Software Security Specialist Sr
Job Profile
Position Overview
At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Software Security Specialist Sr within PNC's Enterprise Technology & Security organization, you will be based in Pittsburgh, PA, Cleveland, OH, Birmingham, AL, Dallas, TX, Kansas City, KS, Philadelphia, PA, or Cincinnati, OH.
This position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at manager’s discretion.
An ideal candidate will have:
- Hands-on experience performing threat modeling
- In-depth experience guiding development teams with remediating common application vulnerabilities such as OWASP, API Security, secure design
- Hands-on experience building and implementing strong authentication solutions
- Passionate about creating secure software and can articulate why
- Ability to analyze gaps in SDLC and recommend reasonable solutions
- Hands-on experience with secure design, security architecture, and implementing software security solutions
- Ability to work independently and as part of a team
- Agile development concepts and methods (scrum, Kanban)Experience with SAST, DAST, RASP, CI/CD pipelines
- Strong communication and relationship building skills
Preferred:
- Hands-on experience with API Security tools
- Knowledge and experience with software security frameworks (e.g., BSIMM, SAMM)Strong technical skills in penetration testing
- Certified Secure Software Lifecycle Professional (CSSLP), SANS GWAPT
- Public cloud security (e.g., AWS, Azure, GCP)Software development experience
- Experience using SD Elements or similar tools
- Metrics and reporting
Job Description
- Responsible for enabling developers to create more secure software through coaching and mentoring developers and provides subject matter expertise to Application Security programs.
- Works with developers to help them create more secure code.
- Manages projects and tasks related to developer.
- Sets secure coding standards and requirements with team.
- Coaches developers on language specific coding techniques to avoid or remediate coding flaws.
PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:
- Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
- Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
Competencies
Analytical Thinking – Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Effective Communications – Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Information Security Management – Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
Information Security Technologies – Knowledge of technologies and technology-based solutions dealing with information security issues.
IT Environment – Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.
IT Standards, Procedures & Policies – Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
Knowledge of Organization – Knowledge of the organization's vision, structure, culture, philosophy, operating principles, values, and code of ethics; ability to apply this understanding appropriately to diverse situations.
Problem Solving – Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Work Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry relevant experience is typically 8+ years. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.
Education
Bachelors
Additional Job Description
Base salary: commensurate with skills and experience
Benefits
PNC offers employees a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include medical/prescription drug coverage (with a Health Savings Account feature); dental and vision options; employee and spouse/child life insurance; short- and long-term disability protection; maternity and parental leave; paid holidays, vacation days and occasional absence time; 401(k), pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption assistance; educational assistance and a robust wellness program with financial incentives. To learn more about these and other programs, including benefits for part-time employees, visit pncbenefits.com > New to PNC.
Disability Accommodations Statement:
The PNC workplace is inclusive and supportive of individual needs. If you have a physical or other impairment that might require an accommodation, including technical assistance with the PNC Careers website or submission process, please call 877-968-7762 and select Option 4: Recruiting or contact us via email at [email protected].
The Human Resources Service Center hours of operation are Monday - Friday 9:00 AM to 5:00 PM ET.
Equal Employment Opportunity (EEO):
PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.
California Residents
Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.