At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Cyber Security Consultant within PNC's Security organization, you will be located in Pittsburgh, PA or Cleveland, OH. Remote work with limited travel is an option for a well qualified candidate.
The ideal candidate will have the following experiences:
•Creates and deploys advanced technical controls using the CyberArk Privileged Identity Management (PIM) solution.
•Analyzes, identifies, and remediates privileged access risk throughout electronic systems.
•Onboards groups of privileged accounts into PIM solution.
•Scripting background (Powershell, Batch, Bash, Perl) necessary for utilizing bulk CLI tools and developing custom CyberArk utilities and plugins.
•Familiarity with establishing connectivity using Central Credential Provider and integrating applications with AIM.
•Comfortable with configuring LDAP bind accounts, running Auto Discovery to scan directories and identify unmanaged privileged accounts in scope for onboarding.
•Experience with ServiceNow or related ticketing systems and change control processes to log and respond to incidents.
•Able to perform administrative functions through CyberArk’s internal REST API and assist with developing automation processes using JSON cURL scripts.
•Can develop and effectively enforce quality control measures that adhere audit compliance standards.
•Generate reporting material to satisfy and resolve audit demands
•Provides technical, operational, analytical and research support to technical teams through both written and verbal communications.
•Deploys new, advanced technological solutions to increase efficiency of controls.
•Drives incident resolution and root cause analysis of production problems.
•Tier 3 or 4 support in troubleshooting/support efforts for end users of PIM solution.
•Develops and maintains technical, operational and service procedures, as well as process workflows for operational/applications teams.
•Experience in information security and security principles including access management, administration, control and governance.
•Knowledge of authentication and authorization methods, directories, and separation of duties analysis.
•Experience managing the relationship and interface with internal and external auditors including regulators.
•The ability to maintain project plans, and execute on deliverables.
•Experience with UNIX, Active Directory, eDirectory, networking, and cloud solution is desired.
•Proficient software development/coding is desired.
•A strong understanding of information security related risk, regulatory, audit and compliance experience.
•Strong problem solving ability, organizational and presentation skills.
•Ability to multi-task, prioritize and escalate, where needed.
•The capability to work independently, manage project deadlines with minimal supervision.
•Strong leadership and mentoring skills with excellent communication and collaboration skills.
•A sound decision maker who partners and provides counsel as well as solutions in a dynamic environment.
You will be responsible for managing technical onboarding of privileged accounts and processes to industry strength as well as establish a risk free process to ensure compliance to procedures and technical control standards are aligned. You will attend strategy meetings, and update project documentation. You will also lead collaboration meetings with Stakeholders, build program governance, and work through issues, problem solving, and escalation. You will provide leadership and mentoring to the various administration teams and to ensure consistency and accuracy of requests and suggest modifications to current processes to provide additional technical controls.
- Assesses the impacts associated with potential threats and solutions required to mitigate risks.
- Leads in the development, implementation and validation of organization-wide securityrisk assessment and control standards, policies and procedures.
- Provides security guidance to improve the operation of and compliance with security controls and systems.
- Ensures alignment of cybersecurity controls with line of business objectives.
- Aligns security capabilites to risk metrics and reporting. Develop policies and procedures to standardize security functions.
Manages Risk - Working Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework.
Customer Focus - Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
INFORMATION SECURITY MANAGEMENT - Extensive Experience
- Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
IT Standards, Procedures & Policies - Extensive Experience
- Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
IT ENVIRONMENT - Extensive Experience
- Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
Problem Solving - Extensive Experience
- Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Effective Communications - Extensive Experience
- Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Analytical Thinking - Extensive Experience
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Information Security Technologies - Extensive Experience
- Knowledge of technologies and technology-based solutions dealing with information security issues.
Network and Internet Security - Extensive Experience
- Knowledge of the features, tools and processes used for maintaining network and Internet security; the ability to develop and implement safeguards for the prevention of intrusion and unauthorized access to an organization's networksecurity system.
IT SYSTEMS MANAGEMENT - Extensive Experience
- Knowledge of and ability to utilize a variety of technical tools and techniques to guarantee service availability and ensure IT system performance.
Technical Troubleshooting - Extensive Experience
- Knowledge of technical troubleshooting approaches, tools and techniques, and the ability to anticipate, recognize, and resolve technical (hardware, software, application or operational) problems.
CISA, CISSP, and CISM preferred.
RequiredEducation and Experience
Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.