Job Description

Role Purpose:

Reading

The Senior Cybersecurity Business Analyst partners with PMs, Solution Architects, SMEs and control owners to translate cyber risks into actionable requirements, produce PTDA‑compliant artefacts, and embed secure practices across IT and OT. The BA uses ADO to manage analysis and delivery workflows, and Power BI to provide traceability and insight for decision‑making.

Key Responsibilities:

Analysis & Requirements:

Lead business analysis for assigned cyber projects; capture and validate business, functional, and non‑functional requirements aligned to cyber objectives.
Ensure traceability from risk/findings → requirements → design → test → acceptance → risk closure.
Perform current‑state analysis (process, tech stack, controls) and define target‑state aligned with TOM and architecture guardrails.
Produce user stories, acceptance criteria, process maps, data flows, use cases, and control requirements in ADO/Confluence.

1. Governance, PTDA & Assurance

Prepare and curate documentation for PTDA checkpoints (requirements packs, impact and risk assessments, solution options, delivery plans, test evidence, ops acceptance, benefits).
Support compliance with cyber resilience strategies and regulatory obligations (e.g., NIS/NIS2 context for OT).
Maintain evidence packs and support audits/assurance reviews.

Agile Delivery & Tooling:

Manage and refine backlogs in Azure DevOps; lead backlog refinement and participate in sprint ceremonies.
Support dependency mapping and cross‑team alignment (Cyber, Engineering, Digital, IT/OT Ops, Vendors).
Build Power BI reports/dashboards to track progress, risk metrics, and requirements coverage.

1. Testing, Validation & Handover

Define test conditions aligned to requirements and controls; support UAT, security validation, and acceptance criteria sign‑off.
Contribute to change impact assessments, comms and training, and operational readiness (SOPs, runbooks, RACI).
Ensure clean handover to BAU with measurable control outcomes.

.

͏

Key Deliverables

Requirements Catalogue & Traceability Matrix:

Current‑State vs Target‑State Process & Data Flow Diagrams
User Stories & Acceptance Criteria (ADO)

PTDA artefacts and Evidence Pack contributions:

Impact/Risk Assessments; Options & Recommendations
Test Scenarios/Evidence aligned to control outcomes
Power BI reporting for coverage, progress, and risk metrics
Handover artefacts (SOPs, training, success measures)

Required Skills & Experience:

8+ years as a Business Analyst in Cyber/IT Risk (IT & preferably OT exposure).
Strong capability in requirements engineering, process modelling, and traceability.
Hands‑on with ADO (user stories, boards, queries, dashboards) and working knowledge of EPM.
Experience creating PTDA‑ready documentation and supporting governance boards.
Understanding of cyber domains (Network, IAM, Cloud, Endpoint, Vulnerability Mgmt, GRC, Sec Ops, OT security).
Strong analytical writing; clear, visual documentation skills (Visio/Draw.io).
Skilled stakeholder engagement and workshop facilitation.

Preferred Qualifications:

BCS Business Analysis or equivalent certification.
Security certifications (e.g., Security+, ISO 27001 Implementer/Auditor) a plus.
Experience with Power BI, Confluence/Share Point, Visio.

Success Measures / KPIs

Requirements completeness & first‑time quality; change rate.
Requirements‑to‑test coverage and acceptance on first pass.
PTDA artefact quality and on‑time readiness.
Measurable contribution to risk reduction and control maturity.
Stakeholder satisfaction and cycle time to decision.

Personal Attributes

Detail‑oriented, structured thinker with a pragmatic delivery mindset.
Translates complex technical topics into clear, actionable content.
Proactive, collaborative, and comfortable in fast‑moving environments

͏

Deliver

		**No.Performance Parameter Measure**

		1.

Customer Engagement and Delivery Management:

		PCSAT, utilization % achievement, no. of leads generated from the business interaction, no. of errors/ gaps in documenting customer requirements, feedback from project manager, process flow diagrams (quality and timeliness), % of deal solutioning completed within timeline, velocity generated.

		2.
		Knowledge Management
		No. of whitepapers/ research papers written, no. of user stories created, % of proposal documentation completed and uploaded into knowledge repository, No of reusable components  developed for proposal during quarter