At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Cyber Security Analyst within PNC’s Cyber Security organization, you will be based in Pittsburgh, PA.
The ideal candidate will have many of the following qualifications:
•Bachelor degree in Intelligence, Computer Science, Computer Forensics, or Information Security or received equivalent training and 4+ years related experience
•Exposure to processes employed at financial institution, government or military organizations conducting cyber operations.
•Strong background in security platform and technology capabilities, SIEM utilization skills
•Ability to analyze large data sets and unstructured data for the purpose of identifying cyber threats
•Ability to identify trends and anomalies indicative of malicious activity
•Demonstrated capability to learn and develop new security techniques
•Experience with high-level functional programming languages
•In-depth knowledge of, and experience with, TCP/IP protocol and network/packet analysis
•Must act independently, in accordance with a Standard Operating Procedure, in support of the incident management cycle
•Understands the life cycle of network threats, attacks, attack vectors, and methods of exploitation
•Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape
•Understanding of or experience with computer forensic analysis and malware analysis using forensic tools
•Experience analyzing and investigating events using an enterprise security information and event monitoring (SIEM), logs from firewalls, IDS/IPS, proxies, servers, endpoints and other network devices to determine risk.
•Understanding of or experience reverse-engineering for known and suspected malware files.
•Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), GIAC Certified Incident Handler Certification or related certifications a plus
•Strong writing skills
PA – Pittsburgh
- Provides technical cyber security analysis, execution and guidance, drawing on prior experience and knowledge to protect the IT environment.
- Establishes and maintains data, network and system security within enterprise wide definitions of security.
- Advises on and designs security procedures and solutions for clients, peers and business partners to ensure enterprise wide security.
- Reviews and implements security plans and solutions applying relevant controls and industry best practices.
- Participates in the design of overall security of solutions and evaluates technologies and changes to business needs.
Manages Risk – Working Experience
- Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank’s and unit’s risk appetite and risk management framework.
Customer Focus – Extensive Experience
- Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions.
Job Specific Competencies
Data Administration – Extensive Experience
- Knowledge of and the ability to manage an organization’s architectures, data resources, polices, practices and procedures to appropriately and effectively address business and stakeholder’s needs.
INFORMATION SECURITY MANAGEMENT – Working Experience
- Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.
IT Standards, Procedures & Policies – Extensive Experience
- Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.
Technical Troubleshooting – Extensive Experience
- Knowledge of technical troubleshooting approaches, tools and techniques, and the ability to anticipate, recognize, and resolve technical (hardware, software, application or operational) problems.
IT ENVIRONMENT – Extensive Experience
- Knowledge of an organization’s IT purposes, activities and standards; ability to create an effective IT environment for business operations.
Problem Solving – Extensive Experience
- Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.
Effective Communications – Extensive Experience
- Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.
Analytical Thinking – Extensive Experience
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.
Information Security Technologies – Working Experience
- Knowledge of technologies and technology-based solutions dealing with information security issues.
Information Assurance – Extensive Experience
- Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.
CISA, CISSP, and CISM preferred.
Required Education and Experience
Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.