Access Management

Job Description:

At DXC we use the power of technology to deliver mission critical IT services that our customers need to modernize operations and drive innovation across their entire IT estate. We provide services across the Enterprise Technology Stack for business process outsourcing, analytics and engineering, applications, security, cloud, IT outsourcing and modern workplace.

Our DXC Security services helps customers assess risk and proactively address all facets of their security environment, from threat intelligence to compliance. We leverage proven methodologies, intelligent automation and industry-leading partners to tailor security solutions to our customers' unique business needs.

Job scope/summary:

The Security Information Services for Large Platform environment are intended to ensure the availability, integrity and confidentiality of data information by protecting against internal and external threats and inadvertent or malicious actions. The security team protects the mainframe environment by using tools such as RACF, ACF2 or Top Secret or native tools on AS400 and Nonstop to grant/remove access and mitigate risks to client systems.

About this role, responsibilities:

• Support personnel will have knowledge of access control mechanisms within the supported platforms and related security software.
• Validate requests to ensure the requests contain all required data and are authorized by appropriate data owner. 
• Analyze requests and determine course of action, based on existing corporate and client policies and procedures. 
• Evaluate security impacts and resolve related issues. 
• Validate changes to ensure accuracy and completeness from a security perspective.
• Enforce process controls.
• Raise, follow up on approval, and implement normal/emergency changes based on valid requests and approvals.
• Perform and review dataset and resource rules re-organization, based on appropriate approvals.
• Run reports as defined and installed.  Ensure jobs are generating reports as requested.
• Disaster recovery planning and exercise support, as required of the Level 2 team(s).
• Audit support may be requested through standard processes from multiple sources, and includes providing global documentation, reports, etc.  Requirements are usually based on the Service Organization Controls (SOC) Framework of the American Institute of Certified Public Accounts (AICPA), and Payment Card Industry (PCI) activities.
• Provide technical security support, security administration, compliance, and incident management in support of the following:
• Support password resets which could not be addressed by Level 1.
• Add/Change/Delete User Logon ID, system ID, application ID, groups, profiles, etc.
• Add/Change/Delete Dataset Access.
• Add/Change/Delete General Resource Access.
• Add/Change/Delete Production Job Logon ID.
• Add/Change/Delete Started Task Logon ID.
• First point of contact for audit support. 
• Support incident and problem management as required.
• Maintain resource and data ownership tables for use in validating approvals.
• Basic Audit responses
• Audit reporting review per client request for our supported platforms and tools used in various regions, including, for example, Global Compliance Management System (GCMS), the Network Access Control Online System (NACOS), and Report Distribution System (RDS).
• Disaster recovery planning and exercise support, as required of the Level 2 team(s).  This is dependent on the client as this can be a function between L2 or L3.
• Evaluate these issues with Level 3 as directed.
• 24x7 on call support is available for Incidents and schedule changes.
• Support password resets which could not be addressed by Level 1.
• Add/Change/Delete User Logon ID, system ID, application ID, groups, profiles, etc.
• Add/Change/Delete Dataset Access.
• Add/Change/Delete General Resource Access.
• Add/Change/Delete Production Job Logon ID.
• Add/Change/Delete Started Task Logon ID. Validate requests to ensure the requests contain all required data and are authorized by appropriate data owner. 
• Analyze requests and determine course of action, based on existing corporate and client policies and procedures. 
• Evaluate security impacts and resolve related issues. 
• Validate changes to ensure accuracy and completeness from a security perspective.
• Enforce process controls.
• Raise, follow up on approval, and implement normal/emergency changes based on valid requests and approvals.
• Perform and review dataset and resource rules re-organization, based on appropriate approvals.
• Run reports as defined and installed.  Ensure jobs are generating reports as requested.
• Audit responses
• Maintain resource and data ownership tables for use in validating approvals.
• Disaster recovery planning and exercise support

Requirements:

• Fluent in written and verbal English
• 2 yrs experience as an access management.
• Understanding of mainframe function
• Mainframe RACF, ACF2 and/or Top Secret and AS400 experience
• AS400/Nonstop
• Time management
• Professional business acumen
• Self-drive
• Audit questionnaires
• Microsoft Office

Joining DXC connects you to brilliant people who embrace change and seize opportunities to advance their careers and amplify customer success. At DXC we support each other and work as a team — globally and locally. Our achievements demonstrate how we deliver excellence for our customers and colleagues. You will be joining a team that works to create a culture of learning, diversity and inclusion and are dedicated to strong ethics and corporate citizenship.

At DXC we put our people first. In managing COVID-19, our actions are focused on the health, safety and well-being of our colleagues and their families and our approach is to encourage and support masking, testing and vaccination. With our Virtual First strategy the majority of our workforce now works remotely and will continue to do so. We recognize that requirements and availability around masking, testing and vaccination vary by location and we continue to monitor and conform with government regulations and customer requirements specific to each location

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.