Security Analyst - Pen Tester / Tuesday - Saturday shift

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Analyst within PNC's Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL; Dallas, TX or Lakewood, CO Schedule is Tuesday, Wednesday, Thursday, Friday and Saturday A Security Analyst (Penetration Tester) demonstrates general knowledge of concepts such as OWASP Top 10, vulnerability scanning, and penetration testing methodologies. Conducts and assists with automated and manual security testing of applications to identify and validate vulnerabilities. Retests previously discovered vulnerabilities to confirm successful remediation. Develops and maintains documentation such as procedures, assets, communication, etc. Contribute to the enhancement of the penetration testing program. Candidates should have some experience with: Mobile testing experience Web application testing experience Mobile development experience Web application development experience Certifications that will be taken into consideration: Offensive Security Certified Expert (OSCE) Offensive Security Certified Professional (OSCP) Offensive Security Wireless Professional (OSWP) Certified Information Systems Security Professional (CISSP) Familiarity with the following tools: Burp Proxy/Man-in-the-Middle (MiTM) Proxy/ZAP proxy/Charles proxy AppScan Nessus Qualys PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization. Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff. Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.