Teamrecruiter.com
Job title:
Business Analyst (Security Frameworks, Healthcare Cyber Security, CBAP, ITIL)
Company
Teamrecruiter.com
Job description
Business Analyst (Security Frameworks, Healthcare Cyber Security, CBAP, ITIL), OntarioSauvegarder PostulerPublié il y a 1 jour(s) | Toujours ouvertContractuel Temps plein Aussitôt que possible Télétravail partielDescription du posteOne of our Healthcare clients is looking for a Business Analyst (Security Frameworks, Healthcare Cyber Security, CBAP, ITIL)Length: 6 months Contract with a possibility of extensionLocation: Toronto, ON – HYBRIDKEY RESPONSIBILITIES:1. Strategic Security Innovation:
- Champion a progressive security culture that positions protection as a business enabler, not a barrier to innovation.
- Orchestrate multi-disciplinary collaboration to ensure security initiatives directly support TELUS Health’s strategic vision.
- Bridge security operations with business objectives through targeted metrics and measurable outcomes.
- Design and implement security performance dashboards that clearly demonstrate ROI and business impact.
- Spearhead initiatives that transform security from a compliance requirement to a competitive advantage.
- Build strategic partnerships across business units to embed security excellence into organizational DNA.
2. Security Analysis & Design:
- Conduct in-depth analysis of existing security ecosystems, mapping critical processes and use cases across TELUS Health.
- Identify and document government, regulatory and client contractual obligations as requirements for security process and technology solutions.
- Work across the CSO portfolio of projects to deliver business and use case analysis in support of solution design and onboarding.
- Support centrally managed solutions and federated solutions that require close collaboration with product and business teams to integrate security into existing practices.
- Seek out, demonstrate and justify security improvements through tracking of KPI data before and after deployment to support broad adoption of security solutions.
- Optimize security controls to minimize friction in user and developer experiences.
- Seek out cost saving opportunities through streamlining of process and governance.
- Leverage data analytics to inform evidence-based security design decisions.
- Establish metrics to quantify the effectiveness of security architectures and controls, and the tracking of rollout adoption.
- Continuously refine security solutions based on emerging threats, technological advancements, and user feedback.
3. Stakeholder Engagement:
- Work across CSO spanning technical and non-technical disciplines and leverage opportunities for re-use and streamlining across CSO in engagement with business and product teams.
- Forge collaborative partnerships across TELUS Health to harmonize security initiatives with operational objectives.
- Translate diverse business needs into robust, actionable security plans.
- Orchestrate cross-functional dialogues to ensure security measures enhance, rather than hinder, business processes.
- Lead initiatives to streamline security processes, reducing operational friction and enhancing overall efficiency.
- Facilitate workshops to identify opportunities where security can act as a business enabler.
- Develop tailored security solutions that address specific business unit needs while maintaining a cohesive organizational security posture.
- Champion a ‘security as a service’ model within TELUS Health, positioning the security team as a valued business partner.
MUST-HAVE SKILLS:
1. Expert skills in gathering and documenting security requirements from diverse stakeholders
a) Ability to manage the discovery and documentation of the as-is state, and facilitating the creation of the to-be state through templates such as swimlanes, RACI and flowcharts
b) Evaluate the impact of security findings on business processes
c) Ability to facilitate discussions to resolve conflicts between security and business needs
2. Strong ability to create detailed business requirement documents (BRDs) and functional specifications for security initiatives
a) Experience in facilitating requirements workshops and security stakeholder meetings
b) Experience with data reporting and visualization tools (e.g. Looker, Power BI, Excel)
c) Ability to analyze security scan results and create actionable reports
3. Basic Knowledge of Software Development Lifecycle security principlesNICE-TO-HAVE SKILLS:
- Experience with requirements management tools and traceability matrices
- Ability to develop user stories and acceptance criteria for security features
- Skills in conducting impact analysis for security changes across business units
- Policy and Compliance; basic familiarity with compliance and security standards like GDPR, HIPAA, and ISO 27001, NIST, SCO2 Type2
- Education and Awareness
o Supporting training initiatives to educate development teams on secure coding practices
o Driving the adoption of security tools and processes within the organizationTECHNICAL REQUIREMENTS:
Expert knowledge in:
- Security operations excellence frameworks
- Process improvement methodologies (Six Sigma, Lean)
- metrics and KPI development
- automation and orchestration
- governance and compliance
- Business intelligence and analytics
- tool optimization
- Stakeholder management
Requirements management
- Strong understanding of:
- Security frameworks and controls
- Risk assessment methodologies
- Vulnerability management
- Security tools and technologies
- Compliance requirements in healthcare
- Experience with security process optimization and documentation
REQUIRED QUALIFICATIONS:
- Bachelor’s degree in Computer Science, Information Security, or related field
- 5+ years of business analysis experience in cybersecurity
- Proven track record of security process improvements
- Strong analytical and problem-solving capabilities
- Excellence in technical documentation and communication
- Healthcare security experience preferred
Desired Certifications:
- Desirable: Security certifications (CISSP, CISM)
- Essential: Process improvement certifications (e.g. Six Sigma, ITIL)
- Desirable: Quality management certifications (ISO 27001 Lead Auditor)
- Essential: Business analysis certifications (e.g. CBAP)
Ideal Candidate Profile:
- Process excellence mindset
- Data-driven decision maker
- Strong analytical capabilities
- Excellence in stakeholder management
- Continuous improvement advocate
- Innovation champion
URGENT: Please read the job description above. If this interests you, apply to the job with your most updated resume, including your contact number and email address.The recruiter in charge of this role is Zara.If you do not think you are a match for this opportunity, but know someone who is, feel free to forward this job description to them and you will be eligible for a referral bonus upon a successful hire.Please note that this is the most up to date version of job description available at this time – During Client Interview you will receive additional information – variance may apply!Please note: Adherence to our end client’s vaccination policy is a requirement.Please visit the TEAMRECRUITER website to review other CAREER OPPORTUNITIES!Teamrecruiter.com IncTeamrecruiter.com est un fournisseur de services de dotation et de recrutement auprès des entreprises Fortune 500 et des entreprises à croissance émergente en Amérique du Nord. Nos consultants et chargés de comptes travaillent en interne…
Expected salary
Location
Toronto, ON
Job date
Wed, 08 Jan 2025 23:12:46 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsnearcanada.com) you saw this job posting.