Security Testing Specialist Sr MST - Application Security
Listed on 2026-07-02
-
IT/Tech
Cybersecurity, Information Security
Position Overview
At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Testing Specialist Sr within PNC's Technology Security organization, you will be based in Denver, CO or Phoenix, AZ.
HoursSunday – Thursday 3:00 PM – 11:00 PM (Denver local)
Key Responsibilities- Conduct security assessments of applications, APIs, cloud environments, networks, artificial intelligence systems, and other technology platforms to identify vulnerabilities, attack paths, and security control weaknesses.
- Administer and operate security testing capabilities, including DAST platforms, automated scanning infrastructure, vulnerability validation processes, and security testing automation.
- Develop and integrate AI‑powered security testing capabilities, including custom testing harnesses, autonomous assessment workflows, and tooling that improves the effectiveness and efficiency of security assessments.
- Perform targeted penetration testing and deep‑dive security assessments of critical systems, technologies, and business processes to identify complex attack chains and high‑impact vulnerabilities.
- Research emerging threats, attack techniques, and security technologies to develop innovative testing methodologies and enhance vulnerability discovery capabilities.
- Review testing results with stakeholders, determine risk ratings, and provide technical remediation guidance to reduce enterprise security risk.
- Experience performing application, cloud, network, or infrastructure penetration testing.
- Experience administering enterprise vulnerability scanning or DAST platforms.
- Experience with AWS, Azure, Google Cloud Platform (GCP), or cloud‑native technologies.
- Experience assessing AI‑powered applications, large language models (LLMs), AI agents, or machine learning systems.
- Experience with API security testing, authentication and authorization testing, and OWASP Top 10 vulnerabilities.
- Experience with hardware, embedded systems, kiosks, ATMs, IoT, or other specialized technology security assessments.
- Experience designing and developing AI‑powered security testing harnesses, custom security tooling, or automated vulnerability assessment frameworks.
- Strong understanding of attack methodologies, vulnerability research, exploit development, adversarial testing techniques, and security automation.
- Provide subject matter expertise for security testing capabilities. Carry out manual and automated security testing of applications, infrastructure, and/or platforms to discover security vulnerabilities.
- Perform manual & automated security testing.
- Validate vulnerabilities through manual testing.
- Create reports and review test results with stakeholders.
- Assist in the design and implementation of security solutions and continuously enhance information security approaches and methodologies at manager discretion.
- Provide subject matter expertise and mentor staff, as directed by management.
Base Salary: $ – $. Salaries may vary based on geographic location, market data, and individual skills, experience, and education. This role is incentive eligible with payment based upon company, business and/or individual performance.
Disability Accommodations StatementIf an accommodation is required to participate in the application process, please contact us via email at All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.
Equal Employment Opportunity (EEO)PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law.
California ResidentsRefer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).