Mainframe Computer Systems Security Specialist - Seneca Resources

Seneca Resources is looking for a Mainframe Computer Systems Security Specialist!

Job Title: Specialist, Mainframe Computer Systems Security

Location: Eagan, MN(Remote)

Pay Rate: $50/hr on W2

Citizenship: US Citizen or Permanent Status Green Card Holder - Must share citizenship country if holding a green card.

Overview:

The Mainframe Computer Systems Security Specialist is responsible for managing, implementing, and enhancing the security posture of mainframe systems within an organization. The mainframe environment typically supports critical business operations, so it’s vital that the security measures surrounding these systems are robust and comply with regulatory requirements. The specialist works to ensure the confidentiality, integrity, and availability of mainframe data and services by establishing and enforcing security protocols and best practices.

Key Responsibilities:

1. Mainframe Security Workflow Management:
2. Task: Ensure the accurate and timely completion of mainframe security workflow processes, such as access control, monitoring, and auditing.
3. Impact: This helps in minimizing security breaches and ensures the mainframe systems remain secure from unauthorized access and vulnerabilities.
4. Leading Security-Related Project Teams:
5. Task: Lead and collaborate with various teams across the organization such as Information Systems, Inspection Services, and other security-related departments, to ensure that security projects are effectively carried out.
6. Impact: It fosters a collaborative environment ensuring that the company’s mainframe security protocols are in line with current and future needs.
7. Security Policy Implementation and Review:
8. Task: Implement internal and external information security requirements, reviewing and ensuring compliance with these policies.
9. Impact: This ensures that all regulatory and internal policies are met, reducing the risk of compliance violations and security incidents.
10. RACF Security Reports Monitoring and Development:
11. Task: Monitor and develop reports from the RACF (Resource Access Control Facility) security system, which is integral to controlling user access to sensitive data.
12. Impact: Helps in identifying potential security threats and ensuring that all access controls are appropriately applied and enforced.
13. Risk Management and Security Audits:
14. Task: Conduct and support risk management efforts, as well as audits to assess vulnerabilities and security gaps.
15. Impact: Helps proactively identify and mitigate security risks to avoid breaches or compliance issues.
16. Vendor Coordination and Installation of Security Interfaces:
17. Task: Work with technical vendors and internal support teams to coordinate and install security products that integrate with RACF.
18. Impact: Ensures that the mainframe security environment remains up to date with the latest security solutions.
19. Specialized Security Areas (Encryption, Telecommunications):
20. Task: Provide expertise in specialized areas such as encryption and telecommunications security, helping protect sensitive data during transmission or storage.
21. Impact: Ensures that sensitive data is protected during processing and while in transit over networks.
22. Security Training and Documentation:
23. Task: Develop and deliver security training programs for internal teams, creating user-friendly documentation and training materials.
24. Impact: Helps build awareness among staff and ensures that the entire organization adheres to security best practices.
25. Technical Expertise:
26. Task: Stay up to date on the latest security technologies, tools, and vulnerabilities, and apply that knowledge to enhance the security posture of mainframe systems.
27. Impact: Improves the overall security framework of the company by keeping systems and practices aligned with modern security standards.

Required Skills and Experience:

• Mainframe Security Tools (IBM RACF, zSecure): Strong knowledge of IBM RACF (Resource Access Control Facility) and the zSecure tool is critical. These tools are used to manage user access and enforce security policies in mainframe environments.
• Security Policy and Compliance: Experience with enforcing and reviewing security policies, ensuring compliance with laws and regulations such as HIPAA, GDPR, or industry-specific standards.
• Job Control Language (JCL) and Utilities: Knowledge of JCL (Job Control Language) and mainframe system utilities is crucial for handling security management tasks.
• Programming Knowledge: Familiarity with IBM’s Customer Information Controls System (CICS), DB2 (relational databases), and other related technologies is often beneficial.
• Risk Management: Ability to assess and manage security risks, including conducting security audits and vulnerability assessments.
• Encryption and Data Protection: Strong understanding of encryption techniques and telecommunications security, ensuring the protection of sensitive data.
• Security Documentation and Training: Experience in writing clear security documentation and developing training materials to educate staff on security procedures and best practices.

Key Technical Tools:

• IBM RACF (Resource Access Control Facility): A critical tool for managing user access in mainframe environments.
• zSecure: IBM tool used to administer RACF and other mainframe security functions.
• CICS (Customer Information Control System): For managing transactions on mainframes, often requiring security controls.
• DB2: A relational database management system that may require security configurations.
• SAS (Statistical Analysis System): Software used for data analysis, which may need secure implementation for processing sensitive data.

Qualifications:

• Education: A Bachelor’s Degree in Information Technology or a related field (preferred).
• Experience: Minimum 9 years of experience in information security, specifically in a mainframe environment.
• Certification/Knowledge: Security certifications (e.g., CISSP, CISM) may be preferred but not mandatory.
• Clearance: Must be able to obtain a Position of Public Trust Clearance (for US Citizens or Permanent Residents).

Preferred Skills:

• Programming (REXX, CARLa): Ability to program using languages such as REXX (used for mainframe applications) and CARLa (used in zSecure).
• UDB-DB2 Knowledge: Experience with relational databases like DB2 is a plus.
• SAS Software: Familiarity with SAS software, especially for data security analytics.

About Seneca Resources:

Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. Seneca Resources is a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team. We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.