The Cyber Business Analyst is responsible for supporting the delivery of Client's Group CISO security
maturity initiatives by providing analytical insight, process clarity, and stakeholder alignment. This role
works closely with the Group CISO and Programme Manager to ensure cybersecurity projects are
informed by accurate data, well-mapped processes, and clearly defined business and regulatory requirements.
We are looking for a Business Analyst (BA) with experience in cybersecurity, regulatory compliance, and data-driven decision-making, capable of supporting large-scale cyber maturity programmes aimed at reducing the risk of cyber threats and ensuring alignment with evolving regulatory obligations.
Key Responsibilities:
- Business Analysis & Requirements Gathering
- Collaborate with stakeholders to capture and document business, technical, and regulatory requirements for cybersecurity initiatives, particularly in IAM and PAM domains.
- Translate complex identity and access management concepts into clear, actionable business terms.
- IAM & PAM Transformation Support
- Support the design and implementation of IAM and PAM solutions, including role-based access control (RBAC), least privilege enforcement, and privileged session monitoring.
- Assist in defining access governance models, user lifecycle processes, and policy enforcement mechanisms.
- Ensure alignment with regulatory and audit requirements for identity and access controls.
- Collaborate with stakeholders to analyse Segregation of Duties (SoD) conflicts, support SoD rule set definition,
- Assist in integrating CMDB insights to enhance access control decisions and risk mitigation strategies.
- Regulatory Compliance Mapping
- Interpret and map requirements from key regulatory frameworks such as:
- DORA (Digital Operational Resilience Act)
- CBI (Central Bank of Ireland) Guidelines
- NIS/NIS2 (Network and Information Systems Directive)
- Ensure cybersecurity projects align with these frameworks and that compliance obligations are clearly documented and traceable.
- Data Analysis & Reporting
- Analyse security-related data to identify trends, risks, and opportunities for improvement.
- Develop dashboards and reports to support decision-making and track progress against KPIs and compliance metrics.
- Process Mapping & Optimisation
- Document current-state cybersecurity and access management processes and identify gaps or inefficiencies.
- Design future-state process maps aligned with security best practices and regulatory standards.
- Stakeholder Engagement
- Act as a bridge between technical teams, business units, compliance, and third-party vendors.
- Facilitate workshops, interviews, and walkthroughs to validate requirements and solutions.
