Job ProfilePosition Overview
At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers.
As a Security Architect Sr. within PNC's Security organization, you will be based in Pittsburgh, PA. Remote work will be considered for a well-qualified candidate.
The ideal candidate will have the following experiences & qualifications:
•CISSP certification, ethical hacker or equivalent showing expertise in security
•Proficient in understanding modern development, SDLC, supporting platforms/tool chains
•Proficient in leading complex discussions, leading conversations and gaining consensus in a group setting
•Working knowledge of Cloud based providers and common services that are used to manage security concerns
•Security tooling used In software development, and vulnerability detection/identification/remediation
•Security tooling used in connection with behavioral analysis, detection, and orchestration of response
•Understanding of anatomy of attack, and common SOC defense terminology
•Understanding of key concepts used in Kubernetes/Service Fabrics/Istio
•Understanding of key concepts for modern identity/authorization for applications
•Understanding of key concepts for NAC/segmentation/Micro-segmentation as it relates to environments and modern applications
•Understanding of key concepts for data protection across channels (detect, address, automate, report, improve)
•Understanding of Common data classes, HIPPA, PCI, PII
•Understanding of Common ports/protocols for network communication
•Familiarity of key concepts related to devaluing, masking, and tokenization of data for both in-transit and at-rest
•Familiarity of key concepts relate to mobile devices/applications, including device binding, and fraud/risk scoring
•Familiarity with NIST 800-53 control set or other common control sets
•Ability to collaborate with others to formulate recommendations on how to adopt new technology, especially in the context of an ecosystem
•Ability to create diagrams/documentation/presentations that conveys key information and can be turned over to an engineering function
•Ability to work within frameworks to develop artifacts and presentations
•Ability to present key ideas to executive decision makers and obtain alignment
•Ability to work on topics where subject knowledge is not strong, but SME knowledge is available, to develop a direction/solution
•Ability to learn/participate in Crisis exercises or response activities, representing standards and designs that are deployed within the organization
•Ability to learn/create/interpret designs that are approved and how standards have been applied
•Ability in influence others using communication/collaboration skills
- Leads in securing enterprise information, systems, and development by developing and/or reviewing security requirements; planning, designing, and reviewing business and security systems; creates architectural artifacts; provides standards and governance oversight for the enterprise.
- Leads and participates in discovery efforts related to the introduction of new technologies. Prepare artifacts as required to communicate concepts and provide overall alignment with Enterprise Architecture. Collaborate with Engineering and other partners to ensure alignment with the overall intended design.
- Defines Security standards, and leads in the use and adoption of frameworks that align with overall business and technology strategy. Maintain and update architecture systems of record. Participate with engineering and other SME on best practices to consume technology and other standards. Leverages broad knowledge base and subject matter expertise to provide guidance.
- Leads in the governance and interpretation of architectural standards, design concepts, and frameworks. Monitors industry security updates, technologies and best practices to improve security management.
- Designs and collaborates on solutions that balance business requirements with information and security requirements. Leads challenging and complex conversations to provide specific recommendations. Provides approval for architectural direction.
- Identifies security design gaps in existing and proposed architectures and recommend changes or enhancements to existing processes, systems, including in depth analysis, presentations, and executive engagement.
PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:
- Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
- Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
Analytical Thinking - Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Effective Communications - Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Information Security Management - Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Information Security Technologies - Knowledge of technologies and technology-based solutions dealing with information security issues.
IT Architecture - Knowledge of and ability to design and improve organizational IT structures and blueprints in order to better support business operations and efficiently achieve organizational objectives.
IT Environment - Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
IT Standards, Procedures & Policies - Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
Knowledge of Organization - Knowledge of the organization's vision, structure, culture, philosophy, operating principles, values, and code of ethics; ability to apply this understanding appropriately to diverse situations.
Problem Solving - Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.Work Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry relevant experience is typically 8+ years. Specific certifications are often required. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.Education
Disability Accommodations Statement:
The PNC workplace is inclusive and supportive of individual needs. If you have a physical or other impairment that might require an accommodation, including technical assistance with the PNC Careers website or submission process, please call and select Option 4: Recruiting or contact us via email at .
The Human Resources Service Center hours of operation are Monday - Friday 9:00 AM to 5:00 PM ET.
Equal Employment Opportunity (EEO):
PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.
Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.