Pittsburgh, Pennsylvania

PNC External

To apply for this position please CLICK HERE

Job Profile

Position OverviewAt PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers.

As a LOB Risk Specialist (Security Risk Officer) , you are a member of PNC's Technology Risk Management organization. The ideal candidate will be staffed in either Pittsburgh, PA or Cleveland, OH. Remote work will be considered for a well-qualified candidate.

The Security Risk Officer is a subject matter expert who is responsible for the identification and assessment of technology and operational risks within PNC's Security Risk Organization. The Security Risk Officer will collaborate with Security and Risk partners on critical priorities.

Responsibilities within this position will include:
*Alignment to the Security department within PNC, where you will become an expert in that area's business functions and develop a deep understanding of the Security organization's technology and operational risk profile to provide an independent oversight.
*Portfolio Initiative Risk Expert: Review initiatives and projects related to the Security organization in order to identify, assess, interpret, report, and escalate technology and operational risk issues.
*Risk Management Subject Matter Expert: The Security Risk Officer will act as a risk management subject matter expert for the Security Risk organization, assisting with and ensuring the completion of all relevant technology and operational risk management programs.

As an integral part of this dynamic and progressive team, you will be responsible for identifying, reporting, and escalating any technology and operational issues which occur within the organization which have the potential to affect the enterprise as a whole. This is a fast paced, growing environment, where you will be motivated to add to your current skillset and accomplishments, as well as provide recommendations and suggestions based on your expertise in this field. PNCs commitment to leadership means that you will always be at the leading edge of risk management.

Job Specific Responsibilities
Responsible for the timely and proper execution of risk management programs within and/or across the lines of business, including but not limited to:

Risk Control Self Assessments and Application Assessments
*Working with Security personnel /RAU Owners to complete all assigned risk control self-assessments (RCSA) and ensure that assessments are current.
*Keeping the statuses of RCSAs up to date in the Technology Risk
Management's (TRM) RCSA SharePoint site.
*Providing Application Assessment risk assessment results reporting to Security personnel /RAU Owners

Control Effectiveness
*Ensure all assigned control testing units on time and with high quality
*Verifying the results of monthly reporting and provide Control effectiveness reporting to Security personnel

Issues Management
*Proactively self-identifying issues
*Working with Security personnel s to thoroughly document Issue Summary
Memos (ISM) and other matters
*Providing management of self-identified issues
*Providing risk rating reporting to Security personnel for all Issues
*Ensuring ISMs and other matters are processed in a timely manner

Audit Issues
*Participating in audit reviews and working with Security personnel to document application specific audit responses
*Providing Audit Issue Status reporting to Security personnel for each of their applications

Change Management
*Working with Security personnel to prepare change requests
*Working with Security personnel to identify application changes that impact inherent risk ratings (IRR)
*Providing change frequency and success reporting

Third Party Management
*Tracking and resolving data issues with third party assessments and resolving data issues.
*Providing third party risk reporting
*Completing of ongoing monitoring activities

Policy Management
*Participation in the creation of policies and the execution of process undertaken to ensure compliance with these policies
*Identified potential policy and procedure gaps and opportunities for improvements
*Maintaining ownership lists for any Policies, Procedures, and Controls owned by their area.

Business Continuity (BC)
*Facilitating the execution of the BC Lifecycle including management of impact assessments, recovery plans, testing, and risk mitigation activities
*Ensuring review and approval is given for application Disaster Recovery plans
*Ensuring review and approval by LOB is given for process BC plans
*Providing BC Lifecycle reporting to Security personnel for each of their applications

Risk Governance
*Promote the control of the related risk management and information security activities are undertaken
*Assessing and mitigating significant regulatory and technological threats
*Ensuring Security are effectively operating in various governance committees and risks are being managed
*Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
*Participates in key CIO operating routines to drive information security risk strategy

Risk Reporting
*Providing data for Key Risks Metrics
*Preparing and coordinating Risk Committee materials as needed
Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security

