Job Description
The IT - DCX (Digital Customer Experience) department is looking for a Business Analyst, Cyber Security, to report to the Senior Manager, Cyber Security, to assist with security processes and governance.
Responsibilities
Policies & Procedures
- Creation of security policies within the IT-DCX department.
- Analysis of the impact of overall Bell security policies, procedures and best practices on the IT-DCX department.
- Gather information about security gaps and risks within project and operational processes and assist with the determination of their impact as well as the documentation of processes and procedures to mitigate them.
- Determine lessons learned from any security issues and ensure that processes and procedures are documented and implemented to prevent the issues from happening in the future.
- Assist with the design and implement a SSDLC (Secure Software Development LifeCycle) specific to the Bell IT-DCX department.
- Maintain knowledge library and documentation of security policies and procedures.
- Report on the progress made with the implementation of new processes and procedures.
- Governance
- Ensure compliance with security policies, procedures and best practices.
- Assist with the coordination of the IT components of both internal and external audits to ensure security programs are in compliance with relevant laws, regulations and policies.
- Develop an evaluation method to assess the security program strengths and identify areas for improvement.
- Audit and report on the adherence to the security policies and procedures and evaluate trends to support continuous improvement initiatives.
Training
- Create training materials, both online and in person, to improve the understanding of IT-DCX staff and contractors with respect to security policies and procedures.
- Lead training sessions with IT-DCX staff and contractors so they can understand how the security policies affect their programs and projects.
- Other
- Assist with the creation of business cases to support the implementation of policies and the purchase of labour or tools to improve the security posture within the IT-DCX department.
- Assist with the onboarding of security testing tools.
Qualifications & Skills
- 2+ years of Business Analysis experience in the Security space.
- Bachelor's degree.
- Certified Information Systems Security Professional (CISSP) is an asset. ITIL v3 and other IT and security certifications are also an asset.
- Familiarity with security best practices and risk management methodologies.
Experienced in:
- Instituting cyber security and risk metrics for reporting; and
- Establishing security processes to reduce business risk.
- Ability to determine how processes, procedures and best practices established by a corporate team will affect working teams.
- Since the position entails working with sensitive and confidential information, a high level of integrity is required.
- Ability to effectively communicate and foster strong working relationships with all levels of staff within the organization as well as external contacts.
- Taking the initiative and working proactively with minimal supervision.