CrawlJobs Logo

Senior Business Analyst (Cyber Security)

Canada, Ottawa · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

Our banking client is seeking an experienced Senior Business Analyst to support cyber security initiatives within a complex enterprise environment. This role will work closely with project managers, cyber teams, and technical stakeholders to drive requirements, support delivery, and ensure alignment between business needs and technical solutions.

Job Responsibility

  • Elicit, document, and manage business, functional, and technical requirements
  • Develop key BA artifacts (BRDs, functional specs, process flows, use cases, traceability matrices)
  • Translate business and cyber security needs into actionable requirements
  • Support project planning, scope definition, and documentation
  • Contribute to risk identification, impact analysis, and mitigation planning
  • Manage requirement changes and support project decision-making
  • Support Agile/SCRUM delivery (backlogs, user stories, sprint planning)
  • Act as liaison between business stakeholders, cyber teams, and technical leads
  • Support UAT, testing, and validation of deliverables
  • Assist with transition-to-operations planning and documentation
  • Prepare briefing materials and stakeholder communications

Requirements

  • 5+ years of experience in IT and/or cyber security environments
  • 5+ years as a Business Analyst supporting complex projects
  • Strong experience with requirements gathering, documentation, and validation
  • Experience producing structured BA deliverables (BRDs, use cases, process flows, etc.)
  • Experience working in Agile, SCRUM, and/or hybrid delivery environments
  • Strong communication skills across technical and business audiences
  • Ability to manage multiple priorities in complex environments

Nice to have

  • Experience supporting cyber security or risk-focused initiatives
  • Certifications: CBAP, CCBA, PMP, or Scrum Master
  • Experience with Microsoft Azure or cloud-based projects
  • Knowledge of governance, risk, and compliance frameworks
  • French language skills

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior Business Analyst (Cyber Security)

8 matching positions

Senior Information Security Cyber Security Data Analyst

Senior Information Security Cyber Security Data Analyst – Assistant Vice Preside...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8-12 years of relevant experience in Cyber Security, Information security, primarily into building data pipelines, Data collection and management, Data transformation etc.
  • Building Data Pipelines: Creating systems for collecting, storing, and transforming data from various sources. Impala, Hive
  • Data Collection and Management: Data engineers are responsible for gathering data from various sources, ensuring its quality, and making it accessible for analysis.
  • Data Transformation: They convert raw data into usable formats, often using ETL (Extract, Transform, Load) processes, to big data platform of Hadoop, Cloud technologies like DataBricks and Snowflake to make it suitable for analysis and reporting.
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential information security (IS) risks and make recommendations for enhancement
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Execute meetings and communicate complex security topics and safe IS practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing IS standards to align procedures and practices in compliance with Citi standards
  • Educate and advise on safe information security practices and current, changing, and/or recommended information security requirements
  • Validate compliance with IS policies, practices, and procedures, and resolve a variety of IS related issues in coordination with the business
  • Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
  • Has the ability to operate with a limited level of direct supervision.
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

Senior Analyst, Cyber Security

The Senior Analyst, Cyber Security supports the Manager, Cybersecurity & Network...
Location
Location
Canada , Vancouver
Salary
Salary:
90300.00 - 129000.00 USD / Year
canfor.com Logo
Canfor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree or diploma in IT or related field
  • 5+ years enterprise experience across multi-site environments
  • Professional-level Security certifications preferred
  • Strong troubleshooting, documentation, and communication skills
  • Hands‑on experience with Microsoft Defender, Sentinel, Purview, or equivalent
  • Experience managing cloud security for Azure/M365/SaaS
  • Demonstrated ability to collaborate with MDR/SOC teams
  • Experience with privacy legislation (PIPEDA, BC PIPA)
  • Experience developing or maintaining incident response playbooks
  • Threat-informed defense (MITRE ATT&CK familiarity)
Job Responsibility
Job Responsibility
  • Plan, design, and implement enterprise security solutions
  • Resolve Tier 3 incidents and outages
  • Execute security projects and coordinate vendors
  • Maintain accurate documentation, runbooks, and inventories
  • Support for Zero Trust architecture, including network segmentation, identity hardening, and continuous monitoring
  • Responsibilities related to cloud security across Azure, M365, SaaS, and hybrid workloads
  • Oversight of third‑party risk, recognizing increased vendor dependence
  • Work with MDR (Managed Detection & Response) providers such as Arctic Wolf to improve detection, triage, and response maturity
  • Responsibilities related to governance frameworks (NIST CSF 2.0, CIS Controls v8)
  • Integration with privacy compliance (PIPEDA, BC PIPA) and corporate policy governance
What we offer
What we offer
  • performance-based incentive plans
  • recognition programs
  • benefits
  • paid leaves
  • pension plans with base and matching contributions
  • savings options
  • robust health & well-being initiatives
  • development of our talent
  • value proposition that promotes diversity, equity and inclusion
  • Fulltime
Read More
Arrow Right

