Senior Consultant - Information Security
As a Senior Consultant for The Courton Group,
Grace Studifin consults on a variety of information security topics,
policy & procedure development, project management, and mainframe
security implementation issues.
Ms. Studifin has over 35 years in the
information systems field with thirty of those years focusing on
mainframe systems programming, information security, and project
management. Prior to joining TCG as a Senior consultant, Ms.
Studifin worked as a consultant for several years with Financial
Services and Investment clients.
As a Senior Security Analyst for Prudential
Securities, she installed MQSeries security for five MQ subsystems
that were executing in a production environment. Also, all DB2
subsystems were converted from DB2’s internal security to RACF’s
security via IBM’s RACF/DB2 interface. This interfaced enabled DB2
to request and use RACF’s security classes and profiles for security
As a RACF Systems
programmer for the Depository Trust Clearing Corp, she re-designed
all RACF databases for role based security accesses. Ms. Studifin
wrote a SAS application that reported daily changes to the RACF
databases for Internal Auditing. She prepared and taught in-house
Ms. Studifin worked for the Metropolitan Life Insurance Company
where she was a Manager overseeing a staff of sixteen responsible
for mainframe security system administration. During that time she
participated in the conversion of MetLife’s security software from
Top Secret to ACF2, then from ACF2 to RACF.
She worked at the
Federal Reserve Bank in New York for many years in the capacity of
Computer Operator, Systems Analyst, and Systems Programmer. While
there she earned a BPS in Pre-Law and an MBA in Information Systems
at Pace University.
Ms. Studifin has been a SHARE volunteer since
1986. Her last five years she served as a Project Manager for
Share’s Security/Audit Project. This project was responsible for
securing and providing security education for the attendees of Share
for their biannually conferences.
Ms. Studifin served
on the SIFMA (Securities Industry and Financial Markets Association)
formerly SIA (Securities Industry Association) Lobbying Committee
which successfully lobbied the government to afford brokerage houses
the same exporting capabilities as banks with software containing
encryption. She was also a member of the ISSA (Information Systems
Ms. Studifin is
a frequent speaker at conferences on the topics of: RACF/DB2
Security; Securing MQSeries Using RACF; Loop Holes in Auditing MVS.
She has taught in-house training courses on JCL, MVS, JES2, SMP-E,
and system utilities.