Description
Business Analyst Information Security
We are looking for contractors with combined Business Analyst and Information Security skills and background.
Candidates shall be able to write down information security requirements in various security areas (eg Identity Access Management, Network Security) the same way as business requirements are written. They shall be able to translate and adapt recognized market information security standards and policies into information security requirements applicable to the organization according to the risk appetite.
+5 years as Business Analyst and +3 in Information Security are required.
ISACA CISM or equivalent certification is required.
Pas exposure to recognised market information security standards and policies such as ISO, SANS, NIST is preferable.
Other information security, risk and governance certifications are a plus.
Fluent in spoken and written English is mandatory.
Your Profile:
Cyber Resilience Programme Security Business Analyst.
Working on Cyber Security and Resilience projects (Identity Access Management, Network Security, Data Loss Prevention,) and as part of the delivery team you:
Are in charge of pre-studies and project initiation:
o Identify, shape and document solutions (organisation, process and technology, application, tool) by addressing security requirements;
o Agree on and document security requirements with Stakeholders;
o Contribute to definition of project deliverables and best approach;
o Elaborate business cases supporting project proposals.
Actively collaborating with security, business, application and technical architects:
o Responsible for the rationale leading to the solution design, providing clear and consistent high level and detailed risk based requirements;
o Studying architecture/platform;
o Identifying integration issue;
o Ensuring solutions are fit for purpose, meeting business needs and requirements, are pragmatic and efficient.
o Design and document processes, governance, guidelines.
o Contribute to translate requirements in sustainable and fit for purpose policies and standards.
Work closely with internal and external stakeholders and suppliers:
o Leading collaborative working sessions with peers to ensure that:
o Solution capabilities and architecture enable business, and contribute to the Enterprise strategic security architecture;
o All solutions are complete, operable, conform to business processes and meet the business needs with the agreed quality of service;