As an Application Developer Lead( Application Security Coach ) within PNC's Security organization, you will be based in Pittsburgh, PA, Cleveland, OH, or Columbus, OH. Remote work is an option for a well-qualified candidate.
An Application Security Coach is a subject matter expert who is responsible for ensuring that PNC application developers have the necessary tools, knowledge, and assistance as they deliver quality application code, free of security risks. As part of a team, you will work with technology groups to ensure that projects and systems are implemented with required technical controls in accordance with security best practices and policy. Responsibilities within this position will include:
•Consult with development teams in secure architectural design and review.
•Provide subject matter expertise to development teams for secure practices in areas such as database interaction, authentication methods, encryption, entitlement systems, logging, input validation, secure storage, etc.
•Participate in requirements definition and perform initial risk analysis to define a minimum standard of security for each application. Deliver the criteria for release gates as a part of this process, to provide a means for measuring progress and risk mitigation maturity throughout the software development lifecycle.
•Identify residual risks not addressed by projects security requirements.
•Participate in threat modeling with the explicit purpose of influencing design decisions to address the most likely threats to an application’s security and resiliency.
•Provide expert assistance to developers as they work to implement security standards or to remediate discovered deficiencies.
•Work with project teams to prioritize security milestones. Ensure that project managers give security requirements the same attention that functional requirements generally receive during the development process.
Oversee security training and professional development and serve as a repository of security expertise for other project members.
Manages Risk - Working Experience
Customer Focus - Extensive Experience
Job Specific Competencies
APPLICATION DEVELOPMENT TOOLS - Subject Matter Expertise
Application Testing - Extensive Experience
Application Design, Architecture - Subject Matter Expertise
APPLICATION DELIVERY PROCESS - Extensive Experience
Packaged Application Integration - Subject Matter Expertise
System Development Life Cycle - Extensive Experience
Product and Vendor Evaluation - Working Experience
Technical Troubleshooting - Subject Matter Expertise
Software Process Improvement (SPI) - Extensive Experience
RequiredEducation and Experience
Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.