PNC Application Security Engineer - Tempus 

Remote, Remote 

100590583

As an Application Security Engineer, you will utilize a strong technical background in information security and software development, with an expertise in establishing security standards and performing regular security assessments to protect our organization’s applications and data assets. Responsibilities include:
• Security Policy and Compliance: Assist with the development, implementation, and enforcement of application security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry best practices.
• Collaboration and Communication: Work closely with cross-functional teams, including IT operations, development, and business units, to integrate security requirements and testing into projects and initiatives and ensure a secure-by-design approach.
• Security Assessments: Conduct regular application security assessments, secure code reviews, and penetration tests to identify security weaknesses and vulnerabilities in systems, applications, and networks, and work with relevant teams to remediate them.
• Security Monitoring: Monitor security logs and alerts generated by security tools and systems, investigate, and analyze security incidents, and escalate as necessary to ensure timely resolution.
• Security Documentation and Reporting: Maintain accurate documentation of security configurations, procedures, and incidents, and prepare regular reports and metrics to demonstrate the effectiveness of security controls and initiatives.
• Emerging Threat Monitoring: Stay current with the latest security threats, vulnerabilities, and trends, and assess their potential impact on our organization, providing recommendations for proactive mitigation.Due to the nature of the position, we are seeking candidates with the following qualifications:
• Proven experience in application security roles, with a focus on designing, implementing, and managing application security testing in complex environments.
• Deep technical knowledge of application security, operating systems, web applications, cloud technologies, and secure coding techniques.
• Hands-on experience with security tools such as static analysis, dynamic analysis, penetration testing, and vulnerability scanning tools.
• Strong understanding of security frameworks and the software development lifecycle.
• Excellent analytical, problem-solving, and communication skills.
Job Description

• Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.
• Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization.
• Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions .
• Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
• Works with operational partners to enable transition and day-to-day supportability.
• Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and requiredneeded to be successful in this position.

Analytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Network and Internet Security, Problem Solving, Technical TroubleshootingRoles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.No Required Certification(s)No Required License(s)Base Salary: $65,000.00 – $200,000.00 Salaries may vary based on geographic location, market data and on individual skills, experience, and education.PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility*: maternity and/or parental leave; up to 11 paid holidays each year; 8 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

California Residents

Refer to the