Security Manager Sr - Security Policy & Controls Governance

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Manager Sr within PNC’s Technology organization, you will be based in Pittsburgh, PA. Scope of Responsibilities: The Senior Security Manager will lead a service “Security Policy & Controls Governance”. Responsibilities include the management of the Information Security Policies, ensuring that the Security programs, policies and controls/procedures are aligned to regulatory requirements and industry expectations. To continue building maturity, the service leads the alignment to the CRI FS Profile as the primary diagnostic framework. Additionally, the service is expected to provide policy and control guidance for emerging technologies like cloud, artificial intelligence and post-quantum cryptography. The team this person will lead and manage includes the Security Awareness and Education service and partnering with partner groups in security to build a security-minded culture. • Partner with the lines of business and other security partners on ensuring gaps are remediated, and risks are mitigated as appropriate per the organization’s risk appetite. • Provide support of internal audits and regulatory exams across the Security portfolio, providing guidance, oversight and coordination as needed. • Keep up to date with the regulatory landscape, partnering with internal legal and regulatory intelligence services, and strategic security partnerships. • Help to influence the financial services sector’s adoption of standards, frameworks and guidance. • Continue maturing the Cybersecurity Awareness and Education program inclusive of testing the PNC workforce and ensuring the effectiveness of security training programs. Skills: Experience with FFIEC, PCI, HIPAA, and NIST. Experience aligning controls and policies to best practices and requirements. • Experience with consulting and advising security services on improving maturity of their service to ensure they meet updated guidance and requirements. • Experience leading, developing and coaching people • Experience setting and executing strategy • Experience with managing projects (both formal projects and small work efforts) • Experience with developing and implementing some level of automation, innovation in reporting and analysis. • Be meticulous about documentation and uphold the tenants of Credibility and Defensibility. The role includes a team of Security Analysts and Specialists who have experience in policy, controls and compliance, but range in the years of experience PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description Manages multiple teams focused on maintaining confidentiality, integrity, and availability of data, systems, and networks. Responsible for management and oversight of applicable security technology products for network, systems and data. Develops, implements and enhances policies and procedures to improve the operation and effectiveness of the organization. Provides technical and professional advice or knowledge regarding various administrative areas of responsibility. Oversees and manages administrative staff. Provides professional and personal growth and development to individuals as appropriate. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.