Mainframe Security Analyst

The Senior Mainframe Security Analyst is a subject matter expert for the IBM system z mainframe security environment. This role designs and implements current security controls and reporting for an IBM mainframe environment. The role is responsible for interacting with all appropriate parties to translate the technical environment into consumable formats for IT management, business, and audit entities.

(45 %) Maintain current state and apply changes to further secure the IBM Mainframe environment. This includes installation and configuration of RACF and other services such as mainframe encryption, key management, and certificate management. Remediate problems and requests within established SLAs.

(15 %) Create and maintain a meaningful reporting structure to demonstrate current state of mainframe environment including alignment with security policies. Reports should also demonstrate progress toward projects and audit finding remediation.

(15 %) Create and plan mainframe security initiatives based on policy, risk analysis, and audit findings. Collaborate with other teams to schedule implementation plans and testing. Recommend solutions to further secure the mainframe environment.

(15 %) Lead and participate in discussions and planning sessions for overall security posture. These include Risk Analysis, training, DR planning, and security policy creation/review.

(10 %) Prepare and participate in internal and external audits providing necessary information and responding to questions and findings.

Minimum 5 years experience in a system architecture role with a focus on technology risk and information security disciplines.

Strong verbal and written communication skills. Candidate is required to present orally and visually to others.

Strong RACF, UNIX, z/Linux, Db2 and CICS security skills. Solid knowledge with IBM TKE.

Experience with mainframe utilities/programming languages (JCL, REXX, Clist).

Public Key Infrastructure and other encryption solutions experience.

Working knowledge of network security and client-server applications.

Proven experience working under minimal supervision with a strong commitment to team participation.

Ability to adhere to the work schedule and attendance policy established by manager.

Ability to speak English fluently.

Ability to work in a collaborative environment.

Bachelor s degree, associate s degree, or CCUE Certification and 5 consecutive years of full time SECU service.

7 years of experience in a systems architecture role with a focus on technology risk and Information Security disciplines.

CISSP or CISA desired.

Working knowledge of SailPoint integration.

Working knowledge of Venafi.

Experience mentoring and coaching junior technical resources.

Office setting may have physical proximity to other employees.

Some background noise from other employees, copy machines, and telephone will occur.

Must be able to comprehend and carry out verbal and written instructions.

Job requires a substantial amount of sitting.

Use hands and fingers to press keys on computer keyboard to enter or retrieve information.

Must be able to comprehend phone calls.

Production support is 24x7.