At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Cyber Security Manager within PNC's Ethical Hacking organization, you will be located in Pittsburgh, PA, Cleveland, OH, or Columbus, OH. For a well-qualified candidate, remote work is an option.
You will manage a team of highly skilled security professionals. Specifically you will manage a team that is responsible for performing dynamic application security assessments within our SDLC. The scope of testing for the team includes but is not limited to: web applications, thick client applications, mobile applications, and web services.
Day to day responsibilities include but are not limited to
- Overseeing various aspects of dynamic applicationsecurityassessments including:
- Delivery of findings
- Communicating with stakeholders about the dynamic applicationsecuritytesting program including:
- Senior management
- Application teams
- Mentoring and assisting with career development of testing staff
- Developing and managing the dynamic application security testing vision and its integration with the SDLC
PA - Pittsburgh
PA374 - Two PNC Plaza
- Manages a team that oversees the day-to-day operations and effectiveness of assigned securitytechnology and programs.
- Manages resources that enables security control effectiveness with a team and technology
- Monitor trends and continuously assesses staff/security system capabilities to meet business demands.
- Leads in policy development, audit mitigation, and other tasks related to securing and maintaining the operational health of the infrastructure. Evaluates security systems, teams and processes to provide recommendations to maintain continuity and operational health.
- Documents and revises procedures and playbooks for teams, processes and technology to provide a standard security practice and increase team effectiveness.
Builds Winning Teams - Extensive Experience
- Develops talent by creating engaged, inclusive and diverse teams who are empowered to speak freely and act with integrity.
Leads Effective Change - Extensive Experience
- Recognizes the need for, takes personal accountability to adapt, and leads others through organizational change.
Drives for Results - Extensive Experience
- Demonstrates energy and a desire to succeed; follows through on commitments; pushes self and others to deliver exceptional results.
Establishes Vision and Purpose - Extensive Experience
- Creates a compelling vision of the future and translates it into action, linking others' contributions to the success of PNC.
Manages Risk - Extensive Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework.
Customer Focus - Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
INFORMATION SECURITY MANAGEMENT - Extensive Experience
- Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Information Security Technologies - Extensive Experience
- Knowledge of technologies and technology-based solutions dealing with information security issues.
IT ENVIRONMENT - Extensive Experience
- Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
IT Standards, Procedures & Policies - Working Experience
- Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
Knowledge of Organization - Extensive Experience
- Knowledge of the organization's vision, structure, culture, philosophy, operating principles, values, and code of ethics; ability to apply this understanding appropriately to diverse situations.
Planning: Tactical, Strategic - Extensive Experience
- Ability to contribute to operational (short term), tactical (1-2 years) and strategic (3-5 years) planning in support of the overall business plan.
Information Assurance - Extensive Experience
- Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.
Information Security Audits - Extensive Experience
- Knowledge of and the ability to utilize tools and techniques for assessing the effectiveness of information security measures, identifying potential risk exposures, and protecting the availability, confidentiality and audit trails of information from destruction or manipulation.
CISA, CISSP, and CISM preferred.
Required Education and Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry experience is typically 8+ years. At least 5 years of prior management experience is typically required. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.