- Company Name
- AlmavivA S.p.A.
- Job Title
- Security Architect
- Job Description
-
Please carefully read the job description before applying. Only shortlisted candidates who meet the requirements will be contacted.
DESCRIPTION OF THE TASKS:
Architecture, design and implementation of the integration layer between backend systems and secure messaging software
Provide expert advice on confidentiality, integrity, authorisation, authentication, non-repudiation, availability
Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system
Provide comprehensive guidance and consulting for the optimisation of the integration layer
Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software
LEVEL OF EDUCATION :
Bachelor or Master Degree
KNOWLEDGE AND SKILLS:
At least 7 years of specific expertise in Document Protection:
Good knowledge of digital signature and encryption with X509 certificates, Public Key Infrastructure (PKI)
Good knowledge of data containers: Associated Signature Containers (ASiC), gzip
Good knowledge of the legal framework for the use of trust services:
the Electronic Identification and Trust Services Regulation (eIDAS Regulation 910/2014/EC)
At least 7 years of specific expertise in Messaging:
Good knowledge of open standards for data and document exchange: ebMS3, AS4, SBDH, XHE
Good knowledge of open standards for service discovery: Business Document Metadata Service Location (BDXL), Service Metadata Publishing (SMP)
Good knowledge of message format standards: XML (min 7 years) XSD, XPATH, WSDL, JSON, JSON schema
Good knowledge of Business-to-Business (B2B) and Electronic Data
Interchange (EDI) and common data and document exchange patterns
At least 5 years of Specific Expertise in Web Security:
Good knowledge of techniques used to secure Web applications: HTTP, TLS, WS-Security, Content Security Policy, Web Services (SOAP and REST) min 7 years, OAuth2, OpenID, OWASP
AT LEAST ONE OF THE FOLLOWING AREAS:
BACKEND DEVELOPMENT (7 YEARS):
Excellent knowledge of backend development techniques: inheritance, polymorphism, SOLID principles, data types, concurrency, design patterns, unit testing
Excellent knowledge of the Java platform: garbage collection strategies, memory spaces, class loaders, serialization, multi-threading, syntax and semantics of the Java language, APIs of the Java Development Kit
Good knowledge of databases, directories and transactions: SQL, LDAP, ACID, XA
Enterprise java con JPA, JTA
Multitrading programming
AngularJS
Experience with Digital Signature: Eidas, Xades, Padex,
METHODOLOGY AND TOOLS:
Min 5 years of experience in the use of Atlassian collaborative tools (like Confluence and Jira) is required.
Experience with Agile development methodologies is a plus
Experience in working with the EU institutions is a plus
Delivery mode: Near Site (Brussels)
Deadline: 05/03/2024 at 11:30 AM (CET)
