Beschreibung
Sehr geehrte Damen und Herren,für unseren Kunden suchen wir einen Solution Architect API Security Design (m/w).
Start: 15.02.2016
Ende: 31.07.2016 ++
Location of work: Den Haag (Belgium)
Solution architect for API Security Design:
Security for Web APIs for internal and external Access; creation/verification of solution designs according to the security requirements
• Formalize the security requirements for various use cases and taking into account dependencies with ongoing initiatives such as:
o Definition of an IAM approach by the security team
o Selection of an API Management Platform
o Introduction of a Case Management System based on BeInformed technology, including a rules engine, requiring fine-grained access control based on the role an individual user has in a specific case.
• Design security architectures covering the use cases according to industry standards and best practices. Design decisions and their rational will be documented. The designs will cover authentication as well as coarse and fine-grained authorization and logging.
• Validate the security architectures through a proof of concept demonstrating how the architecture meets the security requirements in the various use cases
• Provide guidelines and reusable patterns supporting the current state as well as the future state including the implementation of an IAM system, an API management platform and an implemented Case Management system
• Provide a roadmap describing the transition from the current state to the future state.
Skills and experience:
Web architectures; Application Solution Architect: Senior knowledge; Security Architecture and Models; Englisch: Fluently (project language is English).
In Detail
• Minimum 5 years of experience in design of secure webAPIs
• Expert knowledge of federation technologies and protocols including
o Active Directory, Active Directory Federation Services
o Auth, SAML
• Expert knowledge of authentication standards such as Kerberos, SPNEGO
• Deep understanding of authorization mechanisms supporting fine-and coarse-grained authorization and externalization of authorization from business applications
• Profound knowledge and understanding of security architecture with at least 7+ years in application security
• Expert knowledge of J2EE technologies
• Expert knowledge of REST architectural constraints and development of Restful webservices
• Experience with externalizing authorization from Java applications through authorization engines and/or business rules engines
• Being active in a multi-cultural environment, the Contractor shall have a very good level of English (oral and written, e.g. C1). The knowledge of other EPO official languages (German and French) will be appreciated.
Sollten Sie uns hierbei unterstützen können, würden wir uns über die Zusendung Ihres aktuellsten CV's mit Angaben zu Ihrem Stundensatz und Ihrer Verfügbarkeit sehr freuen.
Freundliche Grüße aus Heidelberg
Sarah Wagner
Manager of Consultant Relations
Questax Heidelberg GmbH | Bergheimerstraße 147 | 69115 Heidelberg | http://www.questax.com
Telefon:
Fax:
Geschäftsführer: Ulrich Wantia
Registergericht: Amtsgericht Mannheim | HRB 721769