Mainframe Security Engineer

Mainframe Security Engineer

Do work that matters

CBA Global Technology Services provides the technology and solutions to build tomorrow’s bank today for our customers
Mainframe Services provides world-class capability and enablement for our core systems and infrastructure across the CBA group.

See yourself in our Team

The Platform Engineer – Mainframe Security (RACF Security Administrator) is responsible for providing business and IT stakeholders with Mainframe system access, compliant with the organisation’s information security policy, business requirements and risk appetite.

You will come with a proven expertise in Mainframe RACF security, Certificate Management, Encryption Technologies and have a working knowledge of industry best practices for enterprise security (focusing on risk), and demonstrate excellent problem-solving skills
 

In this role you will

As a Platform Engineer – Mainframe Security (RACF Security Administrator), you'll be responsible for the administration and analysis of access control operational security procedures concerning the management and reporting of access to CBA and Bankwest’s Mainframe systems.

Other responsibilities will include:

• Implementing mainframe access control technologies using the RACF program product under the direction of the Manager Mainframe Operations

• Day-to-day access control administration of the bank’s core Mainframe system, including RACF and Mainframe Encryption services.

• Access reporting and report analysis

• Liaising with other business units in the development and implementation of secure access controls

• Develop security tools (where required) and automate processes to provide customised security solutions.

• Evaluation and analysis of new systems and the implementation of access controls as required.

• Investigating, responding to, and reporting on, security incidents as directed.

• Trouble-shooting system access control issues.

• Lead the development, deployment and maintenance of security policies, procedures, standards, and strategies.

• Identifying business risks / vulnerabilities and suggesting enhancements to existing security processes.

• Maintain the integrity, efficiency, and effectiveness of the mainframe security product (RACF), using best practice security principals (ISO 17799).

• Maintain product awareness of the Security system (release knowledge, maintenance issues etc.) and ownership of the product configuration(s).

• Respond to Audit findings.

• Develop and maintain security processes and documentation.

• Design, test and implement access controls for new host software.

• Maintain policy awareness and enforce policy compliance.

• Proactively identify opportunities to simplify, modernise and reduce running cost for the platform.

• Carry out Key Management responsibilities as Key Custodians of encryption keys

We’re interested in hearing from people who have

• At least 5 years of Mainframe security experience, with previous relevant experience in an Information Security, Risk Management, Audit, or equivalent role.

• Thorough understanding of access control principles and practices as they pertain to the key accountabilities, particularly RACF Security.

• The ability to perform operational tasks with minimum supervision whilst ensuring the integrity and availability of production systems.

• The ability to work under pressure and to hit deadlines.

• The ability to work as a team.

• Broad understanding of IT Security principles associated with networks, operating systems, applications, and databases with a deeper specialisation in at least two of these fields.

• Experience with SIEM logging tools such as Splunk or other observability tools.

• Good interpersonal and consultative skills.

• Advanced communication skills (listening, written and verbal)

• Working knowledge of cryptographic key management principles as they apply to credit card and debit card regulatory compliance.

• Proficient with JCL/REXX/SMF reporting.

• Experience with Digital Certificate Management.

Desirable

• CISSP Certification

• Tertiary education in information systems/information security or certification.

• Experience with in-flight encryption and data at rest encryption implementation

• Experience with Mainframe Encryption Technology (CEX and ICSF)

• Knowledge of Agile/Scrum Methodology

• Hands on experience with Active Directory and LDAP configuration.

• Knowledge of DevSecOps tools and concepts.

• Experience with HSMs (hardware security module).

Working with us:

Our people bring their diverse backgrounds and unique perspectives to build a respectful, inclusive, and flexible workplace. One where we’re driven by our values, and supported to share ideas, initiatives, and energy. One where making a positive impact for customers, communities and each other is part of our every day.

Here, you’ll thrive. You’ll be supported when faced with challenges and empowered to tackle new opportunities. You’ll be empowered to do your best work and be given a choice about when and where that work happens. We really love working here, and we think you will too.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.