Calsep is market leading in the area of phase equilibrium software for the global oil and gas industry. We are looking for a consultant that can help with the security and some operational aspect of this transition.

Calsep is currently exposing a calculation engine as a Web Service. Performance and Security are critical factors. We have come a long way on the former but need help with establish the best practice for the latter.

Calsep is looking for one (or more) consultant that can assist with advice, review and actual prototyping (initial implementation) of the following tasks LIMIT 1;

A) Authentication/security model around Web API
- We are looking best (inexpensive) way to do authentication.
- Alternatives to OAuth2, which we have currently implemented
- Should be a person with extensive experience with OAuth, AAD and alternative authentication and authorization methods (eg username/password).

B) Define a versioning strategy for our WEB API
- Our business case differs from pure REST API's in that supporting multiple versions/revision on the same servers instances are not feasible.
- We expect a person with experience with WEB API's with several versions in co-existence

C) Optimal Azure Monitor solution
- Someone that knows Azure Analytics and Monitor in detail
- Someone that knows typical standards used for logging customer data, which we can use to convince clients we use “best practice” to log and handle their data.
- We need to know the methods for logging, so we are able to write license agreement language about how we do logging.

D) Setting up monitoring of API's and related resources in Azure Portal with warning etc
- Alternatively a on-prem solution with help from relevant Azure API
- We need to establish alerts and boards that gives good overview and detechs health problems
- The solution should scale to support more API's and several versions deployed in parallel
- The requires a person with knowledge of Cloud operations

E) Making sure we obey to security standards for handle customer data
- We have a caching proprietary system for caching user data to maximize performance.
- We need to make sure our system follows industry “best practice” standards for handling customer data, including making sure that one customer’s data will not be exposed to other customers.
- We need to isolate the user data from each other, so we can explain to clients we use proper methods for handling their data. We need to know the methods for data storing and data isolation, so we are able to write license agreement language explaining how we handle customer data.

We estimate the required time for each topic on the order of 1 month - this is TBD with candidate(s).
Ideally we want one, max two consultants to cover all the above.
So, if you cover only some of the above tasks please feel free to contact us anyway.

We would like you to be able to work with us at least 3 days a week, and it would be possible for you to work up to 37 hours a week if it suits you.

For applications and questions please contact Calsep Head of Software development Christian Jensen on *******@********.**