Job description

Security Business Analyst bridges security architecture and engineering delivery by translating high-level security requirements into structured implementation plans, actionable task breakdowns, and controlled documentation artifacts.

Key responsibilities:

- Break down security initiatives into detailed task sets

- Coordinate implementation tracking

- Ensure traceability between requirements and delivery

- Facilitate communication between security, infrastructure, and engineering

- Ensure documentation remains current and audit-ready

- Produce and continuously update security design documentation and implementation records

Required experience:

- 3+ years in IT business analysis or cybersecurity coordination role

- Experience translating architecture designs into implementation tasks

- Demonstrable experience producing and maintaining technical and procedural documentation

- Experience working with security and infrastructure teams

- Experience in regulated environments preferred

Technical skills:

- Requirements elicitation and documentation

- Work Breakdown Structure (WBS) development

- Backlog structuring (Jira/Azure DevOps)

- Traceability matrix (requirement → control → task)

- Security control mapping (ISO/NIST/internal standards)

- Cross-functional workshop facilitation

Skills

Education:

Bachelor’s degree in Computer Science, Information Security or related field, or equivalent

practical experience.

Language: Professional working proficiency in English.

6. Required Knowledge [NIST SP 800-181 Rev.1 – NICE Framework Components v2.1.0]

7. Required Skills [NIST SP 800-181 Rev.1 – NICE Framework Components v2.1.0]

8. Hiring Profile

Core Work Activities [NIST SP 800-181 Rev.1 – NICE Framework Components v2.1.0]

Role Objective [NIST SP 800-181 Rev.1 – NICE Framework Components v2.1.0]

- Analyze cybersec. requirements and translate them into actionable implementation tasks. [OV-WRL-002; T0215]

- Translate proposed capabilities into technical requirements. [DD-WRL-002; T0542]

Translates security and infrastructure architecture requirements into structured implementation plans, actionable work breakdown structures, and traceable task sets. Ensures alignment between security architecture intent,

engineering execution, and regulatory expectations. [OV-WRL-002, DD-WRL-002]

- Develop and maintain documentation supporting cybersecurity initiatives. [OV-WRL-002; T0196]

- Integrate organizational objectives into security design artifacts. [DD-WRL-002; T1027]

- Support development of cybersecurity policies and procedural alignment. [OV-WRL-002; T0510]

- Coordinate stakeholders and facilitate cybersecurity-related communication. [OV-WRL-002; T0266]

- Knowledge of risk management processes. [OV-WRL-002; K0675]

- Knowledge of cybersecurity policies and procedures. [OV-WRL-002; K0677]

- Knowledge of cybersecurity principles and architecture practices. [DD-WRL-002; K0680]

- Knowledge of networking and system design concepts. [DD-WRL-002; K0674]

- Skill in documentation and process formalization. [OV-WRL-002; S0022]

- Skill in requirements analysis. [OV-WRL-002; S0370]

- Skill in analyzing enterprise IT architecture documentation. [OV-WRL-002; S0383]

- Skill in applying technologies into proposed solutions. [DD-WRL-002; S0551]