Job Description :
Job Title: Security Architect

Location: Baltimore, PA
Rate:$90/hr on CTC

Duration: 12+ Months



RESPONSIBLITIES:

· Architect developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions.

· Architect, design and implement monitor security measures related to computer networks and software testing and validation procedures, programming and documentation (AWS, Azure Cloud Security, Application Security, Vulnerability Management, Machine Learning, AI Sandboxing

· Develop plans and implement systems and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.

· Work autonomously in an area of specialization to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners.

· Implement and desi gn API Security, Container Security, AWS Cloud Security.

The candidate should be responsible for following activities:

· Define security mechanism to control identity federation for ”Perimeter API gateway” and “API gateway in the Middle” and implement prototype.

· Implement Mutual authentication SSL, VPN, IP whitelisting techniques and standards.

· Implement prototypes for API key, request & response logging, confidential data screening, PII data screening.

· Implement attributes, extension elements, encryption techniques (SH256, SH512, ECDSA for SAML 2.0, Oauth, OIDC , JWT.

· Implement enterprise wide Authentication for external clients using SAML to allow the following clients to access the API’s

a. Mobile Applications (Wawa and non-Wawa)

b. Client side Single Page Applications (using React JS, Angular, etc)

c. Server side application

d. 3rd Party hosted applications

· Internal Applications/Services, etcImplement Enterprise Wide Authorization for external clients using OAuth2 for

a. Mobile Applications (Wawa and non-Wawa)

b. Client side Single Page Applications (using React JS, Angular, etc)

c. Server side applications

d. 3rd Party hosted applications

e. Internal Applications/Services, etc

· Architect and Implement Active Directory / LDAP schema changes for internal, external users, devices , device types and reference LDIF files.

· Architect and Implement Token management for OIDC, JWT, OAuth with JWT.

· Architect and Implement delegated access control through oAuth2.o for API access and blueprinting.

· Architect and Implement SSL and PKI signatures based on the principle of zero trust for Internal and External Users/API Consumers

· Define Vulnerability Analysis with REST OWASP cheat sheet. Define and Implement Static and Dynamic Code Analysis based on OWASP top Ten

· Instrumentation for Security

· Implement the policies on the API Gateway to enable caching, Rate Limit policies (e.g. Quota, Spike Arrest, or Concurrent Rate Limit, DDoS mitigation

· Architecture and implement Secure Caching for API’s

· Define Principals, policies, guidelines, process, Automation for implementation

Client : confidential