Mainframe Architect MFA resource - Remote

Remote • Posted 6 hours ago • Updated 6 hours ago
Contract Independent
Contract W2
Contract Corp To Corp
No Travel Required
Able to Sponsor
Remote
Depends on Experience
Fitment

Dice Job Match Score™

⏳ Almost there, hang tight...

Job Details

Skills

  • Multi-factor Authentication
  • Design Documentation
  • Disaster Recovery
  • Authentication
  • Authorization
  • Communication
  • ACF2
  • Document Review
  • Documentation
  • RACF
  • IBM
  • Integration Testing
  • Mainframe
  • Microsoft
  • RADIUS
  • Startups
  • TLS
  • TSO
  • USS
  • z/OS

Summary

Mainframe Architect MFA resource
Remote
 
Infrastructure Mainframe Architect MFA resource
 
 
 
See description:
An architect for designing the complete solution … Need design for the overall phases of the project from an architecture perspective.
The activities included are:
Phase 1
1.1.1                   Stream 1 – Preparation
  1. Define project activities
  2. Identify with client’s key stakeholders including the 10 test users
  3. Identify Roles and responsibility of team
  4. Request relevant documentation
1.1.2                   Stream 2 – Design document
  1. Review documentation
  2. Understand how EntraId is hosted and configured
  3. Discover which channel can be used for MFA pushes
  4. Understand current zMFA implementation
  5. Elaborate each of the 3 use cases
  6. Elaborate requirement aligned with use cases
  7. Define design document for all environments
1.1.3                   Stream 3 – Implementation zMFA for ACF2
  1. If needed, Install and configure IBM zMFA components on the z/OS systems
  2. Apply required IBM ZMFA maintenance & updates as recommended by IBM
  3. Configure zMFA runtime parameters, including:
  • High-level qualifiers (HLQs)
  • USS directory structures and permissions
  • Java runtime and environment variables
  1. Configure zMFA communication services, including:
  • Listener and service ports required for authentication requests
  • Secure (TLS) communication between zMFA and the external MFA provider
  1. Define and configure required zMFA started tasks and supporting services
  2. Integrate with Entra ID MFA enforcement points for interactive access paths, including TPX, Personal Communications (PCOMM), and web-based access tools
  3. Validate successful startup and operation of zMFA services and confirm readiness for integration testing with Microsoft Entra ID MFA Implementation Entra ID MFA (based on availability of configured tenant
1.1.4                   Stream 4 – Implementation zMFA for RACF
  1. Installation and Base Configuration of zMFA components which is in-scope z/OS systems protected by RACF.
  2. Apply required IBM zMFA maintenance, PTFs, and updates as recommended by IBM to ensure compatibility with RACF and z/OS.
  3. zMFA Runtime Configuration & parameters, including:
  • High-level qualifiers (HLQs) for zMFA datasets
    • USS directory structures and associated RACF OMVS permissions
    • Java runtime configuration, JVM parameters, and environment variables
  1. zMFA Communication Services Configuration & services, including:
  • Listener and service ports required for authentication and RADIUS processing
  • Secure (TLS) communication between zMFA and the external MFA provider
  1. Define and configure required zMFA started tasks and supporting services, including:
  • APF authorization for required load libraries
  1. Integrate zMFA with Microsoft Entra ID MFA via RADIUS for interactive access methods, including:
  • TPX multi-session access
  • Direct TSO / Personal Communications (PCOMM) access
  • Web-based access tools (z/OSMF, Zowe, IDz)
  1. Validate successful startup and operation of ZMFA services, confirm RACF policy enforcement, and verify ready-to-end integration testing with Microsoft Entra ID MFA.
1.1.5                   Stream 5 – Implementation EntraID MFA
  1. Setup and configure MFA account and groups for test accounts
  2. Configure TOTP MFA
  3. Configure enrollment process
  4. Recovery procedure for re-registration, token issues
  5. Integrate with zMFA
  6. Test use cases
  7. Approval
Phase 2
1.1.6                   Stream 1 – Full roll-out preparation
  1. Define additional use cases
  2. Identify all mainframe instances
  3. Define additional requirements including break glass, disaster recovery, alternative authentication methods including out of band
Define required procedure for enrollment
 
 
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91126058
  • Position Id: 8948986
  • Posted 6 hours ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote

Today

Easy Apply

Contract, Third Party

Depends on Experience

Remote

3d ago

Easy Apply

Third Party

$60

Remote or Altamonte Springs, Florida

Today

Contract

$60 - $60 hourly

Remote

27d ago

Easy Apply

Contract

$60 - $60

Search all similar jobs