Business Analyst

We are seeking a detail-oriented and analytical Business Analyst with cybersecurity expertise to support the planning, implementation, and optimization of our information security initiatives. This role serves as a critical link between technical cybersecurity teams and business stakeholders, ensuring alignment between security goals and organizational priorities.

Key Responsibilities:

• Work with stakeholders to gather, document, and analyze cybersecurity requirements for new and existing systems.
• Collaborate with IT, engineering, and compliance teams to identify and mitigate security risks.
• Translate complex technical security requirements into understandable business language.
• Support risk assessments, threat modeling, and compliance audits (e.g., ISO 27001, GDPR, NIST).
• Assist in the creation and refinement of security policies, procedures, and control documentation.
• Conduct gap analysis and recommend process improvements in cybersecurity practices.
• Prepare clear and actionable business and functional requirements for security tools and services (e.g., SIEM, IAM, DLP).
• Facilitate communication between non-technical stakeholders and technical security teams.
• Track and report on KPIs related to cybersecurity posture, incident trends, and compliance efforts.

Requirements:

• Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field.
• 6-8 years of experience as a Business Analyst, with at least 1–2 years in a cybersecurity or risk-related domain.
• Solid understanding of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements.
• Proficient in requirements gathering, process mapping, and documentation.
• Experience with tools such as Jira, Confluence, Microsoft Visio, and GRC platforms.
• Excellent communication, stakeholder management, and problem-solving skills.

Preferred Qualifications:

• Certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Business Analysis Professional (CBAP), or CompTIA Security+.
• Familiarity with data privacy laws and regulations (e.g., GDPR, HIPAA).
• Experience in Agile/Scrum environments.