I hope you re doing well
Role: Security Specialist
Position/ Multiple Location: ( Hybrid Role) (Hybrid 1x per week) - Pittsburgh PA, Cleveland OH, Dallas TX, Strongsville OH , Birmingham AL
Duration: 06 months
Job Description
The Security Specialist in this role is primarily responsible for conducting third-party security risk assessments across the PNC portfolio of technology suppliers. The role will require extensive coordination with internal third-party resources as well as with the external suppliers. In this role, you will work with third party suppliers to validate that necessary security and technology controls are in place and operationally solid. Specific responsibilities within this position will include:
Independently manage multiple assessments to completion within SLA. Assessment management includes reviewing returned Due Diligence Questionnaires, creating unique agendas for remote interviews based on controls that need further assessment, conducting remote assessment interviews, creating remediation's, etc.
Elevate issues, delays, obstacles as needed to keep the assessment lifecycle on track.
Consult on defining third party security policies and best practices.
Educate and build awareness of third-party security requirements.
Continuously work to improve the overall third-party security assurance program.
Assist with testing releases of the PNC TPSA platform.
Special projects as assigned.
Describe the must have technical skills/experience (ask for alternative/tool/version) of the position in priority order:
Must have a solid understanding of security concepts and controls and industry frameworks including NIST, FFIEC, and CRI Profile.
Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
Experience with supporting toolsets including SharePoint, Jira, Confluence, and Tableau.
Is there anything you are willing to flex on if there is not a candidate under the current market conditions with all your must have skills?
Proficiency using Third Party platforms including Archer and/or KY3P.
Experience working in Third Party Risk Management preferred.
Tell me about some soft skills that would make a candidate successful in this role:
Excellent project management skills, with the ability to work within deadlines, and flexibility to manage multiple competing priorities.
Ability to work independently with little direction and/or supervision.
Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking.
High-level interpersonal skills.
Does this position require any degrees or certifications for the candidate to be successful? Bachelor's Degree and at least 3 years of directly related experience
CCSK, CCAK, CRISC, CISSP Certification(s) Preferred
An understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
Yes
6 + Years
Experience with supporting toolsets including SharePoint, Jira, Confluence, and Tableau.
Yes
6 + Years
Solid understanding of security concepts and controls and industry frameworks including NIST, FFIEC, and CRI Profile.
Yes
6 + Years
CCSK, CCAK, CRISC, CISSP Certification(s)
No
6 + Years
Experience working in Third Party Risk Management preferred.
No
6 + Years
Proficiency using Third Party platforms including Archer and/or KY3P.
No
6 + Years