Mainframe Security Engineer
Posted on Feb 11, 2020 by Levy Associates Ltd
Mainframe Security Engineer
For security advice regarding critical applications on Mainframe and sharing his/her security best practices, CISO is looking for security engineers with securing Mainframe and lecture expertise.
You will play a crucial role in the journey to integrate the cloud and the Mainframe platforms into the client's new hybrid solution moving forward. Your contribution will transform a centrally managed and operated environment to a self-service provisioning and application-deployment platform to support agile and DevOps way of working.
Security requirements against the Mainframe infrastructure evolved over the decades so you will work together with various talented teams to understand the security aspects of the applications involved, advise on how to improve security implementations and brainstorm on how to eliminate custom built security solutions. Briefly: a constant co-creation and security by design!
The IT Organisation is your biggest client and the cooperation with our international business is one of your key drivers. It is important to scale the business and customer interests against possible risks, especially in regards to Mainframe security guidelines. If information security is at stake, you will have to turn customers away and quickly come up with creative and smart alternatives.
Your day to day activities would include
- Define and support secure continuous delivery approaches including tooling and automated testing and support teams with threat modelling.
- Collaborate with architects and security engineers to standardize, simplify and improve the z/OS architecture.
- Provide technical oversight on the design and implementation of proposed Mainframe security future developments and enhancements.
- Improve the monitoring and reporting of security violations and improve the system and its software security and health check.
- Investigate new security capabilities on the market to improve the security implementation.
- Train various teams in consuming security and security standards as offered by the client.
- Review and advice upon security reports and audit findings.
- Manage the development, refresh and implementation of security policies, standards, guidelines and procedures.
The ideal candidate
A security specialist with the overview of a generalist and therefore an effective consultant & engineer.
You are well acquainted with network-, application and Mainframe security, as well as both technical and organisational areas. You continuously search for fresh ideas and gain more professional knowledge in order to enlarge your technical capabilities, as well as improving your soft skills. Furthermore, you have a sharp analytical eye and do not easily get stressed. In fact, you perform well under pressure.
You are bold, do not simply take things at face value and dare to ask questions. You are able to entice managers, colleagues and customers with your ideas. This means you can easily convince people and transpose technical jargons into understandable language effortlessly. Sometimes you will only be given five minutes to substantiate your advice & solution. This should be enough to make your statement.
Candidates are required to have:
- At least 7 years of experience in IT with at least 3+ years of information security experience;
- At least 3 years of experience working with Mainframe (z/OS) platforms;
- Extensive RACF & IBM IMS experience, including implementation, configuration, customization, maintenance;
- Solid experience working with and integrating automated security tools into CI/CD pipelines;
- Hardening experience of z/OS, Ipars, datasets, IMS, DB2 and IWS;
- Knowledge of Cobol application programming;
- Working experience with high-volume and high-availability applications;
- Strong technical knowledge of secure engineering principles;
- Working knowledge of risk assessments, vulnerability- and compliance management;
- Strong communication skills both verbally and in writing in Dutch and/or English.
Following qualifications would help to boost your candidature:
- University degree completed;
- Information Security (IS) professional qualifications, such as CISSP, CEH, CISA, CISM;
- Familiarity with:
- Implementing of enterprise-wide role-based security solutions, encompassing the Mainframe
- General z/OS systems programming
- z/OS utilities and facilities
- Experience in database technology
- Experience in Middleware;
- Knowledge of IS risk management (frameworks), such as NIST, CIS, ISO27K, SANS, CCM;
- Ability to scope and perform penetration tests;
- Update and create security-related documentation as necessary;
- Maintenance of internal security controls;
- Experience in security report reviews and audit controls.
Set up alerts to get notified of new vacancies.
€9.44 - €9.44 Hourly
€600 - €800 Daily
€60 - €63 Hourly