Information Security Analyst
Acts in a strategic role in the development and maintenance of extremely computer network security/protection systems and architectures. Provides security solutions that require resolution of complex operational and integration issues associated with networks, data systems, and applications to successfully deploy secure technologies and to enhance existing technologies. Leads computer security incident response activities, conducts technical investigation of security-related incidents and conducts post-incident digital forensics to identify causes and recommend future mitigation strategies. Serves as the highest level of information security consultant to all internal clients and technical management in all areas of the business to ensure conformity with corporate information security standards. Directs and serves an a mentor to less experienced staff.: 10+ years of experience in security applications and systems.
location: Charlotte, North Carolina
job type: Contract
salary: $53.88 - 60.62 per hour
work hours: 8am to 5pm
- Provide senior level technical support of mainframe security in a large, complex Multi-LPAR RACF environment utilizing RRSF (RACF Remote Sharing Facility), zSecure, RACF/DB2 and CICS.
- Work with internal and end-user personnel to define customized access solutions, reporting, notification, and data gathering as required.
- Occasional after hour support as required for implementations.
- Participates in the research, analysis, design, testing and implementation of complex computer security/protection technologies for company information and systems/applications.
- Performs periodic detailed assessments of the operating system and infrastructure components' security configuration to identify security vulnerabilities and provides remediation alternatives.
- Participates in the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems.
- An alternative role may include leveraging existing zSeries skills to work on mainframe security remediation projects.
- Using a methodology, leads or assists senior engineers in researching, analyzing, designing, testing and implementing security solutions.
- Leads or assists senior level engineers with analysis to identify security vulnerabilities and conduct security risk assessments to ensure compliance with corporate security policies and adherence to best practices.
- Assists in computer security incident response activities and technical investigations of security-related incidents.
- Provide technical guidance to less experienced staff.
- 7+ years of information security applications and systems experience
- 7+ years of mainframe security risk assessment and remediation experience
- 7+ years of hands on security engineering experience in a multi-node RRSF, complex z/OS environment
- 7+ years of hands on Resource Access Control Facility (RACF) experience with at least current and supported version (z/OS 2.1 and above)
- 7+ years of mainframe security experience using native z/OS and RACF tools (notes for Nidhee: Listen for use of ability to issue RACF commands outside of 3rd party tools)
- 7+ Years of experience issuing RACF commands and performing diagnosis
- 7+ years of JCL (Job Control Language) experience
- 7+ years of TSO (Time Sharing Options) experience
- zSecure tool experience is a plus
- CA Top Secret
- Advanced Information Security technical skills and understanding of information security practices and policies
- Ability to manage complex issues and develop solutions
- Ability to work on call as assigned
- Flexibility to frequently be on call beyond normal working hours
skills: - Excellent verbal and written communication skills
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.