RCAF Security Analyst

Security Analyst - Mainframe RACF
Location: Welwyn Garden City (Shire Park) - Hybrid Working
Function: Technology Security and Capability
Duration- fixed term contract - 6 months

About the role
We're seeking a skilled Mainframe Security Analyst to join a Security Operations & Detections team at one of the UK's leading retail organisations. You'll play a key role in protecting their mainframe environments by supporting security initiatives, maintaining access controls, and responding to security alerts.

Working closely with colleagues across Technology and the wider business, you'll help ensure their mainframe platforms remain secure, resilient, and well-controlled. This is a fantastic opportunity to contribute to large-scale enterprise security in a complex, high-impact environment.

What you'll be doing

• Responding to user requests and incidents in the RACF ticketing system.
• Reviewing and processing change requests for RACF access.
• Monitoring daily tasks and controls to maintain operational efficiency.
• Responding to mainframe security alerts.
• Administering RACF Role-Based Access Control (RBAC) and Privileged Access Management (PAM) systems.
• Managing access recertification with data owners.
• Creating and maintaining internal documentation, including runbooks, processes, and procedures.
• Supporting audit evidence and remediation activities.
• Assisting with incidents, investigations, and projects related to mainframe security.
• Recommending access rules and performing analysis, design, and testing of new or enhanced security functionality.
• Monitoring and maintaining RACF digital certificates.
• Supporting the installation of new applications within RACF and assisting with migrations of existing applications.

What you'll bring

• Extensive specialist knowledge of RACF / z/OS and related mainframe components.
• Strong understanding of mainframe security concepts and technologies.
• Experience using IBM zSecure (including z/Alert, Command Verifier, Access Monitor, RACF Offline, and CARLA reporting).
• Experience with mainframe languages such as JCL, REXX, CLIST, and ISPF.
• Experience installing new applications or migrating applications within RACF (desirable).
• Excellent documentation skills for technical processes and support materials.
• Strong problem-solving ability and attention to detail.
• Effective communicator who can work collaboratively across teams.
• Understanding of Role-Based Access Controls (RBAC) and ICFR controls (Sarbanes-Oxley).
• Experience managing and implementing digital certificates.
• Knowledge of RACF Remote Sharing Facility (RRSF) is an advantage.

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.

Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.

Please email me