Position Overview: At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As a Security Analyst (Dynamic Application Security Tester) within PNC's Technology Organization, this is a remote position and can sit anywhere within the PNC footprint, except for Colorado, Hawaii, and Alaska.Responsibilities:Execute dynamic security testing as part of a release-based assessment process.Lead testing engagements from kickoff through conclusion.Provide technical evaluation and analysis. Support activities, processes, and tools needed to improve the overall security posture of the organization.Apply security concepts, review information, execute defined tasks, analyze requirements, review logs, and create documentation.Perform investigation and data loss prevention, data manipulation, and coordination of activities.Perform actions to address or mitigate risks and vulnerabilities. Review and define controls.Conduct security assessments and other information security routines consistently.Investigate and recommend corrective actions for data security related to established guidelines.Expectations:PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:Customer Focused: Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.Managing Risk: Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.Competencies:Analytical Thinking - Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business.Information Assurance - Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability.Information Security Management - Knowledge of and the ability to manage the processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data.Information Security Technologies - Knowledge of technologies and technology-based solutions dealing with information security issues.IT Environment - Knowledge of an organization's IT purposes, activities and standards; ability to create an effective IT environment for business operations.#J-18808-Ljbffr
