Security Expert (SOX & Cloud)

Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As a Security Expert within PNC's Security Ops organization, you will be based in Pittsburgh, PA or Dallas, TX or Houston, TX or Phoenix, AZ.

Identity & Access Management (IAM) Governance Security Expert Lead - SOX & Cloud

Overview
The IAM Governance Security Expert Lead is responsible for executing and enforcing identity governance controls in a SOX-regulated, cloud-first environment. This role focuses on hands-on operation of Identity Governance and Administration (IGA) tooling, access certification execution, Separation of Duties (SoD) enforcement, and audit-ready evidence production across cloud platforms and critical financial applications. The position works closely with Audit, Finance IT, IAM Engineering, and application owners to ensure access controls are compliant, consistent, and defensible.

Key Responsibilities
Identity Governance & Administration (IGA) - Cloud-First
• Operate and administer the enterprise IGA platform integrated with cloud and SaaS systems.
• Execute and monitor joiner, mover, leaver processes with emphasis on audit traceability.
• Support automated provisioning and deprovisioning across Azure/Entra ID, AWS, GCP, and SaaS platforms.
• Maintain role-based and attribute-based access models for SOX in-scope applications.
• Conduct periodic access certifications for workforce, privileged, and service accounts.
• Validate identity and entitlement data accuracy across authoritative sources.
Separation of Duties (SoD) - SOX Focused
• Execute defined SoD rulesets for financial, ERP, and cloud administrative roles.
• Identify, analyze, and document SoD conflicts and violations.
• Track mitigations, compensating controls, and approved exceptions.
• Support proactive SoD reviews during role design, access requests, and onboarding.
• Partner with application owners to remediate recurring SoD issues.
SOX Controls, Audit & Compliance
• Execute IAM controls mapped to SOX IT General Controls (ITGCs).
• Produce audit-ready evidence for internal and external audits.
• Support audit walkthroughs, testing, and remediation activities.
• Maintain control narratives, procedures, and supporting documentation.
• Assist in annual SOX scoping and system coverage validation.
Cloud IAM & Privileged Access Governance
• Support governance of cloud administrative roles and high-risk entitlements.
• Validate alignment between IGA certifications and cloud IAM configurations.
• Assist with governance of non-human identities where in SOX scope.
• Monitor access changes affecting cloud-hosted financial systems.
Required Qualifications
• Bachelor's degree or equivalent experience in Information Security, IT, or related field.
• 5+ years of experience in IAM, Identity Governance, or ITGC execution.
• Hands-on experience with IGA platforms and access certifications.
• Strong understanding of SOX ITGC requirements related to user access and SoD.
• Experience supporting external audits and producing defensible evidence.
• Familiarity with cloud-based identity platforms and SaaS access models.
Preferred Qualifications
• Experience with ERP and financial systems (SAP, Oracle, Workday, NetSuite).
• IAM or security certifications (CISSP, CISM, CRISC, SailPoint, Saviynt).
• Exposure to privileged access governance in cloud environments.
• Understanding of zero trust and modern identity security principles.
Key Competencies
• SOX and audit discipline
• Attention to detail and execution rigor
• Clear documentation and evidence management
• Cross-functional collaboration
• Influence through subject-matter expertise

PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals.

PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.

Job Description

• Provides technical and thought leadership, analysis, and guidance in multiple security disciplines. Supports activities, process, and tools needed to improve overall security posture of the organization. Provides unique subject matter expertise.
• Reviews and defines controls, aligning the controls of a specific Security area to the enterprise framework. Devises control implementation strategy.
• Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines.
• Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats. Oversees that business needs are being met during development.
• Shares knowledge, leads and mentors are the discretion of management.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Qualifications

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills
Access Control (AC), AI Agents, Building Architecture, Cloud Security, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies

Competencies
Analytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, Knowledge of Organization, Problem Solving

Work Experience
Roles at this level typically require a university / college degree. Higher level education such as a Masters degree, or PhD is desirable. Industry experience is typically 8 + years. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Education
Bachelors

Certifications
No Required Certification(s)

Licenses
No Required License(s)

Benefits

PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.

In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com.

Disability Accommodations Statement

If an accommodation is required to participate in the application process, please contact us via email at View email address on click.appcast.io. Please include "accommodation request" in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call View phone number on click.appcast.io and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.


At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions.

Equal Employment Opportunity (EEO)

PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.

This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.