# 14. Secure data and document exchange expert *Nature of the tasks* * Architecture, design and implementation of the integration layer between backend systems and secure messaging software * Provide expert advice on confidentiality, integrity, authorisation, authentication, non-repudiation, availability * Assist the team to test and conduct periodic vulnerability and security risk assessments of the messaging and data transfer system * Provide comprehensive guidance and consulting for the optimisation of the integration layer * Participate to the maintenance of technical specifications related to transport and messaging protocols and their implementation in software *Education* : EQF 7 *Specific expertise and technologies* * **Document protection** * Good knowledge of digital signature and encryption with X509 certificates, Public Key Infrastructure (PKI) * Good knowledge of data containers: Associated Signature Containers (ASiC), gzip * Good knowledge of the legal framework for the use of trust services: the Electronic Identification and Trust Services Regulation (eIDAS Regulation 910/2014/EC) * **Messaging** * Good knowledge of open standards for data and document exchange: ebMS3, AS4, SBDH, XHE * Good knowledge of open standards for service discovery: Business Document Metadata Service Location (BDXL), Service Metadata Publishing (SMP) * Good knowledge of open standards for party identification: ebCore Party Id Type * Good knowledge of message format standards: XML, XSD, XPATH, WSDL, JSON, JSON schema * Good knowledge of discovery and service location technologies: DNS (NAPTR, CNAME), DNSSEC * Good knowledge of Business-to-Business (B2B) and Electronic Data Interchange (EDI) and common data and document exchange patterns **Web Security** * Good knowledge of techniques used to secure Web applications: HTTP, TLS, WS-Security, Content Security Policy, Web Services (SOAP and REST), OAuth2, OpenID, OWASP * At least one of the following areas: * **Backend development** * Good knowledge of backend development techniques: inheritance, polymorphism, SOLID principles, data types, concurrency, design patterns, unit testing * Good knowledge of the Java platform: garbage collection strategies, memory spaces, class loaders, serialization, multi-threading, syntax and semantics of the Java language, APIs of the Java Development Kit * Good knowledge of databases, directories and transactions: SQL, LDAP, ACID, XA * **Mobile development** * Good knowledge of mobile development techniques: Android/Java & Kotlin, iOS/Swift, Key Attestation * **Integration & Monitoring** * Good knowledge of continuous integration techniques and tools: Jenkins, TeamCity, Bamboo, GIT, SVN * Good knowledge of testing tools: SonarQube, Selenium WebDriver, Serenity, TestLink, JMeter * Good knowledge of databases, directories and transactions: SQL, LDAP, ACID, XA * Good knowledge of monitoring tools: Dynatrace, Splunk **Containerisation** * Good knowledge of containerisation tools: Docker, Kubernetes * **Infrastructure** * Good knowledge of operations including networking, hardware and operating systems: TCP/IP, Linux, databases, directories, shell scripts, virtualisation, load balancers, reverse proxies, web application firewalls, HSM, TPM * **Management** * Knowledge of project management and software development methodologies: OpenPM2, SCRUM, Extreme Programming **Methodology and Tools** * Experience in the use of Atlassian collaborative tools (like Confluence and Jira) is required * Experience with Agile development methodologies is a plus * Experience in working with the EU institutions is a plus *Certification and/or Standards* * Not applicable *Skills* * Ability to work autonomously, managing his/her own workload independently, providing status updates, liaising with others and escalating issues as appropriate * Ability to write clear and structured documents * Ability to give technical presentations * Ability to apply high quality standards * Ability to cope with fast-changing technologies used in application architecture and design * Ability to participate in multi-lingual (French and/or English) meetings * Good communication skills * Ability to integrate in an international/multi-cultural environment *On-call services foreseen for this profile :* Yes --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://doc.montoyer.com/framework-contracts/digit-tm-ii/digit-tm-ii-profiles-description/14.-secure-data-and-document-exchange-expert.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.