This position is primarily based in a location within PNC's footprint. Responsibilities require time in the office or in a field on a regular basis. Some responsibilities can be performed remotely. Additional locations may be considered.As an Infrastructure Architect Sr. - Cloud Control Management you will join the Cloud COE team providing control and governance support for PNC’s Cloud Technology Platform. You will focus on technology and security control management for Cloud IT Services and supporting operations processes and controls in an environment that maintains heightened standards and risk awareness. You will provide leadership support to ensure that the Technology line of business stakeholders supporting Cloud are accountable for risks with associated activities. Due diligence activities include control design assessment and gap identification, control effectiveness, testing, policy exceptions, identification of current and emerging technology and security risks, proactive monitoring, etc.Responsibilities:
• Define and enforce governance policies for cloud infrastructure and services, ensuring that cloud resources are provisioned, accessed, and managed in compliance with company standards and regulatory requirements.
• Assess and mitigate risks related to cloud infrastructure, including security risks, data privacy risks, vulnerabilities, and operational risks.
• Work with legal, security, and compliance teams to ensure that cloud solutions comply with industry standards, regulations, and frameworks (e.g., NIST, SOC2, CIS, CSA, COBIT, FFIEC, and OCC Heightened Standards).
• Implement continuous monitoring and auditing processes to track compliance and ensure that any deviations are addressed quickly.
• Monitor security audits and reviews, ensuring that cloud environments meet organizational and regulatory security standards.
• Automate routine compliance checks and reporting to reduce manual interventions and ensure adherence to controls.
• Define and implement key performance indicators (KPIs) for cloud services.
• Implement security monitoring metrics to track the compliance of cloud infrastructure with organizational policies and regulatory requirements.
• Lead efforts to implement automated controls to enforce policies across cloud environments.
• Monitor risk metrics such as downtime, security vulnerabilities, or non-compliance incidents and proactively address these risks before they escalate.
• Implement automation tools and workflows to reduce manual interventions in the monitoring, optimization, and reporting of cloud metrics.
• Deep understanding of cloud services (AWS, Azure, Google Cloud, etc.), cloud architecture, and the various performance metrics tied to cloud operations.
• Strong understanding of cloud security protocols, industry standards, and regulatory compliance frameworks.
• Experience with risk management frameworks, cloud governance, and creating operational controls in the cloud.
• Strong experience in identifying, assessing, and mitigating risks associated with cloud infrastructure, including security, cost, and operational risks
• Ability to communicate complex cloud governance, security, and operational issues to both technical and non-technical stakeholders.
• Governance and Risk Management – Archer (GRC Platform)
• Cloud Platforms: AWS, Azure, & Google Cloud
• Cloud Architecture – Red Hat OpenShift, Kubernetes Containerization & Orchestration, Infrastructure as Code (IaC)
Certifications Preferred:
• Certified in Risk and Information Systems Control (CRISC)
• AWS Certified Cloud Practitioner
• Microsoft Certified Azure Fundamentals
Job Description- Defines design patterns for a company's common technology architecture structure.
- Develops and monitors the organization's technology architecture and plays a leading role in the vision and development of the company's future technology.
- Ensures infrastructure designs and upgrades are made in accordance with established standards, patterns, policies, procedures and software licensing agreements.
- Identifies and establishes best practices for technology architecture, while providing expert advice on core infrastructure initiatives.
- Interprets technology requirements; designs technology architecture and drives the adoption.
PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:
- Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
- Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
QualificationsSuccessful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and requiredneeded to be successful in this position.
Competitive Advantages, Customer Solutions, Design, Enterprise Architecture Framework, Machine Learning, Risk Assessments, Technical KnowledgeAccuracy and Attention to Detail, Application Design, Architecture, Architecture Modeling, Hardware Infrastructure, ITIL (Information Technology Infrastructure Library), Planning: Tactical, Strategic, Platform Architecture, Problem Solving, Systems Software Infrastructure, The Open Group Architecture Framework (TOGAF)Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry relevant experience is typically 8+ years. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.No Required Certification(s)No Required License(s)
This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history.
California ResidentsRefer to the