Security Analyst - Contact - Frankfurt

Austin Fraser is working with one of their key clients based in Hampshire who are looking for a Lync Engineer (Level 2) for a 6 month+ contract. The main job purpose is to perform security analysis of architecture and design for various types of applications and networks. Further purpose is ISMS implementation and audits. Duties and responsibilities * Evaluation of projects' security requirements compliance status oReview design documents oConduct interview sessions * Risk identification, assessment and evaluation oIdentify security risks in project design oDetermine business impacts and risk likelihood oEvaluate risk responses and mitigation measures oAdminister the corresponding risk matrix oNegotiate a risk management plan and prepare sign off * Evaluate deployed security controls oReview low level documents with security impact (process documentation, low level designs, communucation matrices, operations handbooks oCoordinate security testing (planning, test criteria, scope) oEvaluate test results * Manage risks for transition in to production oAgree on review plan oAcquire management decision oSupport handover * ISMS oDesign and implement Information Security Management Systems oPerforming gap analysis oAuditing of ISMS design and implementation Qualifications The qualifications required to successfully perform the job include: * Proven track record of application security and/or risk management activities * Good knowledge of web security technology and principles * Experience in evaluating the security posture of enterprise systems (application servers,middleware e.g. JBOSS, Weblogic; web servers e.g. Apache and web formats, e.g. AJAX, JSON) * Knowledge of REST and SOAP APIs; authentication protocols (SAML) and concepts (SSO) * Good knowledge of network security technology and principles * Experience in evaluating the security posture of enterprise networks and networking systems(routers, switches, firewall gateways, IPS, database monitors) * Knowledge in ISO27001/2 implementation and auditing * Certification in relevant areas (ISO27001/5, ISO31000/31010, CISA, CISSP, CISM, NIST) a plus * Project management experience * Very good communication skills * Fluent (spoken and written) English If you have the right skills and experiences please send me your up to date CV immediately.