Security Specialist (Management of Vulnerabilities)

About The Position

Requirements

• Centralized management of vulnerabilities
• Management of, not hands on remediation
• Set baselines, high level management of vulnerabilities
• Interact with teams and stakeholders
• University / college degree, with 5+ years of industry-relevant experience (or comparable combination of education, job specific certification(s), and experience)
• Bachelors degree
• Analytical Thinking
• Effective Communications
• Information Assurance
• Information Security Management
• Information Security Technologies
• IT Environment
• IT Standards, Procedures & Policies
• IT Systems Management
• Problem Solving
• Software Security Assurance
• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework

Nice To Haves

• Access Control (AC)
• Building Architecture
• Customer Solutions
• Disaster Recovery Planning
• Information Security
• Information Security Risk
• Network Security
• Physical Security
• Risk Assessments
• Security Technologies
• Vulnerability Management

Responsibilities

• Centralized management of vulnerabilities
• Management of, not hands on remediation
• Set baselines, high level management of vulnerabilities
• Interact with teams and stakeholders
• Provides technical evaluation and analysis in a specific Security area
• Supports activities, process, and tools needed to improve overall security posture of the organization
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation
• Performs investigation and data loss prevention, data manipulation, and coordination of activities
• Performs actions to address or mitigate risks and vulnerabilities
• Reviews and defines controls
• Advises on more complex security procedures and products for clients, security administrators and network operations
• Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion
• Shares knowledge with staff
• Conducts security assessments and other information security routines consistently
• Investigates and recommends corrective actions for data security related to established guidelines
• Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats
• Oversees that business needs are being met during development

Benefits

• medical/prescription drug coverage (with a Health Savings Account feature)
• dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match
• pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives
• maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level
• years of service