Sr. Reliability Cleared Business Analyst to transform security requirements into actionable solutions for our telco client - 19241

Sr. Reliability Cleared Business Analyst to transform security requirements into actionable solutions for our telco client - 19241

Location: Hybrid/Flex (Toronto)

Duration: 6 months (high chance of extension)

Our client is seeking a strategic and experienced Senior Business Analyst to transform security requirements into actionable solutions. This role is crucial in architecting and implementing security measures that protect our healthcare digital assets while ensuring seamless business operations.

Responsibilities:

• Champion a progressive security culture that positions protection as a business enabler, not a barrier to innovation.
• Bridge security operations with business objectives through targeted metrics and measurable outcomes.
• Design and implement security performance dashboards that clearly demonstrate ROI and business impact.
• Spearhead initiatives that transform security from a compliance requirement to a competitive advantage.
• Build strategic partnerships across business units to embed security excellence into organizational DNA
• Conduct in-depth analysis of existing security ecosystems, mapping critical processes and use cases across the organization
• Identify and document government, regulatory and client contractual obligations as requirements for security process and technology solutions.
• Work across the CSO portfolio of projects to deliver business and use case analysis in support of solution design and onboarding.
• Support centrally managed solutions and federated solutions that require close collaboration with product and business teams to integrate security into existing practices.
• Seek out, demonstrate and justify security improvements through tracking of KPI data before and after deployment to support broad adoption of security solutions.
• Optimize security controls to minimize friction in user and developer experiences.
• Seek out cost saving opportunities through streamlining of process and governance.
• Leverage data analytics to inform evidence-based security design decisions.
• Establish metrics to quantify the effectiveness of security architectures and controls, and the tracking of rollout adoption.
• Continuously refine security solutions based on emerging threats, technological advancements, and user feedback.
• Work across CSO spanning technical and non-technical disciplines and leverage opportunities for re-use and streamlining across CSO in engagement with business and product teams.
• Translate diverse business needs into robust, actionable security plans.
• Orchestrate cross-functional dialogues to ensure security measures enhance, rather than hinder, business processes.
• Lead initiatives to streamline security processes, reducing operational friction and enhancing overall efficiency.
• Facilitate workshops to identify opportunities where security can act as a business enabler.
• Develop tailored security solutions that address specific business unit needs while maintaining a cohesive organizational security posture.
• Champion a 'security as a service' model

Must have skills:

• Has or is eligible to gain Reliability Clearance
• Expert leveraging Lean methodologies in gathering and documenting security requirements from diverse stakeholders
• Ability to manage the discovery and documentation of the as-is state, and facilitating the creation of the to-be state through templates such as swimlanes, RACI and flowcharts, evaluate the impact of security findings on business processes, ability to facilitate discussions to resolve conflicts between security and business needs
• Strong ability to create detailed business requirement documents (BRDs) and functional specifications for security initiatives
• Experience in facilitating requirements workshops and security stakeholder meetings
• Experience with data reporting and visualization tools (e.g. Looker, Power BI, Excel)
• Ability to analyze security scan results and create actionable reports
• Basic Knowledge of Software Development Lifecycle security principles

Nice-to-Have Skills:

• Experience with requirements management tools and traceability matrices
• Ability to develop user stories and acceptance criteria for security features
• Skills in conducting impact analysis for security changes across business units
• Policy and Compliance; basic familiarity with compliance and security standards like GDPR, HIPAA, and ISO 27001, NIST, SCO2 Type2
• Education and Awareness
• Supporting training initiatives to educate development teams on secure coding practices
• Driving the adoption of security tools and processes within the organization