Beschreibung
eSecurity - ISMS - Web Security - JBOSS - Weblogic - Web Servers - Apacge - AJAX - JSON - REST - SOAP - SAML - Firewalls - IPS - ISO - CISA - CISSP - CISM - NIST
Austin Fraser is working with one of their key clients based in Hampshire who are looking for a Lync Engineer (Level 2) for a 6 month+ contract.
The main job purpose is to perform security analysis of architecture and design for various types of applications and networks. Further purpose is ISMS implementation and audits.
Duties and responsibilities
* Evaluation of projects' security requirements compliance status
oReview design documents
oConduct interview sessions
* Risk identification, assessment and evaluation
oIdentify security risks in project design
oDetermine business impacts and risk likelihood
oEvaluate risk responses and mitigation measures
oAdminister the corresponding risk Matrix
oNegotiate a risk management plan and prepare sign-off
* Evaluate deployed security controls
oReview low level documents with security impact (process documentation, low level designs, communucation matrices, operations handbooks
oCoordinate security testing (planning, test criteria, scope)
oEvaluate test results
* Manage risks for transition in to production
oAgree on review plan
oAcquire management decision
oSupport handover
* ISMS
oDesign and implement Information Security Management Systems
oPerforming gap analysis
oAuditing of ISMS design and implementation
Qualifications
The qualifications required to successfully perform the job include:
* Proven track record of application security and/or risk management activities
* Good knowledge of web security technology and principles
* Experience in evaluating the security posture of enterprise systems (application Servers,Middleware eg JBOSS, Weblogic; web Servers eg Apache and web formats, eg AJAX, JSON)
* Knowledge of REST and SOAP APIs; authentication protocols (SAML) and concepts (SSO)
* Good knowledge of network security technology and principles
* Experience in evaluating the security posture of enterprise networks and networking systems(Routers, Switches, Firewall gateways, IPS, database monitors)
* Knowledge in ISO implementation and auditing
* Certification in relevant areas (ISO, ISO, CISA, CISSP, CISM, NIST) a plus
* Project management experience
* Very good communication skills
* Fluent (spoken and written) English
If you have the right skills and experiences please send me your up to date CV immediately.