Mainframe Security SME

About The Position

Requirements

• Mainframe Security SME
• Migration from Broadcom ACF2 to RACF
• Planning
• Design
• Testing
• Cutover
• Stabilization
• ACF2 rules
• Resource definitions
• Access models
• RACF class structures
• Grouping
• Profiles
• Naming standards
• Enterprise security policies
• Role-based access
• Dataset protection
• Digital certificates
• Password/ MFA integration
• z/OS security components such as ICSF, PKI, SAF exits, and SMF logging
• Regulatory requirements (SOX, PCI, HIPAA, etc.)

Responsibilities

• Lead the end-to-end migration from ACF2 to RACF, including planning, design, testing, cutover, and stabilization.
• Develop and maintain the migration roadmap, timelines, and risk mitigation strategies.
• Conduct detailed analysis of existing ACF2 rules, resource definitions, and access models to map them to RACF equivalents.
• Build automated or semi-automated processes to streamline conversion and validation.
• Design RACF class structures, grouping, profiles, and naming standards aligned with enterprise security policies.
• Implement RACF administration best practices, including role-based access, dataset protection, digital certificates, and password/ MFA integration.
• Configure and optimize z/OS security components such as ICSF, PKI, SAF exits, and SMF logging.
• Develop scripts, tools, and utilities to support RACF administration and reporting.
• Ensure RACF implementation aligns with regulatory requirements (SOX, PCI, HIPAA, etc.).
• Partner with audit teams to provide evidence, reporting, and remediation guidance.
• Establish RACF operational procedures, access request workflows, and ongoing governance models.