At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Senior Security Incident Response Consultant within PNC's CSO organization, you will be based in Pittsburgh.
The Senior Incident Response Consultant will work within established methodologies to perform a variety of Incident Response related activities for PNC CSO organization, to include responding to cyber, physical security and fraud incidents. Designing and performing Table Top Exercises, and performing IR Readiness Assessments. The Senior Incident Response Consultant will also be responsible for participating and working on projects that will support tactical and strategic business objectives.
Demonstration of clear and concise communication with a variety of stakeholders, ability to lead during a crisis, personal agility to adapt to changing environments, and a strong comprehension of calculating risk will be critical to success.
Key Responsibilities Include:
- Act as the primary escalation point for cyber, fraud and physical security incidents at PNC, developing response plans and coordinating activity as needed
- Provide support to the Cyber Security Incident Response Team in the identification and implementation of the Security and Incident Response strategies
- Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention
- Interpret and summarize technical information for presentation to non-technical business contacts
- Develop, integrate, and improve cybersecurity, physical security and fraud incident response “playbooks” and documentation for the team
- Identify capability gaps and assist in developing those capabilities or implementing technology as needed
- Prepare formal reports on incident findings
- Drive improvements in cybersecurity incident detection
- Drive improvements in cybersecurity incident response automation capabilities
- Act as a first responder for cybersecurity incidents as needed
- Executes the cybersecurity program, identifying opportunities for enhancement where applicable. Enables line of business adherence with cybersecurity programs.
- Participates in the design and development of the cyberrisk management program to meet business and regulatory expectations. Leads in the design and development of specific cyberrisk management program components.
- Executes the cybersecurity management programs within or across the lines of business (e.g. - business self-assessment and quality reviews). May lead cross functional teams.
- Provides risk expertise while working with the businesses and othercyberrisk partners (e.g., Compliance, Credit, Legal, Audit).
- Leads or influences risk initiatives and business as usual activities. Identifies cyberrisk, assesses impact and makes recommendations on resolution. Reports and escalates cyberrisk and program compliance as appropriate.
Manages Risk - Working Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework.
Customer Focus - Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
Analytical Thinking - Extensive Experience
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Effective Communications - Extensive Experience
- Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Information Security Technologies - Extensive Experience
- Knowledge of technologies and technology-based solutions dealing with information security issues.
IT ENVIRONMENT - Extensive Experience
- Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
IT Standards, Procedures & Policies - Extensive Experience
- Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
Network and Internet Security - Extensive Experience
- Knowledge of the features, tools and processes used for maintaining network and Internet security; the ability to develop and implement safeguards for the prevention of intrusion and unauthorized access to an organization's networksecurity system.
Problem Solving - Extensive Experience
- Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Knowledge of Organization - Working Experience
- Knowledge of the organization's vision, structure, culture, philosophy, operating principles, values, and code of ethics; ability to apply this understanding appropriately to diverse situations.
INFORMATION SECURITY MANAGEMENT - Extensive Experience
- Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Data Governance - Extensive Experience
- Knowledge of and the ability to develop and maintain an organization's data in order to meet business requirements.
Planning: Tactical, Strategic - Extensive Experience
- Ability to contribute to operational (short term), tactical (1-2years) and strategic (3-5years) planning in support of the overall business plan.
Information Assurance - Extensive Experience
- Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.
CISA, CISSP, and CISM preferred.
RequiredEducation and Experience
Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.