Role Description:
We are seeking a Senior Cybersecurity Expert with a strong technical background in IT security and experience working in large, complex, hybrid IT environments. The ideal candidate will have domain expertise in at least 5 key cybersecurity areas, such as UAM (User Access Management), SOAR, SIEM, Threat Intelligence, EDR, RBAC (Role-Based Access Control), Cloud Security, Encryption Methods, AI/ML in Cybersecurity, and regulatory compliance frameworks (e.g., NIST, GDPR, ISO).
As a Senior, you will act as a bridge between business and technical teams, ensuring that security needs are clearly communicated and aligned with business objectives. You will be instrumental in defining security requirements, assessing risks, improving security processes, and supporting security project delivery within a large organizational context.
Key Accountabilities & Responsibilities:
Business Cybersecurity Alignment:
- Work closely with business stakeholders, IT security teams, and cross-functional teams to ensure cybersecurity initiatives align with the organizations broader business goals.
- Translate business needs into technical security requirements that can be effectively executed by the security and IT teams.
Requirements Gathering & Documentation:
- Collect and document detailed business requirements for cybersecurity projects and initiatives, ensuring security requirements are clearly articulated for technical implementation.
- Prepare clear, concise documentation such as functional requirements, risk assessments, security processes, and workflows for new security programs and enhancements.
Risk Analysis & Security Assessments:
- Conduct risk assessments in the context of hybrid IT environments (cloud, on-premises, and edge) to identify security gaps and vulnerabilities.
- Collaborate with security teams to evaluate existing security controls and recommend solutions to mitigate identified risks, balancing business needs with security requirements.
Cybersecurity Frameworks & Compliance:
- Ensure that all business and technical security requirements comply with relevant regulatory compliance frameworks (e.g., NIST CSF, ISO 27001, GDPR, HIPAA).
- Support audits and compliance assessments, identifying any gaps between current practices and regulatory standards. (must have)
Security Process Improvement:
- Identify opportunities for process improvements within the cybersecurity function, including streamlining security incident response, access management processes, and threat detection workflows.
- Develop business cases for proposed security improvements, including cost-benefit analyses and risk assessments.
- The Business Analyst will have comprehensive responsibilities spanning multiple cybersecurity domains, and should have expertise in
at least 5 of the following areas
SIEM Sentinel & Security Operations:
- Manage and optimize SIEM solutions, particularly Sentinel, for effective monitoring, incident detection, and security event correlation across hybrid environments.
- Collaborate with security operations teams to ensure proper configuration, tuning, and reporting within SIEM platforms to support proactive threat management.
Security Tools & Technology Integration:
- Work with security teams to implement and optimize security tools such as SIEM (e.g., Splunk, Microsoft Sentinel), EDR (e.g., CrowdStrike, MS Purview/Defender), SOAR platforms, CASB (Cloud Access Security Broker), and Threat Intelligence systems.
- Help define and document requirements for the integration of cybersecurity tools into the broader security ecosystem.
User Access Management (UAM) & RBAC:
- Work closely with identity and access management teams to ensure the implementation of UAM and RBACsystems that align with the organization's security policy and business requirements.
- Support the development of processes for managing user roles, privileges, and access rights across enterprise systems.
Cloud & Encryption Security:
- Ensure that security policies and controls are applied across both on-premises and cloud environments(AWS, Azure, Google Cloud), addressing challenges related to cloud security, data encryption, and access management.
- Collaborate with technical teams to implement strong encryption methods for data-in-transit, data-at-rest, and data-in-use in line with organizational security policies.
AI & ML in Cybersecurity: (Good to have)
- Contribute to the use of AI/ML technologies to enhance threat detection, anomaly identification, and predictive analytics within the organization’s security operations.
- Collaborate with data scientists and security teams to define requirements for AI/ML-based security models and incident response automation.
SOAR Integration & Incident Response:
- Assist with the integration of Security Orchestration, Automation, and Response (SOAR) solutions into the incident response lifecycle to streamline response times and automate repetitive tasks.
- Support the continuous improvement of incident response procedures and playbooks, ensuring a consistent, rapid, and efficient approach to security incidents.
Stakeholder Communication & Reporting:
- Regularly communicate project status, risks, and mitigation plans to senior leadership, business stakeholders, and technical teams.
- Translate complex technical concepts and security strategies into business-friendly language for non-technical stakeholders, ensuring full understanding of key security issues.
Training & Awareness:
- Help develop training materials, security guidelines, and awareness programs to ensure that staff are educated on security best practices and compliance requirements.
- Facilitate knowledge transfer sessions with technical teams to ensure the effective implementation of new security initiatives.
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Business Administration, or related field.
- At least 7-10 years of experience as a Expert Business Analyst in IT Security, with at least 2-3 years of direct experiencein cybersecurity-related projects.
- Domain knowledge in at least 5 key areas such as:
- UAM (User Access Management)
- SOAR (Security Orchestration, Automation, and Response)
- SIEM (Splunk, Sentinel)
- Threat Intelligence
- EDR (CrowdStrike, MS Defender/)
- RBAC (Role-Based Access Control)
- Cloud Security (AWS, Azure, Google Cloud)
- Encryption Methods and Data Protection techniques
- AI & ML in Cybersecurity
- Regulatory Compliance (e.g., NIST, ISO, GDPR, HIPAA)
- Strong understanding of hybrid IT environments (cloud and on-premises infrastructure). (Must have)
- Proven experience in conducting risk assessments, gap analysis, and working with business units to define cybersecurity requirements. (must have)
- Strong documentation and requirements-gathering skills with the ability to translate technical security concepts into business terms.
- Excellent communication and interpersonal skills, with the ability to engage stakeholders at all levels and facilitate cross-functional collaboration.
Preferred Skills: (Good to have)
- CISSP, CISM, CISA, CCSP, or other relevant cybersecurity certifications.
- Familiarity with cloud-native security tools (e.g., AWS CloudTrail, Azure Security Center) and DevSecOps practices.
- Strong experience with SIEM Sentinel & Security Operations, and ALaM (Application Logging & Monitoring)
- Experience with agile project management and project management tools.
- Hands-on experience with machine learning algorithms for cybersecurity threat detection.