Senior Cyber Security GRC Analyst

We are currently seeking a Senior Cyber Security GRC Analyst to join FinXL and t...
Location
Location
Australia , North Sydney
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Senior Cyber Security GRC Analyst
  • Strong experience in Cyber Security GRC, Risk, or Compliance roles
  • Experience working with control frameworks such as NIST SP 800-53
  • Experience writing policies, standards, and control documentation from scratch
  • Experience conducting control assurance, testing or audit support activities
  • Experience in stakeholder engagement, running workshops & influencing outcomes
  • Experience implementing security controls
  • Experience in control uplift or transformation programs
  • Experience translating NIST security controls into clear, business-friendly requirements
  • Experience defining control objectives, parameters & implementation guidance aligned to organisational context
Job Responsibility
Job Responsibility
  • Support the definition, documentation & assurance of security controls aligned to NIST SP 800-53
Read More
Arrow Right

Cyber Architect - Info Security Tech Senior Analyst

The Cyber Architect - Info Security Tech Senior Analyst is an intermediate level...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Additional technical certifications are preferred
  • Demonstrated ability to research and apply current information regarding the IS field
  • Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD) Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
  • Strong knowledge of security for applications related to authentication / authorization, data protection, session management, data validation, and end point protections
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Plan, research, and design security architecture for IT systems and applications (internally developed as well as vendor supplied) for processing multiple classification levels of data on prem, and cloud
  • Determine the security controls for above, document appropriately and partner with IT architecture/development stakeholders to implement during early in system development life cycle
  • Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modelling. Ensure that security design and controls are consistent with organization's security architecture principals
  • Establish relationships with cross-functional areas including Business, Technology, and Compliance stakeholders and serve as a SECURITY subject-matter expert
  • Manage risk by analyzing the root cause of security issues, determining compensating controls, and driving remediation
  • Coordinate with system development and infrastructure units to identify Information Security (IS) risks and the appropriate controls for development, day-to-day operation, and emerging technologies
  • Perform regular assessments based on changes in the threat landscape
  • Provide information security support with related activities during systems development (e.g. authentication, encryption)
  • Identify significant IS threats and vulnerabilities
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Cyber / Tech 2nd LOD Senior Lead Analyst, Senior Vice President

The Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi...
Location
Location
Poland , Warsaw
Salary
Salary:
340990.00 - 580610.00 PLN / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in technology and cyber risk assessments, metrics, enterprise technology services, risks, and controls within globally complex, dispersed, and diverse organizations
  • Advanced knowledge and experience leading control design and operating effectiveness evaluation, testing, and reporting with a track record of influencing effective risk mitigation strategies
  • Excellent presentation skills as well as the ability to effectively communicate complex topics to a broad audience
  • Advanced proficiency in creating written executive materials and mastery in verbal presentation to Executive audiences
  • Outstanding communication and influencing skills, with the ability connect with individuals throughout all levels of the organization and with external partners and vendors
  • Exceptional relationship management skills, including demonstrable experience managing through conflict and issue resolution with senior stakeholders
  • Proven ability to work within teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology / cyber risk insights to value-add risk mitigation solutions
  • Subject matter expert in one or more industry standard risk management frameworks (including ISO27001, COBIT, TOGAF and CRI for example), and an in-depth understanding of technology and cyber risk mitigation strategies
  • Deep knowledge of products within the coverage area (e.g, Markets, Banking), including a technical understanding of current and emerging trends as well as the ability to apply in-depth understanding of the business impacts of technical contributions
  • In-depth knowledge of technology and cyber risks and controls across various information system architecture and engineering domains including data protection, identity and access management, vulnerability management, network security, endpoint security, logging and monitoring, incident management, and third-party management
Job Responsibility
Job Responsibility
  • Manages internal projects on threat issues that support a variety of participants and stakeholders measuring the effectiveness and comprehensiveness of Citi’s first line defenses
  • Establishes and oversees the application of compliance and technology and cyber policies and procedures, technology and tools, and governance processes to provide credible challenge for minimizing losses from technology and cyber risks
  • Independently assesses technology and cyber risks and drive actions to address the root causes that persistently lead to operational risk losses by challenging both historical and proposed practices
  • Leads independent assurance activities to assess areas of concern including substantive and controls testing
  • Monitors, evaluates, and challenges Key Risks and associated Key Risk Indicators triggers and thresholds
  • Identifies potential risks associated with program/project delivery on a technical and detailed level
  • Leads various second line of defense technology and cyber assessments including risk assessments, control assessments, maturity assessments etc
  • Assesses technology and cyber risks associated with new initiatives and programs being proposed for implementation
  • Challenges the design, adequacy and strength of the control environment associated to technology and cyber and recommends actions to ensure the operational risk profile is in line with the technology and cyber risk appetite
  • Executes ad-hoc activities for the TCCORO organization, including but not limited to: researching and producing materials for presentations of deep dives into selected topics, coordinating deliverables related to audits and examinations, and maintaining associated data for executive reporting
What we offer
What we offer
  • Employer paid Defined Contribution Pension Plan contribution of 6% of employee’s pensionable earnings (PPE Program)
  • Employer paid Private Medical Care Package for employees and Private Medical Care Packages for certain family members available at preferential rates
  • Employer paid Life Insurance Program for employees and Life Insurance for certain family members available at preferential rates
  • Employee Assistance Program financed by Employer
  • Paid Parental Leave Program (maternity and paternity leave
  • statutory and 2 weeks additional paid paternity leave)
  • Sport Card for employees subsidised via Social Benefits Fund and Sport Cards for certain family members available at preferential rates
  • Additional benefits from Company’s Social Benefit Fund, in particular: Holidays Allowance, support for sport and cultural activities, team building events
  • Additional day off for volunteering
  • Cafeteria/ flex benefit
  • Fulltime
Read More
Arrow Right

