Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Technical Architect Java
Eingestellt von Harvey Nash IT Recruitment Belgium
Gesuchte Skills: Java, Support, Client, Pure
Projektbeschreibung
Technical Architect for Java upgrade
Description
The Technical Architect will define the approach for the Java client upgrade project.
Responsibilities:
. Document the architecture aspects required to pass the "Go-for-Execution" project milestone
. Collect inputs
. Regarding security: from Security Governance as well as from Security Officers
. Regarding applications and user impact: Key Users, Application Owners and Data Managers of the different divisions
. Regarding IT: Packaging & distribution, Helpdesk,
. Consolidate the collected information into a coherent approach (communication/migration waves/exceptions, )/scope/schedule in collaboration with the project manager
. To be able to recommend the approach, the technical architect performs a study on the upgrade of JRE on the clients:
. Make an inventory of the blocking factors, preventing the company from simply removing the old JRE version from and installing the latest version for the full installed client computers base, like p.e.
Technical
. Critical 3rd party applications not compatible with the latest JRE version
. For custom development no general solution for application signing is currently available
. Organizational:
. Incomplete inventory of applications with application owners and key users
. Pinpoint out which are the incurred the security risks, related to JRE in the existing landscape, starting from a recent preliminary study
. Categorization of cases
. Native browser JRE (exposed to the Internet)
. Applications making use of the native browser
. Embedded JRE versions in applications and platforms
. Including the applications used by development and support teams
. Challenge the current viewpoint that JRE security risks incurred at the Server Side are relatively small
. Determine which generic cases are (not) compliant with the security policies in place at the company
Remark: The parameters for the categorization are not purely technical, p.e.: cost, user impact and size of the user base can also be considered
Define the project's impact on the community of a generic application: from development (package or custom) till end-users and support
To verify some assumptions, it might be needed to perform technical tests or contact vendors.
. Definition of the risk strategy and mitigation approach
. Investigate and validate alternative risk responses (avoidance/mitigation, )
. Recommend a risk approach per category
. Remark: the mitigations can go well beyond the pure JAVA context, like working out a solution for application signing through a certificate
Define the project approach for implementation and migration
Determine the technical deliverables like: required JRE packages, required mitigation infrastructure
Define the roles needed for the execution phase
Define the distribution strategy:
. allow users/groups to test and self-enrol the new version
. forced installation (with possibility to delay)
. Schedule: Definition of the waves such that risks are minimized
. Define a roll-back strategy
. Catch and analyse the risks related with the project approach:
. Only limited testing is considered
. Define the solution for the reporting of project's progress
. Indicate what is out of scope of the solution
. Document the "incompliances", already encountered in this phase
Skills & Previous Experience
. The Security Architect should have a firm background on JRE, JRE evolution and versions
. JRE versions and the new and deprecated features in v1.7 and v1.8
. Previous experience of JRE upgrades in large environments
. Good view on security risks related to JRE and on the possible mitigating controls
. Can work independently: takes initiatives and is persistent in chasing results
. Good communication skills: ideally in English, Dutch and French are an asset
Description
The Technical Architect will define the approach for the Java client upgrade project.
Responsibilities:
. Document the architecture aspects required to pass the "Go-for-Execution" project milestone
. Collect inputs
. Regarding security: from Security Governance as well as from Security Officers
. Regarding applications and user impact: Key Users, Application Owners and Data Managers of the different divisions
. Regarding IT: Packaging & distribution, Helpdesk,
. Consolidate the collected information into a coherent approach (communication/migration waves/exceptions, )/scope/schedule in collaboration with the project manager
. To be able to recommend the approach, the technical architect performs a study on the upgrade of JRE on the clients:
. Make an inventory of the blocking factors, preventing the company from simply removing the old JRE version from and installing the latest version for the full installed client computers base, like p.e.
Technical
. Critical 3rd party applications not compatible with the latest JRE version
. For custom development no general solution for application signing is currently available
. Organizational:
. Incomplete inventory of applications with application owners and key users
. Pinpoint out which are the incurred the security risks, related to JRE in the existing landscape, starting from a recent preliminary study
. Categorization of cases
. Native browser JRE (exposed to the Internet)
. Applications making use of the native browser
. Embedded JRE versions in applications and platforms
. Including the applications used by development and support teams
. Challenge the current viewpoint that JRE security risks incurred at the Server Side are relatively small
. Determine which generic cases are (not) compliant with the security policies in place at the company
Remark: The parameters for the categorization are not purely technical, p.e.: cost, user impact and size of the user base can also be considered
Define the project's impact on the community of a generic application: from development (package or custom) till end-users and support
To verify some assumptions, it might be needed to perform technical tests or contact vendors.
. Definition of the risk strategy and mitigation approach
. Investigate and validate alternative risk responses (avoidance/mitigation, )
. Recommend a risk approach per category
. Remark: the mitigations can go well beyond the pure JAVA context, like working out a solution for application signing through a certificate
Define the project approach for implementation and migration
Determine the technical deliverables like: required JRE packages, required mitigation infrastructure
Define the roles needed for the execution phase
Define the distribution strategy:
. allow users/groups to test and self-enrol the new version
. forced installation (with possibility to delay)
. Schedule: Definition of the waves such that risks are minimized
. Define a roll-back strategy
. Catch and analyse the risks related with the project approach:
. Only limited testing is considered
. Define the solution for the reporting of project's progress
. Indicate what is out of scope of the solution
. Document the "incompliances", already encountered in this phase
Skills & Previous Experience
. The Security Architect should have a firm background on JRE, JRE evolution and versions
. JRE versions and the new and deprecated features in v1.7 and v1.8
. Previous experience of JRE upgrades in large environments
. Good view on security risks related to JRE and on the possible mitigating controls
. Can work independently: takes initiatives and is persistent in chasing results
. Good communication skills: ideally in English, Dutch and French are an asset
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges