Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all our employees feel respected, valued, and have an opportunity to contribute to the company’s success.

This position is primarily based in a location within PNC’s footprint. Responsibilities require time in the office or in a field on a regular basis. Some responsibilities can be performed remotely. Additional locations may be considered.

As a Security Analyst within PNC’s Technology organization, you can be based in Pittsburgh PA, Strongsville OH, Birmingham AL, Dallas TX, or Phoenix AZ.

1. Technical Skills
• Scripting and Automation: Experience in automation and scripting (specifically PowerShell)
• Cloud Security: Familiarity with securing data in cloud environments (Azure, Microsoft 365, Purview, AWS etc.)
• Data Security: Expertise in Data Protection techniques and technologies.
• Database Security: Knowledge of securing databases, including role-based access control, auditing, and data masking are a plus.
• Endpoint Security: Skills in securing end-user devices and understanding endpoint protection tools are a plus.
• Network Security: Understanding of network security protocols, firewalls, VPNs, and intrusion detection systems are a plus.
• Power BI and Power Automate Experience: Skills in Data Virtualization and Automation are a plus.

2. Compliance and Regulatory Knowledge
• Data Governance: Familiarity with data governance frameworks and practices to ensure data quality, privacy, and security.
• Audit and Reporting: Ability to prepare for and respond to compliance audits, as well as generate necessary reports and documentation.
• Records Management Experience is a plus.

3. Soft Skills and Professional Qualities
• Delivery Oriented: The ability to deliver initiatives and Business as Usual (BAU) activities efficiently and effectively.
• Problem-Solving: Strong analytical and troubleshooting skills to identify and resolve data protection issues.
• Attention to Detail: Precision in configuring and monitoring data security tools and practices.
• Communication: Ability to explain complex technical concepts to non-technical stakeholders and work across different teams.
• Adaptability: Ability to stay updated with evolving security threats and technologies.
• Ethics and Integrity: Strong ethical principles to handle sensitive and confidential information responsibly.

4. Experience
• Practical Experience: Direct experience automating administrative tasks and reporting with PowerShell. Applying data protection controls, rules and policy with data security technologies like DLP, Purview Information Protection, Data Security Posture Management (DSPM), SIEM, antivirus etc.

• Incident Response: Experience in handling security incidents, breaches, and mitigating risks.
• Delivery: Proven track record in driving delivery for initiatives and BAU activities.
• Metrics Management: Experience in identifying and developing Metrics, KRIs to support data protection processes.
• Industry Experience: Experience in the industry or sector relevant to your business, such as finance, healthcare, or technology.

5. Tools and Technologies
• Data Protection: Familiarity with Data Protection solutions. (Purview Information Protection, DSPM, PowerShell, Microsoft 365 etc.)
• Scripting and Automation: Experience in automation and scripting development (PowerShell, Python)
• Power BI and Power Automate

PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.

Job Description

• Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused – Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk – Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC’s Enterprise Risk Management Framework.