Secure data and document exchange expert

DESCRIPTION OF THE TASKS

Following tasks will be performed by external service provider:

• Architecture, design and implementation of the integration layer between backend systems and secure messaging software

• Provide expert advice on confidentiality, integrity, authorization, authentication, non repudiation, availability

• Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system

• Provide comprehensive guidance and consulting for the optimization of the integration layer

• Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software

• Testing applications against Business requirement and specifications

• Identification of bugs using exploratory testing

LEVEL OF EDUCATION

As stated in the Article 2.6.3.1. of DIGIT-TM II Service requirements, a minimum educational qualification for lot 3 is: Level of education corresponding to Level 7 of the European Qualification Framework which typically corresponds to a master degree of 5 years.

KNOWLEDGE AND SKILLS

Following skills and knowledge are required for the performance of the above listed tasks:

-Architecture, design and implementation of the integration layer between backend systems and secure messaging software

-Provide expert advice on confidentiality, integrity, authorisation, authentication, non-repudiation, availability

-Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system

-Provide comprehensive guidance and consulting for the optimisation of the integration layer

-Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software Document protection

- Good knowledge of digital signature and encryption with X509 certificates, Public Key Infrastructure (PKI)

- Good knowledge of the legal framework for the use of trust services: eIDAS Regulation, eIDAS Protocol Web Security

- Good knowledge of techniques used to secure Web applications: HTTP, TLS, Content Security Policy, Web Services (SOAP and REST), OAuth2, OpenID Connect, CAS protocol, OWASP, SAML, Spring Security At least one of the following areas: Integration & Monitoring

- Good knowledge of continuous integration techniques and tools: Jenkins, Teamcity, Git, SVN

- Good knowledge of testing tools: JUnit, Spock, SonarQube, Selenium WebDriver, JMeter, Gatling, SOAP UI

- Good knowledge of databases, directories and transactions: SQL, LDAP, ACID, XA Coarse-Grained Authorization:

-Strong understanding of authorization models and implementation of coarse-grained access control.

Experience in managing high-level access policies that apply across broad sets of resources, users, or systems.

Familiarity with systems that use coarse-grained authorization to define roles and access levels, particularly in enterprise or cloud environments.

SPECIFIC EXPERTISE

Following specific expertise is mandatory for the performance of tasks:

- Min 1 year of experience in digital solution analysis in the frame of authentication systems

- 1 year of experience in analysis involving the use of data modelling techniques