Application Security Specialist, Senior

Job Description

Company: PNC

Location: Dallas, US

Position Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Security Specialist Senior within PNC’s Cloud Security organization, you will be based in Pittsburgh PA, Strongsville OH, Dallas TX or Birmingham, AL.

PNC’s Cloud Security Development team is looking for a candidate who has deep technical capabilities and direct implementation experience developing products and reporting for cloud security configuration management and compliance in both AWS and Azure with native and 3rd party tooling. This role is looking for a hands-on-keyboard individual who can both independently deliver and develop enhancements to our team’s product suite as well as provide coaching on security and development guidelines. You will work closely with partner security engineering and application teams to understand, implement, and develop security tooling related to cloud infrastructure security posture analysis and correction.

You will also guide them to understand the build, deployment, and dependency requirements for their system and advise on best practices on developing secure infrastructure. You will create security automation as the senior most member of a team to assess, monitor, and correct the provisioning and deployment cloud infrastructure across the enterprise both at deployment (via IaC checks) and runtime. You will provide mentorship to a group of developers with regards to sustainable development, testing, and software practices.

You will design and write clean, well-architected code, tests, and automation to support the cloud compliance program.

Requirements

• Development, DevOps, and Security experience with two or more public cloud technologies • Knowledge and understanding of IT architectures, distributed systems and microservices • Experience with programming languages and in writing automation (Python).
• Experience with Serverless functions (Azure Function, AWS Lambda) • Experience with relational databases (SQL) • Knowledge and experience with containerization (Docker, Kubernetes, OpenShift).
• Knowledge and experience with CI/CD and DevOps tools (Git, Jenkins, Groovy, Make, and Terraform).
• Knowledge and experience with Security / DevSecOps tools.
• Knowledge and experience with Cloud Security Posture Management tools (Azure Policy, AWS Config, Prisma Cloud, AWS SCP).
• Experience working with relevant cloud security frameworks/guidelines (CSA CCM, PCI Cloud Supplement, ISACA Cloud Computing Audit, CIS, NIST).
• Inquisitive and resourceful – not afraid to network within the organizations to ask relevant questions.
• Interacting with project management team members and key stakeholders on application projects.
• Ability to handle sensitive and confidential information appropriately. PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance.

Job Description Provides technical evaluation and analysis in a specific Security area. Supports activities, process, and tools needed to improve overall security posture of the organization. Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, creates documentation.

Performs investigation and data loss prevention, data manipulation, coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Advises on more complex security procedures and products for clients, security administrators and network operations.

Participates in enforcement of control security risks and threats; Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines. Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats.

Aligns the controls of a specific Security area to the enterprise framework. Devises control implementation strategy. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: Customer Focused – Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.

Managing

Risk – Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC’s Enterprise Risk Management Framework. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills Access Control (AC), Building Architecture, Customer Solutions

Source: BeBee