Security Specialist - Third Party Security Assurance

About The Position

Requirements

• Bachelor's Degree and at least 3 years of directly related experience.
• Experience working in Third Party Risk Management preferred.
• Must have a solid understanding of security concepts and controls and industry frameworks including NIST, FFIEC, and CRI Profile.
• Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
• Excellent project management skills, with the ability to work within deadlines, and flexibility to manage multiple competing priorities.
• Ability to work independently with little direction and/or supervision.
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking.
• High-level interpersonal skills.
• Experience with supporting toolsets including Sharepoint, Jira, Confluence, and Tableau.

Nice To Haves

• Proficiency using Third Party platforms including Archer and/or KY3P.
• CCSK, CCAK, CRISC, CISSP Certification(s).

Responsibilities

• Serve as subject matter expert of third party risk identification across various security disciplines as part of the PNC Third Party Security assessment process.
• Conduct and lead Risk Office meetings with Enterprise Third Party Management (ETPM) and Lines of Business (LOBs) to manage a portfolio of third party engagements.
• Scope and determine level of assessments against a set of risk characteristics for a portfolio of third party engagements.
• Serve as an escalation point to address issues, delays, obstacles as needed to keep the assessment lifecycle on track.
• Submit and manage Findings discovered as a result of third party assessments for the assigned portfolio of engagements.
• Conduct peer reviews of the portfolio of assessments and communicate findings to ETPM/LOBs during the lifecycle of the assessments.
• Conduct assessments to completion within SLA when needed.
• Educate and build awareness of third-party security requirements across the TPSA team and stakeholders.
• Identify and lead efforts to improve the overall third-party security assurance program.
• Assist with testing releases of the PNC TPSA platform.
• Consult on defining third party security policies and best practices.
• Deliver assessment results to LOB stakeholders.
• Special projects as assigned.

Benefits

• Medical/prescription drug coverage (with a Health Savings Account feature)
• Dental and vision options
• Employee and spouse/child life insurance
• Short and long-term disability protection
• 401(k) with PNC match
• Pension and stock purchase plans
• Dependent care reimbursement account
• Back-up child/elder care
• Adoption, surrogacy, and doula reimbursement
• Educational assistance, including select programs fully paid
• A robust wellness program with financial incentives
• Paid time off including maternity and/or parental leave, up to 11 paid holidays each year, 8 occasional absence days each year, and between 15 to 25 vacation days each year depending on career level and years of service.