Security Analyst

Security Analyst at PNC

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. You will be based in Pittsburgh, PA, Strongsville, OH, Birmingham, AL, Dallas, TX, Phoenix, AZ, Lakewood, CO.

This role operates on a Sunday - Wednesday: 10:00 PM - 8:00 AM EST schedule.

As a Security Analyst within PNC's SEC DEF SECURITY FUSION CENTER organization, you will primarily be based in Pittsburgh, PA.

PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.

Ideal Candidate Will Demonstrate Intimate Knowledge Of The Following

• Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cyber security product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, EDR, etc.
• Demonstrate use and understanding of security technologies such as Security Incident and Event Management (SIEM) & Endpoint Detection and Response (EDR)
• Assist with tuning the SIEM events to reduce false positives.
• Extract the IOCs and behavioral characteristics of malicious samples and implement the proper mitigation (Sandboxing).
• Demonstrate the ability to scope an event to ensure the proper remediation steps.
• Ability to demonstrate subject matter expertise on one or more functions performed by the SOC.
• Perform operational support for the institution as a representative of the security organization.

This position may be eligible for remote work in select geographic locations, subject to approval by PNC. If approved, work must be conducted from a quiet, secure, and confidential home-based workspace. Occasional in-office participation may be required based on business needs.

Security Analyst - Core Functions

• Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.

PNC Employee Expectations

• Customer Focused: Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk: Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Preferred Skills

• Access Control (AC)
• Building Architecture
• Customer Solutions
• Disaster Recovery Planning
• Forensic Analysis
• Information Security
• Network Security
• Physical Security
• Risk Assessments
• Security Technologies

Competencies

• Analytical Thinking
• Effective Communications
• Information Assurance
• Information Security Management
• Information Security Technologies
• IT Environment
• IT Standards, Procedures & Policies
• IT Systems Management
• Problem Solving
• Software Security Assurance

Work Experience & Education

Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

A Bachelor's degree is preferred for this position.

Certifications & Licenses

No specific certifications or licenses are required for this role.

Key Skills/Competency

• SIEM
• EDR
• Incident Response
• Threat Mitigation
• Network Security
• Forensic Analysis
• Risk Management
• Vulnerability Assessment
• Security Operations
• Data Loss Prevention