Description A Risk Manager (RM) of information technology (IAM) is responsible for supporting the management of all Identity & Access Management security and related issues within a company. Exhibit a full understanding of provisioning/deprovisioning and Privileged Access Management (PAM) processes. We are seeking a highly skilled Risk RACF Specialist to lead the security and risk management efforts within our mainframe environment. The successful candidate will be responsible for comprehensive awareness centered around the configuring, maintaining, and monitoring RACF (Resource Access Control Facility) to ensure the secure management of user access, system resources, and data protection. A core focus of this role is identifying and mitigating security risks, ensuring regulatory compliance, and proactively addressing potential vulnerabilities. The ideal candidate will have deep technical knowledge of RACF and a strong understanding of risk management and information security practices in a z/OS mainframe environment.Key Responsibilities:RACF Security Management & Risk Mitigation:
Design, implement, and manage RACF security policies, including user profiles, group definitions, and resource access permissions, to minimize security risks.
Proactively identify vulnerabilities and security risks associated with RACF configurations and user access.
Conduct periodic audits of RACF settings to ensure compliance with internal security policies and industry regulations (e.g., GDPR, HIPAA).
Implement and monitor security controls to protect sensitive data and critical system resources.
Work closely with the cybersecurity team to align RACF policies with broader organizational security and risk management strategies.
Risk Assessment & Incident Response:
Perform risk assessments on RACF access controls and configurations to identify potential threats or weaknesses in the system.
Respond to security incidents involving RACF, investigating root causes, and implementing corrective actions to prevent recurrence.
Collaborate with the Incident Response Team to ensure timely resolution of security breaches, unauthorized access, and other security incidents related to RACF.
Maintain documentation of security incidents, risk mitigation strategies, and post-incident reviews.
Compliance & Audit Support:
Ensure that RACF settings and policies comply with industry regulations, corporate security standards, and audit requirements.
Work with internal and external auditors to provide evidence of RACF security controls, processes, and audit trails.
Develop and maintain detailed documentation of RACF security policies, access controls, and incident response protocols.
Provide support during security audits by preparing reports on RACF compliance, user access reviews, and risk assessments.
Requirements
Experience:
5+ years of experience working with RACF in a z/OS mainframe environment.
Strong experience in risk management and security within a mainframe environment, particularly related to RACF access controls and policies.
Demonstrated expertise in conducting security audits, risk assessments, and implementing corrective actions.
Experience working in regulated industries (e.g., finance, healthcare) with a focus on compliance.
Technical Skills:
Deep understanding of RACF architecture, security policies, and risk management techniques.
Expertise in analyzing and managing security vulnerabilities, risks, and incidents related to mainframe access controls.
Proficiency with RACF administration tools and utilities for managing users, groups, and resources.
Knowledge of IBM z/OS environment and related mainframe security tools.
Strong skills in log analysis, security monitoring, and reporting
Technology Doesn't Change the World, People Do.®
Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app (https://www.roberthalf.com/us/en/mobile-app) and get 1-tap apply, notifications of AI-matched jobs, and much more.All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.© 2024 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s Terms of Use (https://www.roberthalf.com/us/en/terms) .