PNC Security Director - BISO 

United States, Ohio 

906721151

As a Security Director - BISO within PNC’s Technology organization, you will be based in Pittsburgh, PA or Strongsville, OH. The position is primarily based in a PNC location. Responsibilities require time in the office or in the field on a regular basis. Some responsibilities may be performed remotely, at the manager’s discretion.Responsibilities Include:
1. Stakeholder Engagement:
• Act as the primary point of contact between the business units and the information security team.
• Advises business leaders on risk issues related to information security and recommends actions in support of the divisions wider risk management and compliance programs.
• Translate business requirements into security solutions and policies.
• Provides guidance and advocacy regarding the prioritization of business investments that impact information security.
• Develop an understanding of business goals and reframe risk discussion in business terms.
• Ensures compliance with policies, regulations and information security tools and services.
• Participate in cybersecurity and business-related committees or working groups as necessary.
2. Risk Management:
• Identify, assess, and prioritize security risks within business units.
• Develop and implement risk mitigation strategies in collaboration with the business units.
• Educate stakeholders on cybersecurity-related matters in an effort to increase awareness and improve culture.
• Inform business partners of the risk implications of critical decision by combining empirical analysis with expert judgment to assess business decisions.
• Challenge business partners’ assumptions about value drivers and present an alternate perspective.
• Reshape business partners’ preconceived notions of success where appropriate.
• Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for and exceptions are tracked in accordance with frameworks, policies and standards set by the organization.
3. Security Policy Enforcement:
• Ensure that business units adhere to information security policies, standards, and procedures.
• Collaborate with the information security team to update policies and procedures as needed.
4. Security Awareness and Training:
• Promote security awareness and best practices within business units.5. Project Management:
• Oversee and manage security-related projects within business units.
• Ensure that security considerations are integrated into the project lifecycle from initiation to completion.
6. Metrics and Reporting:
• Develop and maintain security metrics to measure the effectiveness of the delivery of security capabilities into business initiatives.
• Provide regular reports on the security posture of business units to senior management.Preferred qualifications and skills include:
• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field. Advanced degree preferred.
• Professional certifications such as CISSP, CISM, CRISC, or similar.
• Minimum of 10-15 years of experience in information security, with at least 3 years in a leadership or management role.
• Strong understanding of information security principles, practices, and frameworks (e.g., NIST, ISO 27001).
• Experience with risk management, incident response, and security compliance.
• Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders.
• Strong project management skills, with the ability to manage multiple priorities and deadlines.
• Knowledge of regulatory requirements related to information security and data protection.Job Description

• Leads the enterprise-wide investigative team in matters of alleged violations of laws and or regulations concerning criminal matters, associated with fraud, computer crimes, intellectual property and other security issues.
• Directs and creates enterprise vision, strategy, policy and process for investigations of suspected criminal activities.
• Leads the collaboration with internal and external partners that may include local, state or federal law enforcement agencies in order to achieve maximum results.
• Balances customer experience with the need to investigate suspected financial crimes across the enterprise by acting as a senior business partner liaison for fraud vision and strategy. .
• Oversees the development of analytical tools to manage common points of compromise testing, valuation and usage identification. Directs the definition of business requirements for new fraud prevention tools and data sources

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

PNC also has fundamental expectations of our people managers. As a manager of talent in PNC, you will be expected to:

• Include Intentionally - Cultivates diverse teams and inclusive workplaces to expand thinking.
• Live the Values - Role models our values with transparency and courage.
• Enable Change - Takes action to drive change and innovation that will transform our business.
• Achieve Results - Takes personal ownership to deliver results. Empowers and trusts others in decision making.
• Develop the Best - Raises the bar with every talent decision and guides the achievement of all employees and customers.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and requiredneeded to be successful in this position.

Analytical Thinking, Consulting, Emerging Technologies, Fraud Detection and Prevention, Operational Risk, Regulatory Environment - Financial ServicesRoles at this level typically require a university / college degree and higher level education such as a Masters degree, PhD, or certifications. Industry -relevant experience is typically 8+ years. At least 5 years of prior management experience is typically required. Proven leadership experience with a large scope of responsibility is required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.No Required Certification(s)No Required License(s)

This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history.

California Residents

Refer to the