Application Developer Java
Descrierea postului
Introduction As part of transformation programs and the securing of application exchanges (APIs, microservices, internal/external services, partners), we are looking for a cybersecurity architect specialized in strong authentication for exchanges, covering both M2M flows (partners, internal services, microservices, etc.) and H2M flows (web/mobile applications consuming APIs). The role focuses on bringing systems into compliance, designing, deploying, and operating strong authentication mechanisms based primarily on mTLS/mSSH, in close collaboration with security teams, network teams, cloud/on‑prem platforms, application teams, and API Management teams (API Gateway, including Apigee, integrated with a digital vault such as a Credential Management Server).
Your Role And Responsibilities Ensure the design, implementation, and industrialization of secure exchanges. The role aims to guarantee a high level of requirements regarding: Mutual authentication of machine identity using X509 v3 certificates / SSH keys (M2M) and user/machine identity (M2M via API).
Strong knowledge of PKI infrastructures, X509 v3 certificates, and SSH keys.
SSL/TLS/SSH protocols.
Use of tools to test and demonstrate that communications are mutually authenticated beforehand (OpenSSL, Curl, PowerShell, Unix shell, etc.).
Traceability, compliance, and related documentation.
Responsibilities Architecture & design (H2M & M2M)
mTLS implementation & certificate management (including API Gateway)
Secrets, keys & automation
Security, compliance & operations Expected deliverables Technical documentation, especially on the “Authentication” of remediated applications.
Authentication standards & patterns for H2M/M2M (mTLS, OAuth2/OIDC, JWT, certificate/secret management).
UAT Books per application: procedures, sign‑off, expected/actual results (Excel format)
Applications equipped with strong authentication features, implemented, tested, validated, and deployed to production.
Required Technical And Professional Expertise
Technical skills (must-have) Mastery of TLS / mTLS (handshake, chains, ciphers, troubleshooting).
PKI experience: CA, CRL/OCSP, rotation, revocation.
IAM knowledge.
Hands-on experience with secrets/keys management tools (Vault / KMS / HSM or equivalents).
API & integration environments: API Gateway (including Apigee), reverse proxy, WAF, PAM, EPM (depending on context).
Soft Skills
Ability to simplify and guide application teams (dev, ops, SRE).
Rigor, attention to detail (crypto/TLS), “security by design” mindset.
Autonomy, analytical skills, results-oriented.
Preferred Technical And Professional Experience
Profficiency of French language
Te interesează acest rol?