Principal Cyber Security Engineer - Senior Mainframe RACF Engineer (Remote)

 Posted 2 days ago
     
10+ years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Lead the design, implementation, and governance of RACF security controls across complex z/OS environments. This includes automating certificate lifecycles, implementing MFA, and ensuring compliance through SAS reporting and audit evidence collection.
Overview

The Senior Mainframe RACF Engineer leads the design, implementation, and governance of RACF security controls across complex z/OS environments. This role requires expert-level RACF engineering, strong programming skills (REXX, IBM Utilities and RACF utilities, SAS, JCL, Splunk), and hands-on experience with digital certificate rotation automation, Multi-Factor Authentication (MFA) implementation, and enterprise reporting. The engineer partners with engineering, security, audit, infrastructure, and application teams to ensure resilient, compliant, and scalable mainframe security.

Remote eligible. 


Responsibilities

  • RACF Engineering — Architect, configure, and maintain RACF profiles, classes, permissions, and database structures across multiLPAR environments.
  • Multifactor Authentication – Support MFA for mainframe access, including integration with Enterprise Identity providers, enforcement of strong authentication policies, and modernization of legacy authentication flows.
  • Digital Certificate Lifecycle — Manage certificate creation, renewal, rotation, and ring assignments; ensure secure integration with SFTP, and crossplatform authentication.
  • REXX Automation — Develop automation and tooling using REXX, CLIST, and TSO/ISPF to streamline RACF administration, compliance evidence collection, and operational workflows.
  • SAS Reporting — Build and optimize SAS programs for compliance reporting, audit evidence generation, access analytics, and RACF database insights.
  • Security Integration — Integrate RACF with DB2, CICS, and enterprise applications to ensure endtoend security coverage.
  • Incident Response — Diagnose and resolve RACFrelated issues; perform rootcause analysis and lead remediation for security events.
  • Audit & Compliance — Produce SOX/HIPAA/PCI evidence, lead reviews, and maintain defensible documentation for internal and external audits.
  • Authentication & Encryption Modernization — Drive modernization of authentication and cryptographic controls, including MFA and certificate lifecycle automation.
  • Mentorship & Documentation — Train junior engineers; support processes, standards, and engineering design documentation.

This job posting is expected to remain active for 30 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants.

 

The base pay for this position is generally between $130,000 and $190,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment.

 

#LI-IK1 


Qualifications

Bachelor's Degree and 8 years of experience in Systems Engineering, Network, or Information Security OR High School Diploma or GED and 12 years of experience in Systems Engineering, Network, or Information Security

 

Preferred Skills: 

  • 10+ years of mainframe experience with expert RACF knowledge (profiles, classes, permissions, command set).
  • Advanced proficiency in REXX, SAS, JCL, TSO/ISPF, and IBM utilities.
  • Hands-on experience with Vanguard specific tools.
  • Handson experience with MFA for mainframe access, including integration with enterprise identity providers.
  • Experience with dataset encryption, and cryptographic modernization.
  • Strong background in digital certificates, rings, and crossplatform authentication.
  • Proven ability to troubleshoot complex RACF issues and differentiate RACF vs. nonRACF root causes.
  • Experience supporting SOX, HIPAA, PCI, and internal audit requirements.
  • Strong analytical, communication, and documentation skills.
  • Experience defining enterprise RACF standards and reference architectures.
  • Systems programming experience.
  • Financial industry experience.

 

Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at https://jobs.firstcitizens.com/benefits.

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Security Engineer

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified