Security Testing Specialist Sr - Sunday - Thursday 3pm - 11pm MST - Application Security
PNC•Denver, CO
•$123,200 - $228,800•Onsite
About The Position
At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Testing Specialist Sr within PNC's Technology Security organization, you will be based in Denver, CO or Phoenix, AZ. Hours: Sunday - Thursday 3:00 PM – 11:00 PM (Denver local)
Requirements
- Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role.
- Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.
- Bachelors
Nice To Haves
- Experience performing application, cloud, network, or infrastructure penetration testing.
- Experience administering enterprise vulnerability scanning or DAST platforms.
- Experience with AWS, Azure, Google Cloud Platform (GCP), or cloud-native technologies.
- Experience assessing AI-powered applications, large language models (LLMs), AI agents, or machine learning systems.
- Experience with API security testing, authentication and authorization testing, and OWASP Top 10 vulnerabilities.
- Experience with hardware, embedded systems, kiosks, ATMs, IoT, or other specialized technology security assessments.
- Experience designing and developing AI-powered security testing harnesses, custom security tooling, or automated vulnerability assessment frameworks.
- Strong understanding of attack methodologies, vulnerability research, exploit development, adversarial testing techniques, and security automation.
- Access Control (AC)
- AI Penetration Testing
- Application Security Testing
- Building Architecture
- Customer Solutions
- Disaster Recovery Planning
- Information Security
- Network Security
- Penetration Testing
- Physical Security
- Risk Assessments
- Security Technologies
- Web Application Security
- Analytical Thinking
- Effective Communications
- Information Security Management
- Information Security Technologies
- IT Environment
- IT Standards, Procedures & Policies
- Knowledge of Organization
- Problem Solving
- Higher level education such as a Masters degree, PhD, or certifications is desirable.
- Industry relevant experience is typically 8+ years.
- Specific certifications are often required.
- In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.
Responsibilities
- Conducts security assessments of applications, APIs, cloud environments, networks, artificial intelligence systems, and other technology platforms to identify vulnerabilities, attack paths, and security control weaknesses.
- Administers and operates security testing capabilities, including DAST platforms, automated scanning infrastructure, vulnerability validation processes, and security testing automation.
- Develops and integrates AI-powered security testing capabilities, including custom testing harnesses, autonomous assessment workflows, and tooling that improves the effectiveness and efficiency of security assessments.
- Performs targeted penetration testing and deep-dive security assessments of critical systems, technologies, and business processes to identify complex attack chains and high-impact vulnerabilities.
- Researches emerging threats, attack techniques, and security technologies to develop innovative testing methodologies and enhance vulnerability discovery capabilities.
- Reviews testing results with stakeholders, determines risk ratings, and provides technical remediation guidance to reduce enterprise security risk.
- Provides subject matter expertise for security testing capabilities.
- Carries out manual and automated security testing of applications, infrastructure, and/or platforms to discover security vulnerabilities.
- Performs manual testing to validate vulnerabilities.
- Creates reports and review test results with stakeholders.
- Assists in the design and implementation of security solutions and continuously enhances information security approaches and methodologies at manager discretion.
- Provides subject matter expertise.
- Lead and mentor at manager discretion.
Benefits
- medical/prescription drug coverage (with a Health Savings Account feature)
- dental and vision options
- employee and spouse/child life insurance
- short and long-term disability protection
- 401(k) with PNC match
- pension and stock purchase plans
- dependent care reimbursement account
- back-up child/elder care
- adoption, surrogacy, and doula reimbursement
- educational assistance, including select programs fully paid
- a robust wellness program with financial incentives
- maternity and/or parental leave
- up to 11 paid holidays each year
- 9 occasional absence days each year, unless otherwise required by law
- between 15 to 25 vacation days each year, depending on career level
- years of service
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
