[ad_1]

Functie
Architect

Expertise
Active Directory, Api, Java

Werkzaamheden
Security Solution Architect

Startdate: asap
Duration: 6 months
Location: the Hague

In the area of API security design, the Contractors solution architecture services shall:
· Formalize the security requirements for the various use cases mentioned below and taking into account dependecies with ongoing initiatives such as:
o Definiotion of an IAM approach by the CIO Office security team
o Selection of an API Management Platform
o Introduction of a Case Management System based on Beinformed Technolog, including a rules engine, requiring fine-grained access control based on the role an individual user has in a specific case.
· Design security architectures covering the use cases according to industry standards and best practices. Design decisions and their rational will be documented. The designs will cover authentication as well as coarse and fine-grained authorization and logging.
· Validate the security architectures through a proof of concept demonstrating how te architecture meets the security requirements in the various use cases.
· Provide guidelines and reusable patterns supporting the current state as well as the future state including the implementation of an IAM system, an API management platform and an implemented Case Management system.
· Provide a roadmap describing the transition from the current state to the future state.

For API security, the Contractors staff shall be able to demonstrate knowledge and experience in the following areas:
· Minimum 5 years of experience in design of secure WebAPI’s
· Expert knowledge of federation technologies and protcols including:
o Active directory. Active Directory Federation Services
o oAuth, SAML
· Expert knowledge of authentication standards such as Kerberos, SPNEGO.
· Deep understanding of authorization mechanisms supporting fine- and coarse- grained authorization and externalization of authorization from business applications.
· Profound knowledge and understanding of security architecture with at least 7 + years in application security.
· Expert knowledge of J2EE technologies.
· Expert knowledge of REST architectural constraints and development of Restfull web services.
· Experience with externalizing authorization from Java applications through authorization engines and/or business rule engines.
· A very good level of English.

Interested? Please response with recent cv, motivation and hourly rate.

Bijzonderheden

Regio
Nederland – Zuid-Holland

Startdatum
zsm

Duur
6 maanden

Referentienr.
30160217

[ad_2]

Source link