Estimated Length: Open Ended Monday-Friday, 9:00am – 5:00pm (US Citizen or Green Card only)
Minimum Qualification Requirements
- A baccalaureate degree from an accredited college in computer science, information systems, engineering, mathematics or related field and six years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or
- A baccalaureate degree from an accredited college and ten years of satisfactory full-time experience related to enterprise architecture, solutions architecture, network architecture and/or IT infrastructure systems; or
- Education and/or experience which is equivalent to "1" or "2" above.
- Years of experience in developing large, multi-tiered applications as an application developer and security architect utilizing state of the art development architecture and tools.
- At least (2) full SDLC implementations of a multi-tiered application as an application and security architect with responsibility for application technical design and development.
- Hands on experience in developing secure Web and distributed architectures using Java/Unix based technologies.
- Solid hands-on experience in Java, Enterprise Java & Object Oriented concepts like JEE, JMS and EJBs.
- Extensive IT experience with n-tier, database and client server design/development.
- Experience with Web technologies including Servlets, JSP, and XML;
- Strong web and distributed systems design knowledge including JEE Design Patterns, Integration services with messaging servers and / or server components supporting web based JEE applications.
- Excellent skills in Oracle RDBMS. Should be proficient in SQL, able to author/analyze complex SQL for troubleshooting purposes.
- Hands-on proficiency in client side technologies like HTML, Java Script.
- Experience with integration technologies and good understanding of Relational Database Management Systems including architecting and designing for performance and scalability and working with Object to Relational Mapping schemes for distributed data access.
- Experience with best practices and methods of IT strategy, enterprise architecture and security architecture.
- Strong knowledge of software & web application security best practices.
- Working knowledge of application level vulnerabilities and penetration/vulnerability testing of applications.
- Deep knowledge and experience with the Java Security (java.security) package, Password Hashing, Digital Signatures, Secure Random, Signature Verification, (Symmetric) Encryption and Decryption.
- Knowledge of Java Cryptographic extensions and encryption protocols such as SSL and TLS and the Java and 3rd Party based implementation libraries and extensions (javax.crypto, IBMJCEFIPS etc.) to support them in large scale JEE applications.
- Strong knowledge of IAM architectures, products and tools and practical experience with implementing and integrating Identity and Access management into applications.
- Strong understanding of integration w/LDAP server for authentication.
- Proficiency in using and navigating in UNIX, preferably AIX.
- Strong ability to write new and modify existing shell scripts (KORN shell preferred).
- Experience with SCCS tools (Rational ClearCase .
- Understanding of standard SDLC methodologies (at minimum a knowledge of Rational Unified Process or Waterfall).
- Basic understanding of accounting and budgeting functions or financial management packages.
- Strong analytical skills.
- Excellent English communication (oral and written), interpersonal, and organizational skills.
- Strong business acumen, professional style/presence.
- Experience with any of the following is a PLUS:
- Strong background in accounting and/or budgeting packages
- IBM Rational Application Developer IDE
- MQSeries, DB2, Oracle PL/SQL
- Rational Clearquest/Clearcase, BMC Remedy
- Exposure to third party auditing and risk assessment methodologies
- Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities
- Expertise in static and dynamic security testing
- Exposure to IBM Tivoli Identity Manager, ITDI and WebSphere Portal.
- Develop new components and enhancements to the financial management systems framework and the FMS suite of applications - adhering to client and New York City development standards
- Author technical designs that capture all functional and non-functional requirements and present them at a level of detail by which a developer could: write application code, construct reports or compile configuration bundles.
- Ensure that the FMS application software and solutions deliverables, as designed and developed by the client & their vendors, meets the City's functional, nonfunctional (technical, performance, operability, maintainability) and security requirements by conducting reviews and formal evaluations of the vendor's solutions and development work for~, completeness, and adherence to industry standards for Web-based secure systems;
- Serve as an escalation point for the resolution of production application issues when application issues are encountered in the software during: 1) the online day by users and support staff and 2) in the evening during the execution of the batch cycle. The candidate will similarly support software test tracks in non-production application environments.
- Design and Execute technical tests as necessary to ensure that vendor and client software deliveries address the business, technical and security problems in a manner consistent with client standards for quality and completeness.
- Review and provide feedback on functional designs in terms of technical feasibility and impact on performance, operability, security and maintainability;
- Gather production operational and security requirements and incorporate the requirements into the code / scripts products authored by the client development team and Vendors. Coordinate with the Financial Systems Production Operations Units to implement new software processes into the staging and production environments.
- Serve as a primary application security contact for the FMS project during the planning, analysis, and design phases of projects.
- Monitor ongoing projects to verify that security components are built and deployed as originally designed and align with client and industry standards.
- Improve the security position of FMS applications by planning, designing and integrating security based application improvements.
- Evaluating and resolving security issues and non-compliance situations at the application level and beyond.
- Working with appropriate teams to assure that the FMS application is integrated with client and industry security standards, protocols· and requirements from the application (Java, JEE), application servers (WebSphere), messaging servers (WebSphereMQ), servers (mid-range, mainframe, virtual, appliance, etc.), OS (AIX, Linux etc.), network (firewalls, etc.), data store (LDAP, Oracle).
- Assure that the FMS application adheres to standards for authentication mechanisms, authorization procedures, auditing/logging, and user administration and access control.