Security Engineer - Cryptographic Engineer for Post Quantum Cryptography

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Engineer within PNC's Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL; Dallas, TX; Denver, CO or Phoenix, AZ. As a Security Engineer you will have the following experience: 1. Cryptographic, Technical, and Tooling Experience Experience with enterprise centralized cryptographic program - Cryptographic lifecycle management, secure environments, key ceremonies, and chain of custody controls - Key management solutions across cloud (AWS, Azure) and data platforms (MSSQL, Oracle, Linux, MongoDB, Pure, Neo4j) - Public Key Infrastructure (PKI), including certificate lifecycle management, issuance, renewal, and troubleshooting - Application layer protection technologies and tokenization strategies - Cryptographic inventory awareness and integration across platforms supporting enterprise visibility Familiarity with cryptographic agility principles, post-quantum tooling, and quantum-safe technologies Advanced understanding of cryptographic solutions supporting strategic planning, including the impact of quantum computing on enterprise security. Hands on experience with cryptographic platforms and tooling - Key Management: Oracle Key Manager, Thales CipherTrust Manager - HSMs: Thales, SWIFT, Entrust - PKI/Certificate Management: Venafi, Microsoft ADCS - Tokenization: Protegrity - Cryptographic Inventory: AgileSec Analytics Proficiency with enterprise standard tools - Workflow and collaboration platforms (Jira, Confluence, SharePoint, ServiceNow) - Data visualization and reporting tools with ability to support reporting, dashboarding and analytics - OpenSearch preferred 2. Compliance, Regulatory, and Industry Knowledge Knowledge of PCI standards, FIPS requirements (including validation), FIPS, and NIST cryptographic guidance for current, and emerging standards. Foundational understanding of Cryptographic agility principles and their application in enterprise environments Familiarity of Industry guidance and collaboration bodies (G7, FS-ISAC, FSSCC, CNSA) related to PQC roadmap development and migration planning. 3. Soft Skills and Professional Qualities The ability to deliver both initiatives and business as usual (BAU) activities to completion. Strong analytical and problem-solving skills to identify and resolve complex issues. Demonstrates a high level of precision in implementing and validating cryptographic controls and processes. Capable of translating complex technical concepts for non-technical stakeholders and collaborating across teams. Adapt to stay updated with evolving security threats, technologies, and cryptographic standards. Produce clear, concise, and professional documentation (policies, procedures, technical designs, and executive-level materials) Forward thinking mindset with ability to see beyond the present and consider the long-term implications of solutions. Ability to define and track metrics and key risk indicators (KRIs) to measure control effectiveness and program maturity 4. Additional Preferred Experience Certifications in cryptographic technologies or EC Council’s Certified Encryption Specialist Participation in cryptographic working groups or standards bodies (FS-SIAC, X9, PKI Consortium, ect.) PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines. Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization. Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions. Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions. Works with operational partners to enable transition and day-to-day supportability. Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.