Director of IT Infrastructure and Firm Security

Position Overview

Job Description

Title:  Director of IT Infrastructure and Firm Security

Description:  The Director of IT Infrastructure and Firm Security is a senior member of the Technology Leadership Team responsible for ensuring the availability, effectiveness and efficiency of our infrastructure technology stack, cyber and physical security and technology risk management across all enterprise platforms. This role involves driving the strategy, architectural design, planning, implementation, maintenance, and support of all infrastructure technologies and risk/security tools and controls across the firm. The Director will foster a culture of focus, continuous improvement, and innovation within this talented technical team.

Responsibilities:

Team and Program:

• Lead a collaborative and supportive team of technical experts and third-party providers (where appropriate) to deliver the security, system availability, and responsiveness of the technology infrastructure.  Partner and collaborate with cross-functional teams to ensure alignment, prioritization and progress on small- and large-scale initiatives.
• Foster a culture of continuous improvement, prioritization, innovation, and proactive problem-solving within the technology infrastructure and security team.
• Outline and manage a team-level product catalog and associated service definitions for our enterprise infrastructure, security and risk services.  Define and manage related service levels, voice of customer and delivery measures.
• Develop and implement a comprehensive strategy and roadmap to eliminate technology and process debt while ensuring the security and uptime of the infrastructure and continued functionality enhancements.
• Establish and monitor key health measures and performance metrics to continuously assess the efficiency and effectiveness of technology infrastructure, security and risk.
• Provide regular program reporting and updates to executive leadership, stakeholders and partners regarding the performance, status, and risk assessment of the technology infrastructure, security and risk initiatives.
• Delivery and expansion of ITIL practices to yield effective operational practices and the ability to produce focused measurement of capacity, volumes and progress.
• Developing and maintaining the IT Infrastructure and Security budget collaborating with stakeholders to align IT spending with business objectives.
• The responsibility of organizational change management is to ensure effective communication and support to end users when infrastructure or security changes occur, ensuring awareness and providing guidance on necessary actions to be taken.
• Ensure team members have individual development plans, clear definitions of ownership and priority and training where needed.

IT Infrastructure and Security:

• Ensure ongoing effective management and evolution of the Infrastructure and Security platform portfolios. Ensure corresponding monitoring is in place for health, activity and performance to enable appropriate system administration, security and incident response.
• Lead the design, testing, implementation and transition to operations for IT Infrastructure platforms and services, leveraging structured delivery and management practices. 
• Lead the design, testing, implementation and transition to operations of risk and security capabilities, protocols and processes to protect the firm’s people, data and technology from potential threats and vulnerabilities. 
• Stay current on industry best practices and emerging technologies to continuously enhance the technology infrastructure and security capabilities.
• Manage vendor relationships and contracts related to technology infrastructure and security, ensuring compliance with service level agreements.
• Lead team to create and be well-versed in proactive readiness and reactive recovery / response procedures to increase our ability for rapid and safe recovery in emergencies.  Leadership of annual execution of the Disaster Recovery Plan for both cloud and on-premise technology.
• Implement risk-based physical security program and practices applicable to the HW facility and personnel risk profile.  Manage physical security and life safety programs across the firm, with corresponding communications. 
• Leadership on all office expansions and relocation projects form an IT perspective.

Technology Risk Management:

• Develop, implement and maintain comprehensive IT risk management framework to identify, assess, and prioritize risks across the firm.
• Define risk policies, procedures, and controls to mitigate potential threats to the firm’s enterprise technology.
• Oversee the execution of risk mitigation strategies and ensure compliance with established risk management policies.
• Conduct regular assessments to evaluate the effectiveness of risk controls and identify areas for improvement.
• Continuously review and update risk management processes to adapt to evolving threats and business needs.
• Collaborate with stakeholders to ensure ongoing alignment of risk management practices with the firm’s strategic objectives.
• Prepare and deliver regular reports on IT risk status, including identified risks, mitigation efforts, and compliance with risk management policies, to senior leadership and relevant stakeholders.
• Establishing and maintaining relationships with PNC stakeholders, staying closely connected to the Bank to understand, negotiate and ultimately deliver any PNC requirements to ensure the protection of the firm's independent technology.
• Successfully manage control portfolio through regular lifecycles, support and execute assessment activities, and continuously identify opportunities for risk program clarity and simplification.
• Construct and implement improved methods for application control ownership across business and IT teams to improve effectiveness and efficiency.

Skills Required: 

To effectively lead IT infrastructure, risk, and security, a combination of leadership, people management, and technical skills is crucial. Here are some key skills required for this role:

• Leadership Skills: Strong leadership abilities are essential to provide direction, make strategic decisions, and drive the team towards goals. This includes effective communication, decision-making, and problem-solving skills.
• People Management: The ability to manage and inspire a team of IT professionals is crucial. This includes skills in team building, mentoring, performance management, and fostering a collaborative and inclusive work environment.
• Technical Expertise: A deep understanding of IT infrastructure, risk management, and security principles is necessary. This includes knowledge of network architecture, cloud technologies, data protection, threat detection, incident response, and compliance frameworks.
• Risk Management: The ability to assess and mitigate risks is essential in ensuring the security and resilience of the IT infrastructure. This includes skills in risk assessment, vulnerability management, and implementing robust security controls.
• Collaboration and Stakeholder Management: The ability to collaborate effectively with various stakeholders, such as business leaders, IT teams, and external vendors, is important in aligning IT infrastructure, risk, and security with business needs.
• Project Management: Strong project management skills are needed to plan, execute, and deliver IT infrastructure and security initiatives on time and within budget. This includes skills in project planning, resource allocation, and tracking progress.
• Continuous Improvement: A mindset of continuous improvement and staying updated with the latest industry trends and best practices is crucial. This involves the ability to identify areas for improvement, implement innovative solutions, and adapt to evolving security threats and infrastructure modernization opportunities.
• Financial Management:  The skills needed for budget management include financial acumen, strategic planning, forecasting, cost analysis, and the ability to make informed decisions to optimize resources and drive financial success.

This description reflects the core activities of the role but is not intended to be all-inclusive and other duties within the group/department may be required in addition to changes in the emphasis of duties as required from time to time. There is a requirement for the post holder to recognize this and adopt a flexible approach to work. Job descriptions will be reviewed regularly and where necessary revised in accordance with organizational needs. Any major changes will be discussed with the post holder.

In order to be considered, you must be able to work in the U.S. without sponsorship.

Disclaimer: Harris Williams will not accept unsolicited resumes from contingency recruiters. Any such resumes received will not be considered as legitimate submissions, and Harris Williams will not pay for the placement of a candidate resulting from the receipt of an unsolicited resume. Furthermore, Harris Williams strictly forbids any contingency recruiter from representing the firm in the market without prior consent

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills

Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies

Competencies

Business Acumen, Effective Communications, Influencing, Problem Solving, Relationship Management, Strategic Thinking

Work Experience

Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry-relevant experience is typically 8+ years. At least 5 years of prior management experience is typically required. Proven leadership experience with a moderate to large scope of responsibility is required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Education

Certifications

No Required Certification(s)

Licenses

No Required License(s)

Benefits

PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.

In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

To learn more about these and other programs, including benefits for full time and part-time employees, visit Your PNC Total Rewards.

Disability Accommodations Statement

If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses.  Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

At PNC we foster an inclusive and accessible workplace.  We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.

Equal Employment Opportunity (EEO)

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.