Security Business Partner - Business Information Security Office

About The Position

Requirements

• CISSP, CRISC, or CISA certification
• Experience in information security, technology risk, or related technology roles within large, complex enterprise environments.
• Familiarity with enterprise security domains such as Identity Access Management, Data Protection, Cloud Security, and Risk Management
• Knowledge of information security risk, control objectives, and governance processes.
• Demonstrated ability to work effectively with business, technology, and risk stakeholders.

Nice To Haves

• Experience supporting regulated financial services or large institutional lines of business.
• Working experience in one or more enterprise security domains such as Identity Access Management, Data Protection, Cloud Security, and Risk Management.

Responsibilities

• Serve as the security point of contact for Line of Business, Risk, and Technology teams to ensure integrated delivery of cybersecurity services.
• Lead or assist in the relationship with a line of business to ensure successful outcomes and is responsible for the overall client experience within the Security organization, including cybersecurity risk, business demand management, client feedback & relationship management.
• Coordinate security input for risk discussions, executive updates, and committee presentations.
• Engage across the lifecycle of business and technology initiatives, including RFP activities, technology due diligence, and security approvals.
• Promote adoption, accountability, and sustainability of security requirements and controls for Line of Business initiatives.
• Ensure that security requirements and standards are identified and incorporated into Line of Business technology solutions and platforms.
• Participate in key initiative and program meetings to provide ongoing security and risk input.
• Support Line of Business risk assessments, security reviews, and governance activities for initiatives with material technology, data, or business impact.
• Partner with Line of Business Risk organization to improve Security posture through the reduction of Policy Exceptions, open vulnerabilities, and implementation of automated identity access controls.
• Translate information security requirements and risk considerations into relevant guidance to support informed decision making by Line of Business stakeholders.
• Provide support for ad hoc or high priority security situations, including coordination of communications and remediation planning.
• Works closely with Enterprise Information Security teams responsible for Identity and Access Management, Data Protection, Application Security, Cloud Security, and Policy and Governance

Benefits

• PNC offers a comprehensive range of benefits to help meet your needs now and in the future.
• Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.
• In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.
• To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com .