Requirements:

Basic knowledge of security and good security best practices

• 5+ years of experience in ACF2, RACF, or Top Secret.  Experience/familiarity with multiple external security products a definite plus.  Experience in using security product utilities (e.g., RACF IRRADU00, IRRDBU00, IRRUT200, etc.).   
• Understand security exposures and how they are remediated.  Familiarity with major auditable items under ACF2, RACF, and Top Secret.
• Provide mainframe audit consultation, training, and knowledge sharing to clients and internal associates.
• Ability to organize, clarify and identify environmental security status and potential remediation steps.
• Work across organizational boundaries to deliver a quality product to our clients (internal and external).
• Can architect complex systems and break up into logical components.
• Understands the financial implications of the decisions being made from a technology perspective.
• Provide customer support by preparing ad hoc reports and giving presentations.
• Regularly lead self and others and/or established as Product SME and/or established as specialist.
• Monitor the environment for adherence to security standards.

Technical Skills:

• Proficient at TSO, JCL, IBM UTILITIES, JES2, ISPF, SDSF and/or IOF, Utilities (IEBGENER, IEBCOPY, IDCAMS, etc.), SMF, FTP.
• Knowledge of basic z/OS Operating System concepts.
• REXX, DFSORT, FILEAID knowledge a plus.  Ability to automate reporting and review the reports effectively and efficiently.
• Familiarity with SOC-1, SOC-2, SOX, PCI, ISO2700x audits.  Awareness of requirements imposed by various compliance regulations such as HIPAA, FISMA, GDPR.

• iSeries security knowledge a plus.

• Experience with Microsoft tools—Word, Excel, Power Point, Project, Notepad, etc.

Personal Skills:

• Strong written and verbal communication skills.

• Persistently promote security best-practices.
• Able to work independently, be a self-starter, and be able to identify and implement process improvements.
• Able to effectively plan detailed audit-related project work, including projection of effort and hours. 
• Able to organize work effectively, work on multiple projects concurrently, follow-up on open items, and bring closure to projects.
• Strong organizational skills with the ability to manage multiple concurrent project deliverables and the ability to work as a global team.
• Must show initiative and be self-motivated to achieve individual and team goals.
• Strong analytical skills and problem-solving skills.
• Comfortable with working in fast-paced, dynamic environment having multiple customers and mainframe environments.  Includes high-volume new customer migrations requiring time sensitive knowledge acquisition with customers.
• Evaluate existing security environments, and remediate security exposures.  This will likely include both existing and new customer environments, potentially becoming a stand-alone service offering.
• Work with technical and non-technical teams, including cross-training and knowledge transfer with other team members.

 
Education:

• CISSP, CISA, CISM or ITIL Certification a plus
• Bachelors or Masters Degree Preferred

Other mainframe security products a plus