Security Analyst

Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. Surrounding markets may be considered.

The candidate will provide forensic analyst expertise support to the firm’s stakeholders and will be an active contributing member of a security defense office and security operations team. The candidate must exercise excellent social acumen and operational judgment and be able to respond quickly to high priority tasking. The candidate must understand the importance of using tradecraft to minimize exposure. The candidate should have a comfort level with speaking as s/he may be required to brief assessments at various forums across the Intelligence Community. Furthermore, the ideal candidate will:
• Conduct computer forensics and security vulnerability analysis using commercial-off-the-shelf (COTS) and/or customer provided tools,
• Evaluate cloud services, web applications, and commercial-off-the-shelf software and hardware
• Perform network traffic analysis of web services to analyze raw packet data for anomalies, support cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff.
• Provide management with discrepancy reports and end user documentation.
• Communicate daily with LOB managers, management, customer representatives, and end users to ensure delivery of quality products.

Qualifications:

• Bachelor’s degree (or equivalent) in Cybersecurity, Information Technology (IT), Electrical Engineering (EE), Computer Science, Computer/Digital Forensics
• Demonstrated 4 years’ experience in three or more of the following: analysis, network engineering, networking security, penetration testing, red teaming, hardware engineering, software reverse engineering, computer exploitation.
• Proven proficiency with at least three (3) or more of the following: mobile security, telecom protocols, operating systems (Windows, iOS, Android, or Linux), reverse engineering, forensics, network analysis, vulnerability assessment or malware forensics.
• Demonstrated familiarity with Wireshark, Fiddler, AccessData, EnCase, Sleuthkit and/or other forensic tools
• Demonstrated experience in drafting reports, documenting case details, and able to summarize findings and recommendations based on system analysis.
• Demonstrated experience in performing post-incident computer forensics while maintaining proper chain of custody and without destruction of critical data.

Desired Qualifications:

• Experience within Intelligence Community (IC)
• Experience employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
• Law Enforcement/Cyber Forensics experience
• Desired experience ensuring quality assurance and the spreading of best practices
• Relevant Certifications: CCFP, GCIA, OSCP, CEH, CISSP, or Security+
Publications in peer-reviewed journals

Job Description

• Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused – Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk – Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC’s Enterprise Risk Management Framework.

Competencies

Analytical Thinking – Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.

Effective Communications – Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.

Information Assurance – Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.

Information Security Management – Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.

Information Security Technologies – Knowledge of technologies and technology-based solutions dealing with information security issues.

IT Environment – Knowledge of an organization’s IT purposes, activities and standards; ability to create an effective IT environment for business operations.

IT Standards, Procedures & Policies – Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures.

IT Systems Management – Knowledge of and ability to utilize a variety of technical tools and techniques to guarantee service availability and ensure IT system performance.

Problem Solving – Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations.

Software Security Assurance – Knowledge of and the ability to detect and prevent data security vulnerabilities of coding throughout the software development life cycle within software development organizations.

Work Experience

Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.

Education

Bachelors

Additional Job Description

Benefits

Disability Accommodations Statement:

The PNC workplace is inclusive and supportive of individual needs. If you have a physical or other impairment that might require an accommodation, including technical assistance with the PNC Careers website or submission process, please call 877-968-7762 and select Option 4: Recruiting or contact us via email at [email protected].

The Human Resources Service Center hours of operation are Monday – Friday 9:00 AM to 5:00 PM ET.

Equal Employment Opportunity (EEO):

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.

Job ID: R094852