Security Specialist Sr - RACF and OIM

About The Position

Requirements

• Expert-level proficiency in RACF security administration and mainframe security operations.
• Expert-level proficiency in IBM zSecure suite (Admin, Audit, Alert).
• Strong command of z/OS, JCL, TSO/ISPF, and mainframe architecture.
• Experience administering or supporting Oracle Identity Manager (OIM) or similar IAM platform.
• Excellent communication skills with the ability to translate technical risks into business impact.
• Demonstrated ability to work independently and influence across teams.
• Industry relevant experience is typically 8+ years.
• Bachelors degree
• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Nice To Haves

• Experience integrating mainframe security with enterprise IAM, PAM, and SIEM platforms.
• Advanced scripting skills in REXX, CLIST, or other automation tools.
• Familiarity with Identity and Access Management (IAM) frameworks.
• Proficiency with Microsoft Excel for reporting, analysis, and audit support.
• Ability to develop and troubleshoot Oracle SQL queries for reporting and operational support.
• Experience with ServiceNow for access requests, workflow automation, and incident/change management.
• Proficient in ACF2 Security administration
• Higher level education such as a Masters degree, PhD, or certifications is desirable.
• Specific certifications are often required.
• In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.
• Access Control (AC)
• Building Architecture
• Customer Solutions
• Disaster Recovery Planning
• Information Security
• Network Security
• Physical Security
• Risk Assessments
• Security Technologies
• Analytical Thinking
• Effective Communications
• Information Assurance
• Information Security Management
• Information Security Technologies
• IT Environment
• IT Standards, Procedures & Policies
• IT Systems Management
• Knowledge of Organization
• Problem Solving
• Software Security Assurance

Responsibilities

• Onboarding and integration of mainframe RACF applications into the Oracle Identity Manager (OIM) IAM platform, including access models, provisioning workflows, and controls alignment.
• Administer and maintain RACF security profiles, groups, and user IDs across multiple LPARs.
• Utilize IBM zSecure suite for auditing, reporting, and automation of RACF administration tasks.
• Integrating mainframe security (RACF) with enterprise IAM platforms such as Oracle Identity Manager (OIM)
• Analyze and implement security controls to meet internal policies and external regulatory requirements (e.g., SOX, HIPAA, PCI).
• Perform regular security reviews, access recertifications, and vulnerability assessments.
• Develop and maintain RACF and zSecure documentation, including procedures, standards, and training materials.
• Collaborate with internal teams to support application onboarding and access provisioning.
• Respond to security incidents and provide forensic analysis.
• Participate in audits and provide evidence of compliance with security controls.
• Mentor junior security analysts and provide technical leadership in RACF and zSecure best practices.
• Drive automation and efficiency in RACF administration.
• Provides technical evaluation and analysis in a specific Security area.
• Supports activities, process, and tools needed to improve overall security posture of the organization.
• Provides subject matter expertise.
• Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, creates documentation.
• Performs investigation and data loss prevention, data manipulation, coordination of activities.
• Performs actions to address or mitigate risks and vulnerabilities.
• Reviews and defines controls.
• Advises on more complex security procedures and products for clients, security administrators and network operations.
• Participates in enforcement of control security risks and threats; potential of one more controls subject to manager discretion.
• Shares knowledge with staff.
• Conducts security assessments and other information security routines consistently.
• Investigates and recommends corrective actions for data security related to established guidelines.
• Develops policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats.
• Oversees that business needs are being met during development.
• Shares knowledge, leads and mentors are the discretion of management.
• Aligns the controls of a specific Security area to the enterprise framework.
• Devises control implementation strategy.

Benefits

• medical/prescription drug coverage (with a Health Savings Account feature)
• dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match
• pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives
• maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level; and years of service