Application Developer Java

As part of transformation programs and the securing of application exchanges (APIs, microservices, internal/external services, partners), we are looking for a cybersecurity architect specialized in strong authentication for exchanges, covering both M2M flows (partners, internal services, microservices, etc.) and H2M flows (web/mobile applications consuming APIs).

The role focuses on bringing systems into compliance, designing, deploying, and operating strong authentication mechanisms based primarily on mTLS/mSSH, in close collaboration with security teams, network teams, cloud/onprem platforms, application teams, and API Management teams (API Gateway, including Apigee, integrated with a digital vault such as a Credential Management Server).

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your role and responsibilities

Ensure the design, implementation, and industrialization of secure exchanges. The role aims to guarantee a high level of requirements regarding:

Mutual authentication of machine identity using X509 v3 certificates / SSH keys (M2M) and user/machine identity (M2M via API).

Strong knowledge of PKI infrastructures, X509 v3 certificates, and SSH keys.

SSL/TLS/SSH protocols.

Use of tools to test and demonstrate that communications are mutually authenticated beforehand (OpenSSL, Curl, PowerShell, Unix shell, etc.).

Traceability, compliance, and related documentation.

Responsibilities

Architecture & design (H2M & M2M)

mTLS implementation & certificate management (including API Gateway)

Secrets, keys & automation

Security, compliance & operations

Expected deliverables

Technical documentation, especially on the "Authentication" of remediated applications.

Authentication standards & patterns for H2M/M2M (mTLS, OAuth2/OIDC, JWT, certificate/secret management).

UAT Books per application: procedures, signoff, expected/actual results (Excel format)

Applications equipped with strong authentication features, implemented, tested, validated, and deployed to production.

Required education

Master's Degree

Required technical and professional expertise

Technical skills (must-have)

Mastery of TLS / mTLS (handshake, chains, ciphers, troubleshooting).

PKI experience: CA, CRL/OCSP, rotation, revocation.

IAM knowledge.

Hands-on experience with secrets/keys management tools (Vault / KMS / HSM or equivalents).

API & integration environments: API Gateway (including Apigee), reverse proxy, WAF, PAM, EPM (depending on context).

Soft skills

Ability to simplify and guide application teams (dev, ops, SRE).

Rigor, attention to detail (crypto/TLS), "security by design" mindset.

Autonomy, analytical skills, results-oriented.

Preferred technical and professional experience

Profficiency of French language