Security Specialist Senior

About The Position

Requirements

• Development, DevOps, and Security experience with two or more public cloud technologies
• Knowledge and understanding of IT architectures, distributed systems and microservices
• Experience with programming languages and in writing automation (Python).
• Experience with Serverless functions (Azure Function, AWS Lambda)
• Experience with relational databases (SQL)
• Knowledge and experience with containerization (Docker, Kubernetes, OpenShift).
• Knowledge and experience with CI/CD and DevOps tools (Git, Jenkins, Groovy, Make, and Terraform).
• Knowledge and experience with Security / DevSecOps tools.
• Knowledge and experience with Cloud Security Posture Management tools (Azure Policy, AWS Config, Prisma Cloud, AWS SCP).
• Outstanding troubleshooting/problem solving abilities.
• Experience working with relevant cloud security frameworks/guidelines (CSA CCM, PCI Cloud Supplement, ISACA Cloud Computing Audit, CIS, NIST).
• Inquisitive and resourceful – not afraid to network within the organizations to ask relevant questions.
• Excellent verbal and written communication skills – ability to explain complex concepts to a wide variety of individuals with varying technical skills.
• Interacting with project management team members and key stakeholders on application projects.
• Ability to handle sensitive and confidential information appropriately.

Nice To Haves

• Access Control (AC)
• Building Architecture
• Customer Solutions
• Disaster Recovery Planning
• Information Security
• Network Security
• Physical Security
• Risk Assessments
• Security Technologies

Responsibilities

• Provides technical evaluation and analysis in a specific Security area.
• Supports activities, process, and tools needed to improve overall security posture of the organization.
• Primary responsibilities do not include Architect or Engineering responsibilities.
• Provides subject matter expertise.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, creates documentation.
• Performs investigation and data loss prevention, data manipulation, coordination of activities.
• Performs actions to address or mitigate risks and vulnerabilities.
• Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations.
• Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion.
• Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently.
• Investigates and recommends corrective actions for data security related to established guidelines.
• Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats.
• Oversees that business needs are being met during development.
• Shares knowledge, leads and mentors are the discretion of management.
• Aligns the controls of a specific Security area to the enterprise framework.
• Devises control implementation strategy.

Benefits

• medical/prescription drug coverage (with a Health Savings Account feature)
• dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match
• pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives
• maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level; and years of service