The Company
Behind the scenes of some of the world's most critical medical innovations lies a team of engineers, scientists, and problem-solvers dedicated to advancing healthcare. This organisation is globally recognised for building sophisticated solutions that shape the future. Their Melbourne R&D hub is at the forefront—delivering technology used by hospitals and laboratories worldwide. You'll join a close-knit team working on a flagship product that directly impacts patient outcomes while meeting the highest international standards of security and compliance.
They are hiring a Cybersecurity Business Analyst to join a Scrum team focused on enhancing the cybersecurity posture of a mature medical device product to meet FDA cybersecurity regulations. This role supports the team in defining and managing a backlog of epics, user stories, and formal requirements. It requires a solid understanding of agile principles, software development, and cybersecurity fundamentals.
Responsibilities
As the Cybersecurity Business Analyst, you will:
* Collaborate with product, cybersecurity, risk, and technology teams to gather, document, and validate business and technical requirements.
* Communicate business context, value, and urgency to the Scrum team and broader stakeholders.
* Elicit, analyse, and align requirements using stakeholder engagement, document analysis, and modelling (e.g., use cases, wireframes, state models).
* Define Epics, User Stories, and Acceptance Criteria that deliver incremental business value.
* Partner with the Product Owner to support backlog management.
* Decompose Epics and ensure their value and context are well understood.
* Facilitate backlog refinement to ensure clarity, estimation readiness, and alignment.
* Maintain formal requirements in ALM in accordance with QMS standards, including drafting, reviewing, approving requirements, managing libraries and baselines, and ensuring test case coverage and traceability.
Your Background
Essential:
* Experience as a System Analyst or Business Analyst in software development security.
* Proficiency in agile backlog management, including writing user stories and acceptance criteria.
* Understanding of cybersecurity fundamentals and the secure software development lifecycle (SSDLC).
* Strong stakeholder engagement skills across program management, product management, domain SMEs and technology teams.
* Excellent communication skills with demonstrated ability to document technical requirements methodically.
* Experience with tools such as Jira, Miro or similar backlog and sprint management platforms.
Highly Desirable:
* Experience with requirement management tools such as: ALM Quality Center, or DOORS
* Strong cybersecurity expertise, including security risk management and secure product development.
* Experience in regulated product engineering environments (e.g., medical devices, aerospace).
* Familiarity with cybersecurity standards such as CLSI AUTO11, IEC, NIST 800-53, IEC
* 62443, and FDA Cybersecurity Guidance.
What's next
If this sounds like a great opportunity for you, please apply today. We will be reviewing applications over the coming weeks, and calling only shortlisted applicants for a phone-screen and interview before being presented to the client.