Security Engineer - Cloud Security Controls

PNC•Strongsville, OH

20h•Onsite

About The Position

As a Security Engineer on PNC's Cloud Security team, you will build and deploy innovative security controls that protect public cloud workloads that meet and often exceed regulatory standards. You will work on a highly innovative/collaborative team that works diligently to automate and bake security into Azure and AWS public cloud workloads. You will utilize the Cloud Provider’s and third party Cloud Security Posture Management (CSPM) tools to perform posture assessment PNC’s public cloud workloads. Familiarity and willingness to develop expertise in utilizing these CSPM tools as the source of truth for public cloud resource compliance is a must for this position. You will work closely with Cloud Security's Security as Code (SAC) pipeline to test and deploy security controls that ensure PNC workloads are secure by default. You will interact and engage with PNC Cloud Architects and PNC’s SOC team to understand potential vulnerabilities and work to codify these controls. In addition, you will engage with our Cloud Product team and Infrastructure as Code (IAC) teams as we shift our security controls to the left into Cloud Infrastructure pipelines. Being able to effectively communicate verbally and in writing is critical to interacting and engaging our stakeholders and internal customers. You will be a vital part of the Cloud Security team’s mission to secure PNC’s cloud workloads. As a Security Engineer, you will help mentor and guide the junior members of the team and participate in future roadmap planning. A strong ability to collaborate, problem solve, and actively build trust with our partners and stakeholders is critical.

Requirements

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role.
Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience.
Specific certifications are often required.
In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.
Bachelors
No Required Certification(s)
No Required License(s)
Access Control (AC)
AWS Devops
Building Architecture
Cloud Security
Customer Solutions
Disaster Recovery Planning
Information Security
Microsoft Azure Security
Network Security
Physical Security
Risk Assessments
Security Technologies
Analytical Thinking
Effective Communications
Information Security Management
Information Security Technologies
IT Environment
IT Standards, Procedures & Policies
IT Systems Management
Network and Internet Security
Problem Solving
Technical Troubleshooting

Nice To Haves

Deep experience with AWS and/or Azure cloud services in an Enterprise environment
Thorough understanding of Cloud security best practices.
Experience performing security gap analysis on Cloud Services or Cloud Infrastructure
Experience in implementing security controls for public cloud workloads in Azure and AWS.
Experience creating innovative security solutions that balance security with all other corporate priorities
Proficient in one or more scripting languages such as Python, Powershell, Bash, etc.
Expertise with Git, including branching workflows.
Experience with testing security controls to ensure the effectiveness of the control.
Strong written and verbal communications skills.
Process and detail oriented.
Has demonstrated project leadership, helping guide the direction of large team initiatives.
Ability to “think outside the box” when considering options to address security controls at scale and across multiple cloud service providers.
Expertise in SQL or SQL-type query languages
Azure Fundamentals - AZ-900
Azure Security Engineer Associate - AZ-500
AWS Cloud Security Engineer

Responsibilities

Build and test security controls for Azure resources and AWS services
Validate security control effectiveness and promote controls to production workloads
Work within agile team and proactively participate in planning sessions
Engineer and Configure utilizing CSPM tools to effectively analyze and assess cloud workloads for compliance in a CI/CD environment
Continuous learning environment – Our team does not stand still, a growth mindset that is continuously seeking new and better ways to solve security challenges is a must.
Assess, implement, automate, and document security solutions and processes for Microsoft Azure and AWS
Provide analysis of workloads to ensure alignment with operational security requirements in order to go to production.
Work closely with Cloud Security Product Owner to refine backlog tickets and define priority and sizing
Automate and orchestrate the process of Cloud software deployment (CI/CD) to integrate enterprise security standards, policies, configurations, and architectures, for applications, platforms, and infrastructure
Assist DevOps team members with the development and operationalization of security
Ensure the security posture of applications seeking deployment into Production

Benefits

medical/prescription drug coverage (with a Health Savings Account feature)
dental and vision options
employee and spouse/child life insurance
short and long-term disability protection
401(k) with PNC match
pension and stock purchase plans
dependent care reimbursement account
back-up child/elder care
adoption, surrogacy, and doula reimbursement
educational assistance, including select programs fully paid
a robust wellness program with financial incentives
maternity and/or parental leave
up to 11 paid holidays each year
9 occasional absence days each year, unless otherwise required by law
between 15 to 25 vacation days each year, depending on career level; and years of service.