Security Engineer (SIEM)

Position Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the companyu2019s success. As a Security Engineer (SIEM) within PNC's Technology organization, you will be based in Pittsburgh, PA; Cleveland, OH; Birmingham, AL; Dallas, TX or Lakewood, CO. The SIEM Security Engineer is responsible for designing, operating, and maintaining security information and event management (SIEM) capabilities that support enterprise security monitoring and threat detection. This role onboards and manages log data, develops content, tunes detections, and supports incident response through actionable security insights. The SIEM Security Engineer works closely with security operations, engineering, and technology teams to improve visibility across hybrid cloud and on prem environments and ensure alignment with security and regulatory requirements. Job Description As a SIEM Security Engineer, youu2019ll design, engineer, and operate enterprise scale SIEM platforms that support high volume log ingestion, normalization, correlation, alerting, and long term retention across hybrid cloud and on prem environments. You will architect and maintain end to end data onboarding pipelines, covering source onboarding, parsing, field extraction, normalization, enrichment, and validation to ensure telemetry is high quality, searchable, and actionable. In this role, you will develop, test, and maintain SIEM detection content, including correlation searches, analytic rules, alerts, and risk based detections aligned to real world attacker techniques and behaviors. You will write and optimize advanced search queries to support detections, investigations, dashboards, and threat hunting use cases, balancing performance, cost, and data fidelity. You will also build and maintain operational and security dashboards that provide visibility into threat activity, platform health, coverage gaps, and detection effectiveness for GSFC teams and security leadership. You will perform threat analytics and proactive hunting by leveraging SIEM telemetry to identify anomalous behavior, validate detection hypotheses, and uncover gaps in existing monitoring and content. Partnering closely with SOC and Incident Response teams, you will investigate alerts, provide deep technical analysis, enrich events with contextual data, and continuously improve signal to noise ratio and response outcomes. Additionally, you will monitor and tune SIEM platform performance, including ingest volume, indexing efficiency, search performance, data retention, and licensing utilization. You will manage the SIEM configuration and content lifecycle through version control, change management, testing, and promotion across environments. You will define and track technical metrics and KPIs for detection coverage, alert quality, data completeness, and platform reliability, mapping coverage to the MITRE ATT&CK framework. You will support broader security architecture and engineering initiatives by integrating SIEM with upstream and downstream systems such as cloud services, endpoint tooling, network telemetry, and SOAR platforms. You will author and maintain technical documentation, including onboarding standards, detection logic, architecture diagrams, and operational runbooks, and continuously evaluate new telemetry sources, detection techniques, and platform capabilities to evolve security monitoring and reduce enterprise risk. Qualifications u2022 Proven experience with SIEM tools architecture, deployment, and administration. u2022 Experience in cloud/hybrid environments and multi-cloud integrations. u2022 Knowledge of regulatory frameworks (e.g., NIST, ISO, MITRE). u2022 Ability to work cross-functionally and manage customer expectations. u2022 Strong analytical, troubleshooting, and communication skills. PNC is an in-office company that fosters a supportive culture where employees can thrive and achieve balance. We encourage candidates to connect with their recruiter and hiring manager to understand workplace expectations and ensure the role aligns with their goals. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position. Job Description + Provides subject matter expertise when applying security concepts. Leverages technical knowledge and industry experience to design, build, and maintain technology solutions. Responsible for deliverables related to project timelines. + Responsible for working with architecture to take high level architectural designs and determine the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization. + Evaluates patches, updates, and ongoing maintenance. Determines impacts to existing solutions when new standards are implemented. Utilizes change control and other governance processes to ensure alignment of solutions . + Develops detailed implementation, configuration, design, and engineering documentation. Build and implement solutions. + Works with operational partners to enable transition and day-to-day supportability. + Provides engineering support to existing technology in a production environment and collaborating with other groups as required. Seeks opportunities to grow a broad knowledge base to complement specific subject matter expertise. PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be: + Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions. + Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework. Qualifications Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position. Preferred Skills Access Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies, SIEM Tools, Splunk Infrastructure Monitoring Competencies Analytical Thinking, Effective Communications, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, IT Systems Management, Network and Internet Security, Problem Solving, Technical Troubleshooting Work Experience Roles at this level typically require a university / college degree, with 5+ years of industry-relevant experience. Specific certifications are often required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered. Education Bachelors Certifications No Required Certification(s) Licenses No Required License(s) Benefits PNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives. In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service. To learn more about these and other programs, including benefits for full time and part-time employees, visit . Disability Accommodations Statement If an accommodation is required to participate in the application process, please contact us via email at . Please include u201caccommodation requestu201d in the subject line title and be sure to include your name, the job ID, and your preferred method of contact in the body of the email. Emails not related to accommodation requests will not receive responses. Applicants may also call 877-968-7762 and say

Created: 2026-03-09