• Years of experience in developing large, multi-tiered applications as an application developer and security architect utilizing state of the art development architecture and tools.
• At least (2) full SDLC implementations of a multi-tiered application as an application and security architect with responsibility for application technical design and development.
• Hands on experience in developing secure Web and distributed architectures using Java/Unix based technologies.
• Solid hands-on experience in Java, Enterprise Java & Object Oriented concepts like JEE, JMS and EJBs.
• Extensive IT experience with n-tier, database and client server design/development.
• Experience with Web technologies including Servlets, JSP, and XML;
• Strong web and distributed systems design knowledge including JEE Design Patterns, Integration services with messaging servers and / or server components supporting web based JEE applications.
• Excellent skills in Oracle RDBMS. Should be proficient in SQL, able to author/analyze complex SQL for troubleshooting purposes.
• Hands-on proficiency in client side technologies like HTML, Java Script.
• Experience with integration technologies and good understanding of Relational Database Management Systems including architecting and designing for performance and scalability and working with Object to Relational Mapping schemes for distributed data access.
• Experience with best practices and methods of IT strategy, enterprise architecture and security architecture.
• Strong knowledge of software & web application security best practices.
• Working knowledge of application level vulnerabilities and penetration/vulnerability testing of applications.
• Deep knowledge and experience with the Java Security (java.security) package, Password Hashing, Digital Signatures, Secure Random, Signature Verification, (Symmetric) Encryption and Decryption.
• Knowledge of Java Cryptographic extensions and encryption protocols such as SSL and TLS and the Java and 3rd Party based implementation libraries and extensions (javax.crypto, IBMJCEFIPS etc.) to support them in large scale JEE applications.
• Strong knowledge of IAM architectures, products and tools and practical experience with implementing and integrating Identity and Access management into applications.
• Strong understanding of integration w/LDAP server for authentication.
• Proficiency in using and navigating in UNIX, preferably AIX.
• Strong ability to write new and modify existing shell scripts (KORN shell preferred).
• Experience with SCCS tools (Rational ClearCase .
• Understanding of standard SDLC methodologies (at minimum a knowledge of Rational Unified Process or Waterfall).
• Basic understanding of accounting and budgeting functions or financial management packages.
• Strong analytical skills.
• Excellent English communication (oral and written), interpersonal, and organizational skills.
• Strong business acumen, professional style/presence.
• Experience with any of the following is a PLUS:
o Strong background in accounting and/or budgeting packages
o IBM Rational Application Developer IDE
o MQSeries, DB2, Oracle PL/SQL
o Rational Clearquest/Clearcase, BMC Remedy
o Exposure to third party auditing and risk assessment methodologies
o Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities
o Expertise in static and dynamic security testing
o Exposure to IBM Tivoli Identity Manager, ITDI and WebSphere Portal.