Job Specifications
Role: Cybersecurity BA
Location: London or Norwich
Role Purpose:
The BA will be working with internal and external stakeholders (both IT and non-IT areas). Accountable for managing key business stakeholders to define requirements for change initiatives aimed at improving processes and systems ensuring alignment to business benefits and assuring quality delivery & testing of these requirements as per business protection standards and technical specifications.
Responsibilities:
• Lead the facilitation of business workshops to elicit, challenge, develop and convert business, functional, and non-functional requirements into process/systems solutions considering IT and business drivers.
• Ensure all documented requirements are delivered in a clear, concise, and timely fashion, suitable for handover to the Project delivery teams including Solution Architects and Test Leads.
• Ensure that the requirements’ acceptance criteria, integrity and traceability is maintained throughout the project lifecycle working alongside both internal and external suppliers. • Qualification and quantification of business benefits relating to requirements for change and improved business processes, including impact assessment of change requests to scope and requirements.
• Ensure the quality & timeliness of the analysis, requirements, specifications & acceptance criteria produced with the security engineering function to guide the strategy around new security technology controls as well as with infrastructure engineering and application development programs and teams to advise on the security risks they need to address and the correct selection and implementation of controls.
• work directly with multiple IT infrastructure and application development projects and teams to apply standard technical risk assessment methods to identify and prioritize risks for remediation
• Review architecture and design documents to help ensure the correct implementation of security technology controls
Experience:
Knowledge of risk management concepts including risk assessment and risk treatment techniques and methodologies, including:
• Risk Assessment methods and frameworks (IRAM2, OCTAVE, NIST, ISO 27005 etc) -
• Information Security Management System frameworks and standards and their application
• Compliance frameworks relevant to financials services including SOX, PCI DSS, SSAE16, etc)
• Good working knowledge of one or more security technologies and domains, including, but not limited to network security, cyber security, data security, identity and access management, application security & cloud security(SaaS,IaaS,PaaS)
• Experience in advising on or developing security architectures and designs for one or more security technology domains
• Security technologies (firewalls, WAFs, DLP, cryptography, vulnerability scanning, identity and access management, etc.)
• Appreciation of different cyber threats such as malicious cyber-attacks, phishing, data theft, domain fronting, HTML smuggling etc.
• Good understanding of cyber security working in financial organisations.
• Good understanding of networks, firewalls, proxies, traffic routing and management.
• A good understanding of risk and issue management.
• Basic cloud knowledge on any of cloud like AWS, Azure, GCP
• Proven business analysis, problem solving, issue tracking and resolution skills
• An in-depth understanding of cyber security and security operations concepts, tooling and practices
• Experience as Agile Business Analyst within a cyber security environment
• Ability to develop user flows and process diagrams and documentation
• An appreciation of threat intelligent techniques and the threat landscape for Financial Services organizations
• Created and published procedural and policy documentation and guidance
• Bridge the communications gap between the business users and security functions during process analysis.
• Gather business requirements to assist with finding appropriate solutions to cyber security problems.
• Facilitate ‘show and tell’ sessions with business users and/or CISO teams to demonstrate security solutions.
• Security qualifications, which may include CISM, CISA, CISSP, BS7799 Auditor or other.
Wipro is an exciting organization to work for. We ranked as a “Top Employer” as part of the Top Employer Institute annual listings. We were assessed on several key HR practices including Diversity and Inclusion.
Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business. Your benefits include
Contributory pension of up to 5%
Extra holiday purchase
4x life insurance policy
Private medical insurance (50)
Equal Opportunities:
Wipro is an advocate for positive change and conscious inclusion. As a global employer, we strive to create a diverse Wipro family by remaining committed to the development of our culture, diversity, equality, an
About the Company
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With nearly 245,000 employees and business partners across 65 countries, we deliver on the promise of helping our clien...
Know more