Gather and document requirements, analyze business and security needs
Create workflows and SOPs; support risk assessment documentation
Engage stakeholders to define, validate, and document business rules and requirements
Support risk and POA&M management, validate milestones for remediation
Act as liaison between stakeholders, technical teams, and leadership
Develop and maintain documentation, process flows, gap analyses, and control mapping to frameworks (NIST, FISMA)
Provide analytical support for executive reporting (dashboards, metrics, summaries)
Support delivery of measurable security outcomes and ensure solutions meet defined objectives

Applicant must be a U.S. citizen residing in the U.S.
This position requires obtaining a clearance through the Department of Education. Applicants must be willing to undergo a background check as part of the hiring process.
Education: Bachelor’s degree from an accredited university or 5-7 years of relevant experience.
Experience: 5+ years as a business/security analyst
Certifications: (candidates MUST HAVE obtained at least one)
CBAP (Certified Business Analysis Professional)
PMI-PBA (Professional in Business Analysis)
PMP
CAPM
ITIL-F
CRISC (Certified in Risk and Information Systems Control)
CompTIA Project+
CGRC (Certified in Governance, Risk and Compliance)
Technical Skills:
JIRA, Confluence
MS Visio, Lucidchart
MS Project
SQL Query
MS Power BI
Archer/ServiceNow (GRC)
Microsoft Office Suite
Risk & Compliance Knowledge:
NIST SP 800-53/37 (RMF)
NYC Ed Law 2-d
CIPA, FERPA, HIPAA

Security Business Analyst

Key skills