Security Engineer - Test/Deploy Cloud Controls

Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Software Engineer within PNC’s Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL or Dallas, TX. The position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at the manager’s discretion.

**PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position**

As a Senior Security Engineer, you will be embedded in the Cloud Security Team and will build and deploy innovative security controls that protect public cloud workloads that are in alignment with regulatory standards. You will work on a highly innovative/collaborative team that works diligently to automate and bake security into public cloud workloads. You will utilize Cloud Service Provider’s native Cloud Native Application Protection Platform (CNAPP) tools as well as Palo Alto Prisma Cloud to posture assess PNC’s public cloud workloads. Familiarity and willingness to develop expertise in utilizing Prisma Cloud as the source of truth for public cloud resource compliance is a must for this position.
Having a strong ability to collaborate and problem solve within the Cloud Security team and with our partners and stakeholders is critical. You will work closely with Prisma Cloud and PNC’s Security as Code (SAC) pipeline to test and deploy security controls that ensure PNC workloads are secure by default. You will interact and engage with PNC’s Fusion Center, which is our SOC, to understand potential vulnerabilities and work to codify these controls.
In addition, you will engage with our Cloud Product team and Infrastructure as Code (IAC) teams as we shift our security controls to the left into the IAC pipeline and Integrated Developer Environments (IDE). Being able to effectively communicate verbally and in writing is critical to interacting and engaging our stakeholders and internal customers. You will be a vital part of the Cloud Security team’s mission to secure PNC’s cloud workloads.

Responsibilities
· Test security controls in lower environments for Azure resources and AWS services
· Validate security control effectiveness and promote to production workloads
· Work within agile team and proactively participate in planning sessions
· Engineer and Configure Palo Alto Prisma Cloud to effectively analyze and assess cloud workloads for compliance
· Write RQL queries to implement new policies to check for resource drift.
· Provide technical support to remediate alerts in Prisma Cloud
· Enable key stakeholders with access to Prisma Cloud to utilize licensed components to full effectiveness
· Continuous learning environment – Our team does not stand still, a growth mindset that is continuously seeking new and better ways to solve security challenges is a must.
· Assess, implement, automate, and document security solutions and processes for Microsoft Azure and AWS
· Provide analysis of workloads to ensure alignment with operational security requirements in order to go to production.
· Work closely with Cloud Security Product Owner to refine backlog tickets and define priority and sizing
· Automate and orchestrate the process of Cloud software deployment (CI/CD) to integrate enterprise security standards, policies, configurations, and architectures, for applications, platforms, and infrastructure
· Assist DevOps team members with the development and operationalization of security, and access Cloud requirements
· Ability to work on multiple projects in parallel, ensuring security best practices are utilized across all stages of application development as well as applications deployed to production

Preferred Skills:
· Thorough understanding of AWS and Azure public cloud products & services.
· Experience in applying security controls as code to public cloud workloads in Azure and AWS.
· Experience in automating security controls that respond to misconfigurations of expected cloud resource settings.
· Creating innovative solutions to meet PNC’s technical security needs.
· Proficient in one or more scripting languages such as Python, Powershell, Bash, etc.
· Expertise with Git, including branching workflows.
· Experience with testing security controls in non-prod environments to ensure the effectiveness of the control.
· Strong written and verbal communications skills.
· Process and detail oriented.
· Demonstrate willingness to actively participate in planning sessions and take ownership of assigned tasks.
· Ability to “think outside the box” when considering options to address security controls at scale and across multiple cloud service providers.
· Familiarity and understanding of basic SQL or KQL queries.

Preferred Certifications:
· Azure Fundamentals - AZ-900
· Azure Security Engineer Associate - AZ-500
· AWS Cloud Security Engineer

Job Description

• Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
• Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization.
• Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions .
• Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
• Works with operational partners to enable transition and day-to-day supportability.
• Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills

Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies

Competencies

Analytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Network and Internet Security, Problem Solving, Technical Troubleshooting

Work Experience

Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Education

Bachelors

Certifications

No Required Certification(s)

Licenses

No Required License(s)

Benefits

PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.

In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

To learn more about these and other programs, including benefits for full time and part-time employees, visit Your PNC Total Rewards.

Disability Accommodations Statement

If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses.  Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

At PNC we foster an inclusive and accessible workplace.  We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.

Equal Employment Opportunity (EEO)

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.