Staff Security Analyst – Business Technology

Staff Security Analyst – Business Technology

Requirements

• 3-5 years of experience in a product management or analyst role, ideally with a focus on security.
• Strong understanding of security fundamentals and frameworks (e.g., NIST, ISO 27001, CIS).
• Experience with modern DevOps practices and toolchains.
• Prior involvement in driving security transformation initiatives and sustainability programs.
• Demonstrated ability to create meaningful metrics and dashboards using business intelligence tools (e.g., Splunk, Grafana, or equivalent).
• Ability to translate technical insights into actionable business recommendations.
• Excellent communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.

Responsibilities

• Evaluate business processes, anticipate requirements, and identify areas for improvement.
• Define technical, business, and security requirements for projects and systems.
• Translate complex technical requirements into functional specifications and user stories.
• Help teams maintain focus and alignment with project goals, ensuring adherence to agreed deliverables and minimizing deviations from scope.
• Educate teams on security practices and ensure adherence to security policies.
• Identify and track key metrics to measure the success of security programs.
• Help develop and maintain incident response playbooks and ensure alignment with organizational goals.
• Develop runbooks, procedure manuals, and other documentation to support cross-training and operational readiness.
• Translate business requirements into actionable technical milestones, ensuring security initiatives align with organizational objectives and timelines.
• Lead and manage the rollout of secure infrastructure projects, including networking deployments, ensuring best practices in security sustainability.
• Provide continuous oversight and a clear line of sight for DevOps or SRE teams regarding infrastructure changes and security posture updates.
• Deploy and maintain infrastructure and code scanning tools across environments, integrating security controls within CI/CD pipelines to ensure automated vulnerability assessments and compliance.
• Collaborate with DevOps teams to ensure the seamless integration of security tools that enhance the efficiency and effectiveness of the development process.
• Act as a key coordinator for security incident response, ensuring rapid, practical remediation actions and clear communication with internal teams.
• Participate in the security champion programs and tabletop exercises to test team readiness.
• Design, develop, and maintain dashboards and key performance metrics to measure business outcomes and track security posture improvements.
• Ensure that SDL processes are fully covered (100%) and continuously monitored, providing actionable insights to leadership and stakeholders.
• Identify opportunities for automation within security workflows, leading initiatives to streamline processes and improve systematic risk management.
• Collaborate across teams to implement scalable and repeatable security measures that drive operational excellence.

Preferred Qualifications

No preferred qualifications provided.