HCLTech
RACF z/OS Security Expert to manage and maintain security infrastructure across our mainframe environment, with emphasis on security administration and certificate lifecycle management.
Key Responsibilities
RACF Security Administration
Design, implement, and maintain RACF security policies and user access controls
Manage user IDs, groups, and resource profiles (datasets, transactions, programs)
Conduct security audits, access reviews, and incident response
Create compliance documentation and audit reports
Certificate Management
Manage digital certificates within RACF and z/OS using RACDCERT
Plan and execute certificate renewals to prevent service disruptions
Monitor certificate expiration dates and maintain renewal schedules
Generate CSRs and coordinate with Certificate Authorities
Install, update, and validate SSL/TLS certificates for z/OS applications
Maintain certificate key rings and trust chains
Troubleshoot certificate-related connectivity issues
System Security & Compliance
Implement security controls for CICS, DB2, IMS, MQ, and other z/OS subsystems
Collaborate with CICS, DB2, MQ, and application teams on security requirements and implementations
Configure Started Task and Surrogate security
Monitor SMF security records and investigate anomalies
Ensure compliance with industry standards (PCI-DSS, SOX, HIPAA)
Support internal and external security audits
Participate in disaster recovery planning
Required Qualifications
Technical Skills
7+ years of hands-on RACF administration experience in z/OS environments
Strong expertise in RACF commands, utilities, and best practices
Proficiency with RACDCERT for digital certificate management
Experience with SSL/TLS protocols and PKI infrastructure
Strong knowledge of ISPF, TSO, JCL, and REXX
Familiarity with z/OS subsystems security (CICS, DB2, IMS, MQ)
Understanding of SMF record analysis and security monitoring
Security & Compliance
Deep understanding of mainframe security concepts and threats
Knowledge of security frameworks and regulatory requirements
Experience with security incident response
Strong analytical and problem-solving abilities
Preferred Qualifications
IBM RACF or mainframe security certification
Experience with zSecure or similar security tools
Knowledge of encryption technologies (ICSF, z/OS Crypto)
Security automation and scripting experience
Relevant certifications (CISSP, CISM)
Work Environment On-call rotation required
Occasional off-hours maintenance
Disclaimer HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to secure@hcltech.com for investigation.
Compensation and Benefits A candidates pay within the range will depend on their work location, skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.
Work Environment On-call rotation required
Occasional off-hours maintenance
Disclaimer HCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to secure@hcltech.com for investigation.
Compensation and Benefits A candidates pay within the range will depend on their work location, skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.