TEKsystemsRemote
RBAC And RACF Engineer-Remote In Clients Footprint.
United States
Full-time
4 days ago
$55 - $65 USD
H1B Sponsor Likely
Key skills
RBACSailPoint IdentityIQIAMAccess GovernanceSecurity CertificationsMicroservicesSSO SolutionsActive DirectoryDocumentationAgilityProblem-solvingCommunicationAttention to DetailAWSAzureAzure ADOracleAuth0OktaLDAPSSOSplunkSaaSAgileRisk ManagementCollaboration
About this role
TEKsystems is a leading provider of business and technology services, and they are seeking an experienced Engineer to design, implement, and manage Role-Based Access Control (RBAC) solutions. The role focuses on ensuring secure, scalable, and compliant access management aligned with business requirements and security best practices.
Responsibilities:
- Design and implement RBAC models across enterprise applications, cloud platforms, and internal systems
- Define roles, permissions, and access policies aligned with business functions and least-privilege principles
- Collaborate with Security, DevOps, Infrastructure, and Application teams to integrate RBAC into systems and workflows
- Automate provisioning and de-provisioning of user access
- Conduct access reviews, audits, and compliance reporting
- Support integration with identity providers (IdP) and SSO solutions (e.g., Okta, Azure AD, Auth0)
- Implement and maintain access governance processes
- Troubleshoot access-related issues and ensure minimal operational disruption
- Document RBAC architecture, standards, and operational procedures
- Stay current with security standards, regulations, and IAM best practices
- Leads delivery and implementation of IAM technologies across the bank
- Ensure that identity & access management services are designed to be compliant with security and privacy standards and other industry standards and practices
- Consult with business units when implementing access for new systems
- Experience implementing RBAC in microservices or SaaS environments
- Experience with policy-as-code or fine-grained authorization systems (e.g., OPA, Cedar)
- Security certifications (CISSP, CISM, Azure/AWS Security certifications)
- Experience with access governance and entitlement review tools
Requirements:
- Experience in IAM, access governance, and enterprise security architecture
- Strong experience in designing and implementing RBAC models across enterprise applications, cloud platforms, and internal systems
- Ability to define roles, permissions, and access policies aligned with business functions and least-privilege principles
- Collaboration with Security, DevOps, Infrastructure, and Application teams to integrate RBAC into systems and workflows
- Experience in automating provisioning and de-provisioning of user access
- Conducting access reviews, audits, and compliance reporting
- Support integration with identity providers (IdP) and SSO solutions (e.g., Okta, Azure AD, Auth0)
- Implementing and maintaining access governance processes
- Troubleshooting access-related issues and ensuring minimal operational disruption
- Documenting RBAC architecture, standards, and operational procedures
- Staying current with security standards, regulations, and IAM best practices
- Leading delivery and implementation of IAM technologies across the bank
- Ensuring that identity & access management services are designed to be compliant with security and privacy standards and other industry standards and practices
- Consulting with business units when implementing access for new systems
- Experience implementing RBAC in microservices or SaaS environments
- Experience with policy-as-code or fine-grained authorization systems (e.g., OPA, Cedar)
- Security certifications (CISSP, CISM, Azure/AWS Security certifications)
- Experience with access governance and entitlement review tools
- Strong analytical and problem-solving skills
- Excellent communication and cross-functional collaboration
- Attention to detail
- Security-first mindset
- Ability to translate business requirements into technical access models
- Native RACF experience
- 6+ years of experience of implementing zSecure capabilities, including zAlert
- Experience with SIEM (SPLUNK) products for implementing reports and dashboards to support a Mainframe Governance program
- Experience with building out RACF reports in zSecure to support database authenticity
- Experience with onboarding and decommissioning applications into RACF structures
- Experience in IDAM solutions both on-premises and in the cloud
- Experience administering IDAM systems, access controls, security and risk management, as well as a security governance framework at scale
- Experience and understanding of various regulatory requirements and laws such as, but not limited to, Payment Card Industry (PCI), Federal Financial Institutions Examination Council (FFIEC), Sarbanes-Oxley (SOX), Health Information Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA)
- Extensive knowledge of SSO, MFA, Active Directory (AD), public key infrastructure (PKI), privileged accounts and integration application program interface (API) capabilities
- Track record acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
- Expert level knowledge of operating systems, e.g. Windows, Linux, & Unix
- Excellent customer facing communication skills (both written and verbal)
- Ability to research, evaluate, and devise course of action for security hardware/software and tools to make overall impact on the enterprise's existing security environment
- Experience with both Agile and Waterfall working methods
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
- Extensive knowledge of Active Directory (AD) and LDAP Directories (e.g., Oracle Directory, Novell/NetIQ eDirectory)