PNC Security Analyst -- Enterprise Key Management 

United States, Pennsylvania, Pittsburgh 

977159488

The position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at the manager’s discretion.The Security Analyst role provides technical evaluation and analysis including but not limited to conducting security assessments and reviewing various encryption solutions. Advise on complex security procedures and products for clients and security administrators and make recommendations based on established policies and best practices. Support activities, process, and tools needed to improve overall security posture of the organization.This role is involved with the day to day operation of the secure work area, credential management, chain of custody and creating documentation.Preferred skills:
· Understanding of Cryptography, encryption, algorithms
· Experience with the Encryption Key Management lifecycle, key ceremonies, chain of custody, secure room environments
· Experience with Cryptographic Systems/Technologies: Thales Network HSMs, Thales CipherTrust Manager, Swift HSMs, NCipher HSMs, NSshield Connect
· Knowledge of encryption solutions in cloud (AWS KMS, Azure Key Vault) and data storage platforms (MSSQL, Oracle, Linux, encrypted NAS, MongoDB, Pure Storage)
· Knowledge of Bring Your Own Key (BYOK) and Hold Your Own Key (HYOK), KMIP, TDE, NAE solutions
· Proficient at troubleshooting and analysis of issues via log views
· Familiarity with scripting languages (Perl, PowerShell a plus)
· Working knowledge of Jira, Confluence, SharePoint, ServiceNow, Tableau, LogScale, or PowerBI
· Detail oriented, motivated, work independently, inquisitiveResponsibilities Include:
· Create detailed documentation for client solutions and system procedures
· Support all phases of an integration’s key lifecycle management
· Perform and provide encryption assessments for internal and external vendor solutions
· Support the key management solutions in use (i.e. AWS KMS, Azure Key Vault, MSSQL, Oracle, NetApp, and MongoDB)
· Support Secure Room activities (i.e. integrations, backups, key ceremonies and verifications)
· Keep up on current technologies, industry trends, best practices, FIPS and NIST certifications
Job Description

• Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and requiredneeded to be successful in this position.

Analytical Thinking, Effective Communications, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Problem Solving, Software Security AssuranceRoles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.No Required Certification(s)No Required License(s)PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility*: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

California Residents

Refer to the