Security Engineer - Cryptographic Engineer for Post Quantum Cryptography

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company's success. As a Security Engineer within PNC's Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL; Dallas, TX; Denver, CO or Phoenix, AZ., * Certifications in cryptographic technologies or EC Council's Certified Encryption Specialist

• Participation in cryptographic working groups or standards bodies (FS-SIAC, X9, PKI Consortium, ect.)

PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals.

PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position., * Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines.

• Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization.
• Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions .
• Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions.
• Works with operational partners to enable transition and day-to-day supportability.
• Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

As a Security Engineer you will have the following experience:

1. Cryptographic, Technical, and Tooling Experience

• Experience with enterprise centralized cryptographic program
• Cryptographic lifecycle management, secure environments, key ceremonies, and chain of custody controls
• Key management solutions across cloud (AWS, Azure) and data platforms (MSSQL, Oracle, Linux, MongoDB, Pure, Neo4j)
• Public Key Infrastructure (PKI), including certificate lifecycle management, issuance, renewal, and troubleshooting
• Application layer protection technologies and tokenization strategies
• Cryptographic inventory awareness and integration across platforms supporting enterprise visibility
• Familiarity with cryptographic agility principles, post-quantum tooling, and quantum-safe technologies
• Advanced understanding of cryptographic solutions supporting strategic planning, including the impact of quantum computing on enterprise security.
• Hands on experience with cryptographic platforms and tooling
• Key Management: Oracle Key Manager, Thales CipherTrust Manager
• HSMs: Thales, SWIFT, Entrust
• PKI/Certificate Management: Venafi, Microsoft ADCS
• Tokenization: Protegrity
• Cryptographic Inventory: AgileSec Analytics
• Proficiency with enterprise standard tools
• Workflow and collaboration platforms (Jira, Confluence, SharePoint, ServiceNow)
• Data visualization and reporting tools with ability to support reporting, dashboarding and analytics
• OpenSearch preferred

2. Compliance, Regulatory, and Industry Knowledge

• Knowledge of PCI standards, FIPS requirements (including validation), FIPS, and NIST cryptographic guidance for current, and emerging standards.
• Foundational understanding of Cryptographic agility principles and their application in enterprise environments
• Familiarity of Industry guidance and collaboration bodies (G7, FS-ISAC, FSSCC, CNSA) related to PQC roadmap development and migration planning.

3. Soft Skills and Professional Qualities

• The ability to deliver both initiatives and business as usual (BAU) activities to completion.
• Strong analytical and problem-solving skills to identify and resolve complex issues.
• Demonstrates a high level of precision in implementing and validating cryptographic controls and processes.
• Capable of translating complex technical concepts for non-technical stakeholders and collaborating across teams.
• Adapt to stay updated with evolving security threats, technologies, and cryptographic standards.
• Produce clear, concise, and professional documentation (policies, procedures, technical designs, and executive-level materials)
• Forward thinking mindset with ability to see beyond the present and consider the long-term implications of solutions.
• Ability to define and track metrics and key risk indicators (KRIs) to measure control effectiveness and program maturity, Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Preferred Skills

Access Control (AC), Building Architecture, Cryptography, Customer Solutions, Disaster Recovery Planning, Hardware Security Modules (HSM), Information Security, Network Security, Physical Security, Public Key Infrastructure, Quantum Cryptography, Risk Assessments, Security Technologies

Competencies

Analytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Network and Internet Security, Problem Solving, Technical Troubleshooting

Work Experience

Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Education

Bachelors

PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.

In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.

To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com .