DESCRIPTION OF THE TASKS Following tasks will be performed by external service provider: Architecture, design and implementation of the integration layer between backend systems and secure messaging software Provide expert advice on confidentiality, integrity, authorization, authentication, non repudiation, availability Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system Provide comprehensive guidance and consulting for the optimization of the integration layer Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software Testing applications against Business requirement and specifications Identification of bugs using exploratory testing LEVEL OF EDUCATION As stated in the Article 2.6.3.1. of DIGIT TM II Service requirements, a minimum educational qualification for lot 3 is: Level of education corresponding to Level 7 of the European Qualification Framework which typically corresponds to a master degree of 5 years. KNOWLEDGE AND SKILLS Following skills and knowledge are required for the performance of the above listed tasks: Architecture, design and implementation of the integration layer between backend systems and secure messaging software Provide expert advice on confidentiality, integrity, authorisation, authentication, non repudiation, availability Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system Provide comprehensive guidance and consulting for the optimisation of the integration layer Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software Document protection Good knowledge of digital signature and encryption with X509 certificates, Public Key Infrastructure (PKI) Good knowledge of the legal framework for the use of trust services: eIDAS Regulation, eIDAS Protocol Web Security Good knowledge of techniques used to secure Web applications: HTTP, TLS, Content Security Policy, Web Services (SOAP and REST), OAuth2, OpenID Connect, CAS protocol, OWASP, SAML, Spring Security At least one of the following areas: Integration & Monitoring Good knowledge of continuous integration techniques and tools: Jenkins, Teamcity, Git, SVN Good knowledge of testing tools: JUnit, Spock, SonarQube, Selenium WebDriver, JMeter, Gatling, SOAP UI Good knowledge of databases, directories and transactions: SQL, LDAP, ACID, XA Coarse Grained Authorization: Strong understanding of authorization models and implementation of coarse grained access control. Experience in managing high level access policies that apply across broad sets of resources, users, or systems. Familiarity with systems that use coarse grained authorization to define roles and access levels, particularly in enterprise or cloud environments. SPECIFIC EXP