Seeking candidate who can be relied upon to monitor, update, and optimize 6 IIS and SQL servers. Examples of the work include the registry changes that were required to disable TLS 1.0 and SSL 2/3, disable Diffie-Hellman (DH) key exchange, etc.
The ideal candidate will understand the vulnerabilities that those patches were a necessary response to, and be able to make cost/benefit recommendations for patches (for example, TLS 1.0 is still used by a small fraction of web browsers... let's look at the logs and see how much revenue we will lose by disabling their ability to buy online).
A higher level objective is to operate in such a way that our clients' and their customers' data is secure, and our clients' websites maintain PCI compliance.
The ideal candidate for the job will assume responsibility for monitoring for and when necessary applying patches to our e-commerce platform, web and database servers.
The perfect applicant will also have experience (and a passion for) optimizing and troubleshooting. For example, how would you determine the limiting factor (bottleneck) between an IIS server's website querying a second server's SQL DB? Or why does the response time increase to nearly unacceptable every weekday at 10AM and 2PM Pacific Time? Fun stuff like that.
I will make myself available for a conversation to describe the background history of all clients and web properties.
I welcome questions. In fact, intelligent questions are one of the main deciding factors for who is chosen to interview.