Senior Analyst – Security Operations Center, Operations Technology

Are You Ready to Make It Happen at Mondelēz International? Join our Mission to L...
Location
Location
Philippines
Salary
Salary:
Not provided
remotivatejobs.com Logo
RemotivateJobs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Information security, compliance and risk management
  • Security solutions and their applicability to Mondelēz International
  • Security strategies, awareness campaigns, policies/standards and governance
  • Communicating effectively with technical specialists, leaders and peers
  • Analytical and problem-solving abilities
  • Being a team player by supporting and leading to achieve common goals
Job Responsibility
Job Responsibility
  • Assess information security risks in line with internal policy and external best practices
  • Support the security of information and IT assets by testing security systems and applying security standards, policies, and procedures
  • Under the guidance of the global information security lead, implement cyber security technology and provide day-to-day business support
  • Manage third-party providers to ensure that any internal or third-party adhere to standards
  • Provide information security training to appropriate teams
  • Fulltime
Read More
Arrow Right

Email Security Senior Analyst (Vice President)

The Email Security Senior Analyst is responsible for providing expert support an...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent work experience
  • IS Certifications are desired (CISSP, GSEC, GCFA,GREM, Security+, CISA, CISM). Email vendor certifications a plus
  • Strong experience with configuration, administering, troubleshooting email routing and filtering in Exchange, Exchange Online, Proofpoint and other enterprise level email security gateways (such as inbound routes, whitelists, email firewall rules, spam/AV, logging/reporting, TAP, TRAP, domain rewrites, secure messaging and recipient verification)
  • Experience in analyzing domain email activity and deploying SPF, DKIM and DMARC authentication
  • Experience with enterprise phishing defense concepts and technologies
  • Minimum 3+ years working in security engineering or security operations role, with a focus on email security
  • Cross-functional understanding of email operations, security practices and the user experience
  • Highly technical and analytical expertise, with a proven deep background (preferred 5+ years’ IT experience in addition to cybersecurity) in technology design, implementation, and delivery
  • Strong understanding of and demonstrated experience with the tools and sources available to conduct email and threat analysis
  • Ability to identify and develop new processes to address cross-functional and cross-business requirements and implement
Job Responsibility
Job Responsibility
  • Provide expertise and experience to existing and future functions and projects focused on email threats and controls
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Analyze and provide oversight of analysis of email threats and controls
  • Provide leadership, solution design, and hands-on development support for email security controls
  • Develop and manage processes to track identified incidents to resolution
  • Develop weekly, monthly, quarterly, and annual metrics and reports as needed
  • Develop written analytical reports and give presentations on findings
  • Triage information received from vendors and process that information through previously defined internal workflows
  • Manage third party vendors to ensure proper delivery of services
  • Manage meetings with internal stakeholders to address open issues and identify process improvements
  • Fulltime
Read More
Arrow Right