Job Title: Mainframe Security Analyst III / IV
Location: Remote
Duration: 12 Months
Job Overview
We are seeking a highly skilled Mainframe Security Analyst III / IV to join our team. The ideal candidate will be experienced in mainframe security, vulnerability management, and possess strong analytical skills.
Key Responsibilities
- Execute day-to-day tactical operations related to mainframe security projects.
- Analyze various data points for vulnerability management and provide detailed reports.
- Serve as the mainframe security expert, guiding projects, asset modeling, and documentation.
- Interface directly with client staff for training and daily inquiries about vulnerability management tools.
- Act as a subject matter expert on Mainframe Security Systems, including ACF2, TSS, and RACF.
- Establish and maintain security standards for z/OS hardening, security controls, and vulnerability remediation.
- Facilitate communication between mainframe engineering teams and information security teams.
- Perform vulnerability scanning, penetration testing, and manage vulnerability reporting.
- Utilize Qualys for vulnerability management and ensure adherence to STIG standards for TSS and ACF.
Required Skills And Experience
- 10+ years of experience in Mainframe Security.
- 7-10 years of zSecure Audit experience.
- Extensive experience with z/OS ACF2 or TSS (10+ years).
- Proven track record in leveraging z/OS RACF STIG for hardening efforts.
- Background in z/OS security consulting and penetration testing preferred.
- Familiarity with vulnerability management processes.
- Strong communication and documentation skills.
- Experience with JIRA, Confluence, and SharePoint is a plus.
- Positive attitude, proactive problem solver, and ability to work independently.
Preferred Education
- BS Degree and/or 15+ years of Mainframe Security experience.
Software Skills
- ACF2 or TSS Mainframe Security work.
- zSecure programming using CARLa code.
Additional Requirements
- Must be willing to investigate, learn, and support mainframe security systems.
- Ability to work as an individual contributor with minimal support, especially in a remote setting.