PNC Security Analyst - Penetration Tester 

United States, Ohio 

208980013

Description:
A Security Analyst (Penetration Tester) demonstrates general knowledge of concepts such as OWASP Top 10, vulnerability scanning, and penetration testing methodologies.• Conducts and assists with automated and manual security testing of applications to identify and validate vulnerabilities.
• Retests previously discovered vulnerabilities to confirm successful remediation.
• Develops and maintains documentation such as procedures, assets, communication, etc.
• Contribute to the enhancement of the penetration testing program.
• Mobile testing experience
• Web application testing experience
• Mobile development experience
• Web application development experienceCertifications that will be taken into consideration:
• Offensive Security Certified Expert (OSCE)
• Offensive Security Certified Professional (OSCP)
• Offensive Security Wireless Professional (OSWP)
• Certified Information Systems Security Professional (CISSP)Familiarity with the following tools:
• Burp Proxy/Man-in-the-Middle (MiTM) Proxy/ZAP proxy/Charles proxy
• AppScan
• Nessus
• QualysJob Description

• Provides technical evaluation and analysis. Supports activities, process, and tools needed to improve overall security posture of the organization.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and requiredneeded to be successful in this position.

Analytical Thinking, Effective Communications, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Problem Solving, Software Security AssuranceRoles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.No Required Certification(s)No Required License(s)
California Residents

Refer to the