Administrative Skills, Analysis Skills, Applications Security, Authentication, Automation, Best Practices, Business Solutions, Communication Skills, Computer Security, Corrective Action, Cryptography, Database Technology, Digital Certificates, Diversity, Documentation, Ecosystems, Employee Benefits, Feasibility Analysis, IBM CICS (Customer Information Control System), IBM DB2, IBM Product Family, IBM Rexx Programming Language, IBM System/Spool Display and Search Facility (SDSF), IBM TSO/ISPF, IBM z-OS Operating System, Identity Data Management, Information/Data Security (InfoSec), JCL (Job Control Language), Machine Tool, Mainframe Computer, Maintain Compliance, Messaging Middleware, Microsoft Access Database, Microsoft Excel, Microsoft Office, Microsoft PowerPoint, Microsoft Word, Multitasking, Operational Audit, Operational Control, Operations Processes, Organizational Skills, Performance Metrics, Presentation/Verbal Skills, Problem Solving Skills, Process Improvement, Project Execution, Project Planning, RACF (Resource Access Control Facility), Requirements Management, SQL (Structured Query Language), Security Architecture, Security Monitoring, Software Development, Sybase Product Family, Systems/Internals Programming, Team Player, Technical Analysis, Technical/Engineering Design, Test Design, Testing, Time Management, Unix Operating Systems, Web Browsers, Writing Skills
Role Requirement
The Mainframe Security team is seeking a senior RACF engineer to support mainframe security engineering, tooling, automation, and project execution. The ideal candidate will have deep hands-on experience with IBM RACF, IBM zSecure, and the broader IBM Z security ecosystem, with the ability to design, implement, and support security solutions across complex mainframe environments. This role requires strong analytical, organizational, and communication skills, as well as the ability to work independently with infrastructure, security, application development, and operations teams. The position may require occasional off-hours support for project implementations, production changes, and critical security initiatives.
Key Activities
Duties and responsibilities will include but are not limited to the following:
- Design, engineer, and support mainframe security initiatives related to authentication, authorization, encryption, privileged access, sensitive data protection, automation, reporting, utilities, and batch processes.
- Partner with Mainframe Security Architecture and Engineering teams to develop technical solutions, validate designs, perform testing, and support implementation.
- Support deployment of security solutions, including process changes, operational handoff, documentation, and training for security operations teams.
- Assess technical feasibility of proposed solutions and recommend approaches that meet security, operational, audit, and resiliency requirements.
- Collaborate with application development, security product owners, systems programming, database, CICS/MQ, business, and audit teams to gather requirements and implement effective security solutions.
- Create and maintain security monitoring, automation, and reporting solutions using tools such as IBM zSecure, Compliance Manager, Admin Express, multifactor authentication platforms, and key management capabilities.
- Monitor, analyze, and report on key performance indicators, control health, and operational trends; recommend preventative actions and process improvements as needed.
- Provide subject matter expertise on RACF, z/OS security controls, and mainframe security best practices to address questions, issues, audit inquiries, and project requirements.
Qualifications
- 10+ years of related experience as a RACF engineer, security engineer, or senior mainframe security administrator.
- Advanced hands-on knowledge of IBM RACF and IBM zSecure, including configuration, internals, reporting, administration, and engineering support.
- Proficiency with JCL, REXX, and CARLa for automation, reporting, utilities, and security tooling development.
- Experience with core z/OS utilities and facilities, including TSO, ISPF, SDSF, and related operational tooling.
- Working knowledge of database technologies and query tools such as DB2, Sybase, and SQL.
- Experience implementing and supporting mainframe authentication and encryption capabilities, including digital certificates, key management, multifactor authentication, and related controls.
- Broad understanding of z/OS infrastructure disciplines, including systems programming, storage, networking, UNIX System Services, CICS, DB2, performance, and enterprise tooling.
- Strong understanding of Identity and Access Management best practices, including least privilege, privileged access management, access certification, segregation of duties, and vulnerability management principles.
- Ability to work independently, manage competing priorities, and deliver results with limited oversight
- Strong project planning, organization, time management, and multitasking skills.
- Proficiency with Microsoft Office business applications, including Excel, Word, Access, and PowerPoint.
- Excellent verbal and written communication skills, with the ability to explain technical concepts to both technical and non-technical stakeholders.
- Collaborative team player who promotes a team-first mindset and contributes to an inclusive, respectful culture.
WHAT YOU CAN EXPECT FROM MORGAN STANLEY:
At Morgan Stanley, we raise, manage and allocate capital for our clients - helping them reach their goals. We do it in a way that's differentiated - and we've done that for 90 years. Our values - putting clients first, doing the right thing, leading with exceptional ideas, committing to diversity and inclusion, and giving back - aren't just beliefs, they guide the decisions we make every day to do what's best for our clients, communities and more than 80,000 employees in 1,200 offices across 42 countries. At Morgan Stanley, you'll find an opportunity to work alongside the best and the brightest, in an environment where you are supported and empowered. Our teams are relentless collaborators and creative thinkers, fueled by their diverse backgrounds and experiences. We are proud to support our employees and their families at every point along their work-life journey, offering some of the most attractive and comprehensive employee benefits and perks in the industry. There's also ample opportunity to move about the business for those who show passion and grit in their work.
To learn more about our offices across the globe, please copy and paste https://www.morganstanley.com/about-us/global-offices into your browser.
Expected base pay rates for the role will be between $120,000 and
$170,000 per year at the commencement of employment. However, base pay if hired will be determined on an individualized basis and is only part of the total compensation package, which, depending on the position, may also include commission earnings, incentive compensation, discretionary bonuses, other short and long-term incentive packages, and other Morgan Stanley sponsored benefit programs.
Morgan Stanley is an equal opportunity employer committed to building and maintaining a workforce that is diverse in experience and background. Our recruiting efforts reflect our strong commitment to a culture of inclusion, where individuals are hired, developed, and advanced based on their skills and talents.
Our workforce reflects a broad cross-section of the global communities in which we operate, bringing a variety of backgrounds, talents, perspectives, and experiences.
For more information, please visit: https://www.morganstanley.com/people-opportunities/eeo.