Security Staff Manager - CNAPP Expert
Two PNC Plaza (PA374)
PNC
PNC Bank offers a wide range of personal banking services including checking and savings accounts, credit cards, mortgage loans, auto loans and much more.Why Join Us
PNC places cyber security as a foundational business enabler that is used to empower our business partners to build products securely that our customers and regulators trust. We build security into every aspect of what we do and Cloud is no different. As we continue our journey in utilizing public cloud services, we are seeking to expand our team to ensure cloud workloads adhere to regulatory security requirements.
Our culture is very important to PNC and within the Cloud Security team we have five cultural key pillars that include; Respect, Communications, Accountability, Support, and Growth. We live by the principles we set forth as part of this team.
Cloud Security Manager at PNC
The Cloud Security team consists of Security Engineers that are responsible for deploying security controls as code that optimally prevent security violations from ever occurring in our cloud infrastructure. The team has Responsibility and Accountability for posture assessing cloud workloads and testing security controls through a Software Development Lifecycle (SDLC) process. The controls are analyzed and tested to ensure their effectiveness. Partnering with other members of EIS to ensure they have visibility into security violations with the ability to respond.
What You’ll Do
You will lead a team of Security Engineers and work with the Scrum Master and Product Owner utilizing Agile to plan, track, and deliver business value. Your technical expertise in securing cloud workloads will enable you to define Security Features that are needed to appropriately secure cloud workloads. You will be empowered to make decisions to determine appropriate native and third party products enable Security Engineers to most effectively achieve the team’s mission.
Responsibilities:
• Build, lead, and grow successful engineering team that deliver results.
• Set and execute on team strategy, and share context by elaborating the “why”, empower everyone to achieve their best work, and drive execution of projects while setting clear expectations.
• Ensure the delivery of highly effective security controls at scale against timelines while encouraging creativity.
• Collaborate with other Security teams and business partners to bring consistency to the security controls and processes
• Work with a diverse set of team members to achieve team, organizational, and career goals.
• Work with Product Manager and Product Owner to create Features that deliver business value with appropriate timelines.
• Actively participates in Agile Product Increment (PI) and Sprint Planning as well as daily standup.
• Results are achieved - Ensures challenges/blockers to completing Epic is addressed and resolved.
Requirements:
• Demonstrated experience in leadership role, typically 5 years in management.
• Strong and effective communication ability to convey complex ideas in a simple manner, apply active learning when working with others, and drive teams to resolution during discussions
• A strong understanding of cloud security fundamentals such as Cloud Native Application Platform Protection (CNAPP), IAM, SIEM, Firewalls, Endpoint Protection, and, Encryption
• A solid knowledge of Continuous Integration/Continuous Delivery (CI/CD) pipelines in order to deliver security controls at scale.
• A proven track record of building cultures that encourage ambition and foster empathy. You will create and contribute to a healthy and collaborative culture that showcases PNC’s values
• Past experience deploying cloud security controls that align with CIS Benchmarks, CRI Profile, or other regulatory standards.
• Experience and strong fundamental understanding of CNAPP’s such as Palo Alto’s Prisma Cloud, Microsoft Defender for Cloud, or AWS Config.
• Ability to understand business requirements and ensure that PNC has the appropriate security controls in place to protects cloud workloads
• Experience setting technical direction that address the current threat landscape to ensure PNC is proactively providing security controls at scale.Job Description
- Manages a team that oversees the day-to-day operations and effectiveness of assigned security technology and programs.
- Manages resources that enables security control effectiveness with a team and technology.
- Monitors trends and continuously assesses staff/security system capabilities to meet business demands.
- Leads in policy development, audit mitigation, and other tasks related to securing and maintaining the operational health of the infrastructure. Evaluates security systems, teams and processes to provide recommendations to maintain continuity and operational health.
- Documents and revises procedures and playbooks for teams, processes and technology to provide a standard security practice and increase team effectiveness.
PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:
- Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
- Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
PNC also has fundamental expectations of our people managers. As a manager of talent in PNC, you will be expected to:
- Include Intentionally - Cultivates diverse teams and inclusive workplaces to expand thinking.
- Live the Values - Role models our values with transparency and courage.
- Enable Change - Takes action to drive change and innovation that will transform our business.
- Achieve Results - Takes personal ownership to deliver results. Empowers and trusts others in decision making.
- Develop the Best - Raises the bar with every talent decision and guides the achievement of all employees and customers.
Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.
Competencies
Information Assurance, Information Security Audits, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, Knowledge of Organization, Planning: Tactical, StrategicWork Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry experience is typically 8+ years. At least 5 years of prior management experience is typically required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.Education
BachelorsCertifications
No Required Certification(s)Licenses
No Required License(s)BenefitsPNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.In addition, PNC generally provides the following paid time off, depending on your eligibility*: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.To learn more about these and other programs, including benefits for full time and part-time employees, visit pncbenefits.com > New to PNC.
*For more information, please click on the following links:
PNC Full-Time Benefits Summary
PNC Part-Time Benefits Summary
Disability Accommodations StatementIf an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.
PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.
Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Audits AWS CCPA CI/CD Cloud CNAPP Encryption Firewalls IAM PhD Privacy Risk management RMF Scrum SDLC SIEM Strategy
Perks/benefits: 401(k) matching Career development Equity / stock options Flex vacation Health care Insurance Medical leave Parental leave Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.