Previous Job
Previous
Application Framework & Security Architect
Ref No.: 18-19847
Location: New York, New York
Job Description
The client has a vacancy for an Application Framework and Security Architect, for the Financial Management System (FMS), an Enterprise Resource Planning (ERP) System for the City of New York. The FMS Application Framework and Security Architect will report to the Asst. Exec Director of Financial Technical Systems. The Architect position is a role in the Application Framework Standards and Security Services team that works closely with the Technical Systems IT and Vendor IT teams to assure that the application framework meets industry and business standards as well as integrate security throughout the software development lifecycle. The architect is responsible for assuring the design, implementation and operation of products and technologies adheres to applicable business, application framework and security standards and practices. The Architect will also be responsible for FMS application software security assurance by working with governance entities within the organization to assure continuous improvement and adherence to Policies, Standards, Requirements and Guidelines.
The primary role / tasks of the Application Framework and Security Architect include, but are not necessarily limited to, the following:
• Develop new components and enhancements to the financial management systems framework and the FMS suite of applications - adhering to client and New York City development standards
• Author technical designs that capture all functional and non-functional requirements and present them at a level of detail by which a developer could: write application code, construct reports or compile configuration bundles.
• Ensure that the FMS application software and solutions deliverables, as designed and developed by client and by client's vendors, meets the City's functional, nonfunctional (technical, performance, operability, maintainability) and security requirements by conducting reviews and formal evaluations of the vendor's solutions and development work for~, completeness, and adherence to industry standards for Web-based secure systems;
• Serve as an escalation point for the resolution of production application issues when application issues are encountered in the software during: 1) the online day by users and support staff and 2) in the evening during the execution of the batch cycle. The candidate will similarly support software test tracks in non-production application environments.
• Design and Execute technical tests as necessary to ensure that vendor and client software deliveries address the business, technical and security problems in a manner consistent with client standards for quality and completeness.
• Review and provide feedback on functional designs in terms of technical feasibility and impact on performance, operability, security and maintainability;
• Gather production operational and security requirements and incorporate the requirements into the code / scripts products authored by the FISA development teamand Vendors. Coordinate with the Financial Systems Production Operations Units to implement new software processes into the staging and production environments.
• Serve as a primary application security contact for the FMS project during the planning, analysis, and design phases of projects.
• Monitor ongoing projects to verify that security components are built and deployed as originally designed and align with client and industry standards.
• Improve the security position of FMS applications by planning, designing and integrating security based application improvements.
• Evaluating and resolving security issues and non-compliance situations at the application level and beyond.
• Working with appropriate teams to assure that the FMS application is integrated with client and industry security standards, protocols· and requirements from the application (Java, JEE), application servers (WebSphere), messaging servers (WebSphereMQ), servers (mid-range, mainframe, virtual, appliance, etc.), OS (AIX, Linux etc.), network (firewalls, etc.), data store (LDAP, Oracle).
• Assure that the FMS application adheres to standards for authentication mechanisms, authorization procedures, auditing/logging, and user administration and access control.

Qualifications
• Hands-on proficiency in client side technologies like HTML, Java Script. • Experience with integration technologies and good understanding of Relational Database Management Systems including architecting and designing for performance and scalability and working with Object to Relational Mapping schemes for distributed data access. • Experience with best practices and methods of IT strategy, enterprise architecture and security architecture. • Strong knowledge of software & web application security best practices. • Working knowledge of application level vulnerabilities and penetration/vulnerability testing of applications. • Deep knowledge and experience with the Java Security (java.security) package, Password Hashing, Digital Signatures, Secure Random, Signature Verification, (Symmetric) Encryption and Decryption. • Knowledge of Java Cryptographic extensions and encryption protocols such as SSL and TLS and the Java and 3rd Party based implementation libraries and extensions (javax.crypto, IBMJCEFIPS etc.) to support them in large scale JEE applications. • Strong knowledge of IAM architectures, products and tools and practical experience with implementing and integrating Identity and Access management into applications. • Strong understanding of integration w/LDAP server for authentication. • Proficiency in using and navigating in UNIX, preferably AIX. • Strong ability to write new and modify existing shell scripts (KORN shell preferred). • Experience with SCCS tools (Rational ClearCase . • Understanding of standard SDLC methodologies (at minimum a knowledge of Rational Unified Process or Waterfall).
• Basic understanding of accounting and budgeting functions or financial management packages. • Strong analytical skills. • Excellent English communication (oral and written), interpersonal, and organizational skills. • Strong business acumen, professional style/presence. • Experience with any of the following is a PLUS: o Strong background in accounting and/or budgeting packages o IBM Rational Application Developer IDE o MQSeries, DB2, Oracle PL/SQL o Rational Clearquest/Clearcase, BMC Remedy o Exposure to third party auditing and risk assessment methodologies o Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities o Expertise in static and dynamic security testing o Exposure to IBM Tivoli Identity Manager, ITDI and WebSphere Portal.