At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As an IT Security Testing Analyst Senior( Penetration Tester ) within PNC's Ethical Hacking organization, you will be based in Pittsburgh, PA, Cleveland, OH, or Columbus, OH.
PNC's Ethical Hacking Team uses cutting edge techniques and technologies across a diverse set of applications, infrastructure components, and platforms. On a daily basis, you will work with members of the MIS, Development Operations, Vulnerability Management, and other Information Security teams. Your primary responsibilities will be in the Development Security Operations Team and will include performing dynamic and static analysis security testing in the software development lifecycle as well as educating clients on the discovered vulnerabilities and their inherent risks.
- Carries out penetration testing and vulnerability scanning of applications, infrastructure, and platforms to discover security vulnerabilities. Leverages experience to create recommendations for remediation of vulnerabilities.
- Performs security testing to discover vulnerabilities within applications automated tools and leverages experience to perform manual testing.
- Validates and documents security vulnerabilities in applications.
- Develops recommendations leveraging expertise in numerous areas of technology. (12.)
- Performs remediation validation to ensure security vulnerabilities previously identified have been appropriately addressed. (12.)
Manages Risk - Working Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework.
Customer Focus - Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
Products and Services - Working Experience
- Knowledge of major products and services and product and service groups; ability to apply this knowledge appropriately to diverse situations.
Effectiveness Measurement - Working Experience
- Ability to measure the quality and quantity of work effort for the purpose of improvement.
Software Product Testing - Extensive Experience
- Knowledge of and ability to design, plan, and execute testing strategies and tactics to ensure software product quality and adherence to stated requirements.
Software Product Quality Assurance - Extensive Experience
- Knowledge of a structured methodology for assuring quality of a software product throughout all stages of software development life cycle.
Software Test Engineering - Extensive Experience
- Knowledge of and ability to design, plan and execute cost-effective software testing strategies, processes and plans to ensure software quality at all stages of the software development cycle.
Problem Solving - Working Experience
- Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Effective Communications - Working Experience
- Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Influencing - Working Experience
- Knowledge of effective influencing tactics and strategies; ability to impact decisions within and outside own organization.
Decision Making and Critical Thinking - Working Experience
- Understanding of the issues related to the decision-making process; ability to analyze situations fully and accurately, and reach productive decisions.
Analytical Thinking - Working Experience
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
CISSP, GIAC, GWAPT, GPEN, CEH, LPT, or CCNA certification a plus
RequiredEducation and Experience
Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.