Position- Apache Architect - 3000018491
Location- Palo Alto, CA
Duration- 6 Months
Rate- $145/hr – W2
Note from Client-
Apache Expert with experience in debugging and changes in module (Mod_jk and mod_proxy). Should have knowledge, how to deal with loading of Apache
Client is looking for a senior engineer with expertise in Apache development, change management, and deployment to work with our platform security engineering team and provide both technical and execution leadership for an Client-wide initiative to upgrade and harden our web-tier across all product lines. This position focuses on security and security engineering as it applies to the Client OnDemand platform, its software stack, and the underlying infrastructure. While the focus is on the web-tier, candidates must be familiar with how this fits into the overall landscape of a typical modern web application and be able to perform impact analysis and risk assessments for any changes that are proposed.
As our Apache expert and advisor, you will help drive the technical direction of our web-tier and collaborate with Client developers and architects on execution. Candidates must have a passion for engineering, have a track record for high-quality deliverables, and have experience working with globally distributed teams. The ability to debug and triage complex web server issues such as slow response times, request blocking, HTTP header mangling, and poor memory management are an absolute must.
Expectations and Tasks
- Review requirements and work with other security engineering staff on technical solutions
- Build knowledge of the Client Web Tier and help drive the secure hardening of the web stack
- Update and modernize Perl and shell code for webserver configuration changes if required
- Research changes in Apache releases and their impact
- Upgrade Apache builds to the latest version and triage any production issues resulting from the upgrade.
- Analyze Apache’s use of slotmem (mod_slotmem_shm) and reconfigure Arriba’s Apache development infrastructure to support running multiple apache instances on the same hardware without resource collisions.
- Evaluate and mitigate reported web-tier security vulnerabilities reported in penetration tests across the Client OnDemand products.
- Research, add, and configure new apache modules to improve telemetry and monitoring
- Have knowledge of TLS Protocols and their configuration in the web server
- Participate in our agile development process and participate in daily scrums.
- Review and debug Java code (HTTP Requests) as it pertains to web server access.
- Develop test cases to validate any and all changes to the web-tier
- Write documentation for any and all changes to the web-tier
- Mentoring of engineering staff to improve their ability to manage changes in Apache
- Demonstrate and review deliverables with senior leadership and product management
- Composure under Pressure, Ability to work in a high-pressure environment with tight deadlines.
- Ensure delivered functionality meets the requirements of external and internal stakeholders.
Education and Work Experience
- Bachelor’s degree in Computer Science, Engineering, Information Security or related field
- 10+ years professional experience in Software Development, DevOps, or LAMP stack administration
- Previous experience working with Apache deployments, configuration, and modules including: mod_jk, mod_proxy, mod_security, mod_unique
- Experience with Apache load balancing
- Experience with Apache security configurations including: Certificates, TLS, and Virtual Hosts
- Expert in Perl (Client Build System)
- Experienced in C and C++ (Apache Modules)
- Experienced in Java (Client Products)
- Ability to work in an agile development environment and capable of working effectively in cross-cultural global teams
- Excellent writing, communication, and presentation skills
- Strong analytical skills, results-oriented, customer-oriented attitude, good strategic and conceptual thinking skills
- Ability to present complex information in a clear and appealing manner
- Experience in cloud-based SaaS applications
- Experience with 3rd party security tools such as Vault, Consul, and Cloud HSMs is a plus.