Business Analyst Information Security Transformation
We are looking for an experienced Business Analyst to support a major enterprise transformation programme, working closely with the Information Security workstream to define and embed security processes, controls, and governance across the organisation.
Key Responsibilities
- Drive the business analysis approach across the Information Security workstream
- Design end-to-end business and operational processes incorporating security controls
- Produce key artefacts including process maps, data flow diagrams, RACI models, and procedures
- Translate security policies and risk requirements into clear, trackable system and process requirements
- Lead workshops with Information Security, programme teams, delivery SMEs, vendors, and compliance stakeholders
- Define security requirements across areas such as:
- Logging and threat detection
- Vulnerability management
- Secure APIs and access governance
- Mobile Device Management and remote access
- Work with PMO and delivery teams to ensure alignment with programme milestones, governance, and success metrics
- Support change adoption through documentation, training materials, and stakeholder engagement
Required Experience
- 5+ years experience as a Business Analyst in large enterprise transformation programmes
- Experience designing business processes and supporting organisational change
- Good understanding of cybersecurity, IT governance, and compliance environments
- Strong workshop facilitation and stakeholder management skills
- Experience with tools such as Visio, Miro, Jira, and Confluence
Nice to Have
- Experience with SAP or ERP transformation programmes
- Exposure to security tooling or GRC environments
- Familiarity with Agile or hybrid delivery models
What Success Looks Like
- Security processes and controls clearly defined and embedded into programme delivery
- Stakeholders aligned through effective workshops and collaboration
- Measurable improvements in risk management, compliance alignment, and operational readiness
