Job Profile Position Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success. As a Security Specialist within PNC’s Technology organization, you may be based remotely. We are seeking an experienced and strategic Mainframe RACF Security, zSecure and Oracle Identity Manager (OIM) Specialist to join our mainframe security operations team. This role is responsible for implementing and maintaining robust security controls across our z/OS environments, with a focus on RACF administration and zSecure optimization. The ideal candidate will have deep expertise in IBM RACF (Resource Access Control Facility) and IBM zSecure, with a strong understanding of mainframe architecture, security policies, and compliance requirements. This position involves working closely with infrastructure teams, auditors, and application owners to manage access controls, perform security assessments, and maintain regulatory compliance. ________________________________________ Key Responsibilities: Onboarding and integration of mainframe RACF applications into the Oracle Identity Manager (OIM) IAM platform, including access models, provisioning workflows, and controls alignment. • Administer and maintain RACF security profiles, groups, and user IDs across multiple LPARs. • Utilize IBM zSecure suite for auditing, reporting, and automation of RACF administration tasks. • Integrating mainframe security (RACF) with enterprise IAM platforms such as Oracle Identity Manager (OIM) • Analyze and implement security controls to meet internal policies and external regulatory requirements (e.g., SOX, HIPAA, PCI). • Perform regular security reviews, access recertifications, and vulnerability assessments. • Develop and maintain RACF and zSecure documentation, including procedures, standards, and training materials. • Collaborate with internal teams to support application onboarding and access provisioning. • Respond to security incidents and provide forensic analysis. • Participate in audits and provide evidence of compliance with security controls. • Mentor junior security analysts and provide technical leadership in RACF and zSecure best practices. • Drive automation and efficiency in RACF administration. ________________________________________ Required Qualifications: • Expert-level proficiency in RACF security administration and mainframe security operations. • Expert-level proficiency in IBM zSecure suite (Admin, Audit, Alert). • Strong command of z/OS, JCL, TSO/ISPF, and mainframe architecture. • Experience administering or supporting Oracle Identity Manager (OIM) or similar IAM platform. • Excellent communication skills with the ability to translate technical risks into business impact. • Demonstrated ability to work independently and influence across teams. ________________________________________ Preferred Qualifications: • Experience integrating mainframe security with enterprise IAM, PAM, and SIEM platforms. • Advanced scripting skills in REXX, CLIST, or other automation tools. • Familiarity with Identity and Access Management (IAM) frameworks. • Proficiency with Microsoft Excel for reporting, analysis, and audit support. • Ability to develop and troubleshoot Oracle SQL queries for reporting and operational support. • Experience with ServiceNow for access requests, workflow automation, and incident/change management. • Proficient in ACF2 Security administration This position may be eligible for remote work in select geographic locations, subject to approval by PNC. If approved, work must be conducted from a quiet, secure, and confidential home-based workspace. Occasional in-office participation may be required based on business needs. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.Job Description - Provides technical evaluation and analysis in a specific Security area. Supports activities, process, and tools needed to improve overall security posture of the organization. Primary responsibilities do not include Architect or Engineering responsibilities. - Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. - Advises on more complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion. Shares knowledge with staff. - Conducts security assessments and other information security routines consistently. Investigates and recommends corrective actions for data security related to established guidelines. - Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats. Oversees that business needs are being met during development. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: - Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. - Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework. Qualifications Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position. Preferred SkillsAccess Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Oracle Identity Manager (OIM), Physical Security, Privileged Access Management (PAM), RACF Administration, Risk Assessments, Security Technologies CompetenciesAnalytical Thinking, Effective Communications, Information Assurance, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Problem Solving, Software Security Assurance Work ExperienceRoles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered. EducationBachelors CertificationsNo Required Certification(s) LicensesNo Required License(s) Pay Transparency Base Salary: $65,000.00 – $179,400.00 Salaries may vary based on geographic location, market data and on individual skills, experience, and education. This role is incentive eligible with the payment based upon company, business and/or individual performance. Application Window Generally, this opening is expected to be posted for two business days from 03/02/2026, although it may be longer with business discretion. Benefits PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com. Disability Accommodations StatementIf an accommodation is required to participate in the application process, please contact us via email at AccommodationRequest@pnc.com. Please include “accommodation request” in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say "Workday" for accommodation assistance. All information provided will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. At PNC we foster an inclusive and accessible workplace. We provide reasonable accommodations to employment applicants and qualified individuals with a disability who need an accommodation to perform the essential functions of their positions. Equal Employment Opportunity (EEO)PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law. This position is subject to the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA) and, for any registered role, the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) and/or the Financial Industry Regulatory Authority (FINRA), which prohibit the hiring of individuals with certain criminal history. California Residents Refer to the California Consumer Privacy Act Privacy Notice to gain understanding of how PNC may use or disclose your personal information in our hiring practices.

• Contribute to our application security program. Work with our SAST, DAST, and SCA tooling, triage and prioritize vulnerabilities, and partner with engineering teams to drive remediation. Participate in threat modeling and secure design reviews on new products and services. • Share incident response on-call. Investigate, contain, and resolve security incidents alongside the rest of the team. Help refine our runbooks, detection coverage, and post-incident process. • Help harden our cloud and Kubernetes environment. Contribute to security posture across GCP and GKE: IAM and least-privilege, secrets management, container and supply chain security, and IaC guardrails (Terraform). • Build detections and security automation. Engineer high-signal detections from cloud, identity, and application telemetry. Automate the toil of vuln triage, access reviews, SaaS posture, questionnaire workflows so the team scales. • Streamline customer security work. Help respond to customer security questionnaires and audits, and build internal tooling and a knowledge base so this scales as deal volume grows. • Strengthen business continuity and DR. Help assess threats to continuity, contribute to DR plans, and run real exercises against them. • Help drive a security culture across engineering. Pair on developer training, secure-coding guidance, and standards work to make the secure path the easy path.

• Manage a hybrid team of analysts and engineers • Oversee the vulnerability management lifecycle • Ensure Security Engineering builds necessary preventive/detective controls • Drive the 'Automation and AI' mindset in the team • Serve as the escalation point for incidents • Partner with Engineering and Infrastructure to integrate security • Translate technical projects and operational risks into business context

• Implement and manage security solutions using Microsoft security tools and platforms • Monitor security alerts and respond to incidents in a timely manner • Conduct vulnerability assessments and coordinate remediation efforts • Design and enforce identity and access management (IAM) policies • Secure cloud environments, including Azure resources and hybrid infrastructure • Develop and maintain security documentation, policies, and procedures • Collaborate with cross-functional teams to integrate security into system design • Ensure compliance with regulatory and organizational security requirements • Perform risk assessments and recommend mitigation strategies • Stay current with emerging threats, technologies, and security best practices