SOPs as needed.
  • Mentor specialists to improve quality and consistency of security information analysis, device troubleshooting and device management best practices.
  • Excellent conceptualization, analytical and logic skills
  • Strong analytical, documentation and communication skills
  • Strong teamwork and collaboration skills


Education and Experience

  • Six (6) or more years of general and progressive Information Technology experience to include integration and automation skills.
  • A minimum of three (3) years of experience in incident response and digital forensics (DFIR)
  • A minimum of three (3) years of experience in Automation and orchestration.


Required Skills

  • Professional certification in cyber/information security (GIAC, CISSP, CISM etc.) or demonstrated comparable experience.
  • Required Education: Bachelor’s degree in Information Technology, Computer Science, or a related field; or five to eight (5-8) years of relevant experience in lieu of a degree.
  • Equivalent experience or certifications such as MCSE, MCSA Server 2012, CCNA, RHCE, GCUX, Linux Plus, and others considered
  • Experience with scripting languages, PowerShell, Python, C++ C-Sharp, Bash/KSH scripting