Job Description

  • Assists in the execution of the Line of Business Risk Management program, identifying opportunities for enhancement where applicable. Under supervision, enables line of business adherence with risk programs.
  • Assists in the design and development of the risk management program to meet business and regulatory expectations.
  • Executes the risk management program within or across the lines of business (e.g. - business self-assessment and quality reviews). Participates in the consultation to execute the program components.
  • Works to develop risk expertise while working with the businesses and other risk partners (e.g., Compliance, Credit, Legal, Audit).
  • Participates in risk initiatives, business as usual activities, ad hoc requests, and identifies risk exposures.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

  • Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
  • Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
CompetenciesAccuracy and Attention to Detail - Understanding of the necessity and value of accuracy and attention to detail; ability to process information with high levels of accuracy.Collaborating - Knowledge and ability to promote a culture of information sharing and working together to solve business problems and meet business goals.Data Gathering and Reporting - Knowledge of and ability to utilize tools, techniques and processes for gathering and reporting data in a particular department or division of a company.Decision Making and Critical Thinking - Understanding of the issues related to the decision-making process; ability to analyze situations fully and accurately, and reach productive decisions.Effective Communications - Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors.Industry Knowledge - Knowledge of the organization's industry group, trends, directions, major issues, regulatory considerations, and trendsetters; ability to apply this knowledge appropriately to diverse situations.Internal Controls - Knowledge of and ability to create, implement, evaluate and enhance processes in internal controls.Operational Risk - Knowledge of policies and processes for operational risk management; ability to use tools, data, and best practices to identify, assess, and manage operational risk exposures.Operations - Back Office - Knowledge of and ability to implement the practices, processes, technologies, and applications associated with banking transaction processing and records management.Process Management - Knowledge of business process improvement tools and techniques and ability to understand, monitor, update, or enhance existing business or work processes.Standard Operating Procedures - Knowledge of and ability to design, implement and evaluate standard operating procedures affecting daily and strategic business operations in order to increase operational efficiency.Work ExperienceRoles at this level typically require a university / college degree, with 2+ years of relevant professional experience. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.EducationBachelors

Additional Job Description


Base Salary: $45,000 - $116,150

Where a person is paid in the compensation range is aligned to their experience and skills. Placement within the compensation range is based on the specific role and the following factors:

  • Lower in range - Building skills and experience in the job
  • Within the range - Experience and skills align with proficiency in the role
  • Higher in range - Experience and skills add value above typical requirements of the role

Compensation Range may vary based on Geographic Location


Role is incentive eligible with the payment based upon company, business and individual performance


PNC offers employees a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include medical/prescription drug coverage (with a Health Savings Account feature); dental and vision options; employee and spouse/child life insurance; short- and long-term disability protection; maternity and parental leave; paid holidays, vacation days and occasional absence time; 401(k), pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption assistance; educational assistance and a robust wellness program with financial incentives. To learn more about these and other programs, including benefits for part-time employees, visit pncbenefits.com > New to PNC.

Disability Accommodations Statement:

The PNC workplace is inclusive and supportive of individual needs. If you have a physical or other impairment that might require an accommodation, including technical assistance with the PNC Careers website or submission process, please call 877-968-7762 and select Option 4: Recruiting or contact us via email at pathfinder@pnc.com.

The Human Resources Service Center hours of operation are Monday - Friday 9:00 AM to 5:00 PM ET.

Equal Employment Opportunity (EEO):

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.

Pittsburgh, Pennsylvania


A Workplace that Welcomes Everyone
At PNC, we’ve built a culture based on respect, integrity and inclusion. A culture that’s open to new ideas, new insights and new voices. A culture where everyone can truly be themselves and make their thoughts and opinions known – it’s our differences that give us strength and make us who we are today. Here, you’re empowered and encouraged to make an impact on the world around you while being your most authentic self.
Investing in Our Employees

Attracting, recruiting and retaining a diverse workforce is essential to our success, providing us with a wealth of skills and ideas, increasing employee engagement and tying us closer to the communities we serve.

Embracing a Culture of Diversity

We champion a culture where employees feel confident presenting their ideas and are valued for their abilities.

Building Bridges With Our Customers & Communities

By deepening relationships with our diverse customers and markets, we identify and navigate new marketplace opportunities and improve the customer experience.

Similar jobs