RACF Security Administrator

A NYS authority located in downtown NY is looking for an experienced IAM Security Administrator with RACF experience to lead security hardening efforts and IAM governance initiatives. This is a 9-month contract and will require the consultant to work onsite. The role may allow for one day remote work in the future at the discretion of the manager.

This role combines technical expertise, project leadership, and strategic alignment with business and compliance requirements. The consultant remediation efforts, FIDO2 authentication rollout, identity governance enhancements, and business process alignment while ensuring the identity security.

Tasks:

Lead mainframe security remediation efforts, identifying and mitigating risks within RACF and IAM environments.

Enhance mainframe security controls, including enforcing Multi-Factor Authentication (MFA) and password complexity policies for high-security applications.

Oversee identity governance initiatives, ensuring compliance with industry regulations (NIST, ISO 27001, SOX, HIPAA).

Utilize Vanguard Security Suite to generate audit reports, analyze access violations, and implement remediation strategies.

Manage IAM projects related to FIDO2 authentication rollout, privileged access management (PAM), and risk mitigation.

Work closely with IT, compliance, and security teams to align business processes with IAM best practices.

Benchmark risk management practices in the transportation and government sectors to refine security frameworks.

Collaborate with service providers and vendors to ensure IAM solutions align with business needs.

Develop and maintain policies related to role-based access control (RBAC), access certifications, and risk assessments.

Assist in application security vulnerability assessments for new and existing mainframe/RACF applications.

Requirements:

Experience in RACF security hardening, remediation, and risk mitigation.

Strong IAM knowledge, including role-based access control (RBAC), privileged access management (PAM), and identity governance.

Hands-on experience with FIDO2 authentication, MFA implementation, and password policy enforcement.

Experience in Vanguard Security Suite for security auditing and compliance reporting.

Strong understanding of compliance frameworks (NIST, ISO 27001, PCI) and best security practices.

Experience leading IAM projects and collaborating with cross-functional teams to align security initiatives with business processes.

Excellent communication and project management skills, with experience working with service providers and vendors.

Ability to monitor and enforce risk mitigation strategies, working closely with compliance, IT leadership, and security teams.