This role presents an opportunity to collaborate with a prominent government-affiliated organisation on significant cyber maturity advancements. As a seasoned Cyber Security Business Analyst, you will drive strategic initiatives across climate change and urban planning portfolios. The successful candidate will develop service and process design activities that align with critical security and compliance frameworks while engaging stakeholders across multiple departments.
About the Role
This Cyber Security Business Analyst position requires a strong emphasis on business-facing analysis, stakeholder engagement, and cross-functional collaboration. The successful candidate will shape and guide the implementation of key cybersecurity processes across the organisation.
Key Responsibilities
* Lead end-to-end business analysis activities across cybersecurity initiatives.
* Design and implement Third Party Risk Management (TPRM) frameworks and associated processes.
* Translate complex risk, compliance, and security concepts into business-aligned deliverables.
* Develop documentation for lifecycle management, compliance, and assurance.
* Conduct gap analysis and identify optimisation opportunities across workflows and systems.
* Facilitate workshops with technical and non-technical stakeholders.
* Collaborate closely with Cyber Security, Architecture, Risk, and Commercial teams.
* Develop detailed documentation including process maps, transition plans, knowledge articles, and IT checklists.
* Ensure alignment with NSW Cyber Security Policy and other regulatory standards.
* Support rollout and operational readiness of new services and cyber-related initiatives.
* Contribute to organisational change efforts through clear communication and engagement strategies.
* Apply Waterfall and Agile methodologies across the full project lifecycle.
About You
The ideal candidate should possess:
* A minimum 5 years' experience in business analysis roles focused on cyber security, risk, or compliance.
* A strong track record in Third Party Risk Management (TPRM) and ICT lifecycle initiatives.
* Demonstrated experience in service and process design, especially in cyber uplift environments.
* Highly skilled in stakeholder engagement and working across cross-functional teams.
* Proficient in business documentation, including BRDs, traceability matrices, UAT plans, and readiness assessments.
* Advanced skills in creating process diagrams, workflows, and swim lane visualisations.
* Able to distil technical cybersecurity language into clear, actionable insights for diverse audiences.
* Strong workshop facilitation and negotiation skills.
* Previous experience in NSW or Federal Government environments highly desirable.
* Sound knowledge of compliance standards and regulatory frameworks.
* Familiarity with tools and platforms used in process design and documentation.
* Australian Citizen, Permanent Resident or holder of valid long-term work rights only.