Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Senior Security Specialist within PNC’s Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL or Dallas, TX. The position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at the manager’s discretion.

**PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position**

You will be part of a diversified financial services firm that reflects the needs, values and goals of our customers, employees, communities and shareholders. You will be instrumental in helping to maintain PNC’s reputation for excellence in protecting customer and business information assets. As a Senior Security Specialist within the Third Party Security Assurance (TPSA) team, you will be a member of PNC’s Policy, Governance, and Assessments department that is part of PNC’s overall Enterprise Information Security organization.

Job Profile:
The Security Specialist Sr in this role is primarily responsible for managing a portfolio of third party security assessments across a portfolio of third party suppliers. The role will require leadership and extensive coordination with internal third-party resources as well as with the external suppliers. In this role, you will be the expert on the team to help assist TPSA Assessors to conduct and thoroughly complete third party Security assessments, work with third party suppliers to validate that necessary security and technology controls are in place, and work with internal stakeholder to manage a portfolio of engagements. Specific responsibilities within this position will include:

• Serve as subject matter expert of third party risk identification across various security disciplines as part of the PNC Third Party Security assessment process.
• Conduct and lead Risk Office meetings with Enterprise Third Party Management (ETPM) and Lines of Business (LOBs) to manage a portfolio of third party engagements.
• Scope and determine level of assessments against a set of risk characteristics for a portfolio of third party engagements.
• Serve as an escalation point to address issues, delays, obstacles as needed to keep the assessment lifecycle on track.
• Submit and manage Findings discovered as a result of third party assessments for the assigned portfolio of engagements.
• Conduct peer reviews of the portfolio of assessments and communicate findings to ETPM/LOBs during the lifecycle of the assessments.
• Conduct assessments to completion within SLA when needed. Assessment management includes reviewing returned Due Diligence Questionnaires, creating unique agendas for remote interviews based on controls that need further assessment, conducting remote assessment interviews, creating remediations, etc.
• Advanced understanding of secure Cloud and Artificial Intelligence infrastructure.
• Experience editing third party sourcing contracts to protect security requirements.
• Educate and build awareness of third-party security requirements across the TPSA team and stakeholders.
• Identify and lead efforts to improve the overall third-party security assurance program.
• Assist with testing releases of the PNC TPSA platform.
• Consult on defining third party security policies and best practices.
• Deliver assessment results to LOB stakeholders.
• Special projects as assigned.


REQUIRED skills:
• Bachelor's Degree and at least 3 years of directly related experience.
Experience working in Third Party Risk Management preferred.
• Must have a solid understanding of security concepts and controls and industry frameworks including NIST, FFIEC, and CRI Profile.
• Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
• Excellent project management skills, with the ability to work within deadlines, and flexibility to manage multiple competing priorities.
• Ability to work independently with little direction and/or supervision.
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking.
• High-level interpersonal skills.
• Experience with supporting toolsets including Sharepoint, Jira, Confluence, and Tableau.

PREFERRED skills:
• Proficiency using Third Party platforms including Archer and/or KY3P.
• CCSK, CCAK, CRISC, CISSP Certification(s)

Job Description

• Provides technical evaluation and analysis in a specific Security area. Supports activities, process, and tools needed to improve overall security posture of the organization. Primary responsibilities do not include Architect or Engineering responsibilities. Provides subject matter expertise.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, creates documentation. Performs investigation and data loss prevention, data manipulation, coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.
• Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats. Oversees that business needs are being met during development.
• Shares knowledge, leads and mentors are the discretion of management. Aligns the controls of a specific Security area to the enterprise framework. Devises control implementation strategy.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills

Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies

Competencies

Analytical Thinking, Effective Communications, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Knowledge of Organization, Problem Solving, Software Security Assurance

Work Experience

Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry relevant experience is typically 8+ years. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Education

Bachelors

Certifications

No Required Certification(s)

Licenses

No Required License(s)

Pay Transparency

Base Salary: $80,000.00 – $185,150.00Salaries may vary based on geographic location, market data and on individual skills, experience, and education. This role is incentive eligible with the payment based upon company, business and/or individual performance.

Application Window

Generally, this opening is expected to be posted for two business days from 07/13/2025, although it may be longer with business discretion.

Benefits

PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

To learn more about these and other programs, including benefits for full time and part-time employees, visit Your PNC Total Rewards.

Disability Accommodations Statement

If an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.

At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.

Equal Employment Opportunity (EEO)

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.