-
3 -5 years of required experience in Business analysis experience working with stakeholders within a cross-functional matrix environment. Familiarity with information security documentation requirements, certification and accreditation processes, and abreast with general reporting requirements for industry security standards (e.g. ISO 27001, NIST SP 800-53). Expertise in common security tool use. Project Management experience is a strong plus.
-
Demonstrated ability to effectively communicate security-related concepts to both technical and non-technical stakeholders. Experience working in cross-functional teams to enhance security posture and drive security initiatives.
-
Possess a high-level understanding of security, particularly in the areas of compliance and application security. Leverage this expertise to effectively guide customers through the process of implementing robust security measures, meeting regulatory requirements, and ensuring the secure development and deployment of applications within their organizations.
-
Excellent analytical and writing skills, to evaluate the information gathered from multiple sources, reconcile conflicts, decompose high-level information into details, abstract up from low-level information to a more general understanding, distinguish solution ideas from requirements, and distinguish user requests from underlying needs.
-
Experience in requirements management, including collecting, documenting, analyzing, tracing, validating, prioritizing and controlling change.
-
Experience gathering and preparing level-of-effort estimates, use cases, test cases and plans.
-
Able to work well under pressure and respond to fast changing priorities and deadlines.
-
Highly organized and able to manage multiple tasks and projects simultaneously.
-
Excellent verbal and written communication skills.
-
Strong analytical skills with the ability to problem solve well-judged decisions.
-
A strong team-player with the ability to engage with all levels of the organization.
-
Technical competence using software programs, including, but not limited to, Google Suite for business (Sheets, Docs, Slides).
-
Entrepreneurial mindset and comfortable in a flat organization.
-
Preferred Professional certification (e.g. CISSP, CCSP, CISM) in Information Security from a reputable institution highly valued.