Business Analyst (IT Security)


Business Analyst (IT Security)

  • Contract
  • Toronto
  • Posted 1 month ago

JO 2431: Business Analyst

Location: Toronto, Ontario

Anticipated Duration: 2 ½ years

Project Description

We are searching for a Business Analyst with a Security focus to lead, coordinate and participate in the gathering/elicitation of business and technical requirements from various stakeholders for documentation including, but not limited to, Business Cases and Scope of Services to support the procurement of new solutions / services.

Description of Duties / Scope of Work

  • Serving as a liaison between users/stakeholders and security team
  • Documenting and assessing current state processes, identify, analyzing and documenting process gaps and recommendations / improvements, and designing and documenting future state processes
  • Gathering, documenting and validating business, solution and technical requirements and producing requirements documentation
  • Developing functional, non-functional and technical specifications
  • Supporting system design, development and testing activities and provide requirements clarification as necessary; Configuring systems, testing configuration
  • Capturing, producing and tracking requirements information and documentation within SharePoint
  • Preparing user training material and training plan; plan user training sessions
  • Work with stakeholders and ITS teams to develop statement of intent and business
  • case documentation
  • Facilitating RFP process, liaising with SMEs and IT architects to write the key elements of the business and technical portions of the RFP, evaluating RFP responses and communicating with Procurement staff
  • Creating formal presentations and necessary project documentation for stakeholders, developing meeting objectives and agendas and taking meeting minutes, as required
  • Occasional site visits at client’s different GTA locations may be required.
  • The incumbent must be able to accept the required travel within GTA and comply with OHSA and Health and Safety policies and procedures in the workplace.

Mandatory Skills / Certification

  • Bachelor degree in Business, Computing Engineering or Science, or related relevant
  • Minimum 5 years’ experience as a business and/or process analyst
  • Experience using structured techniques for process discovery, requirements elicitation, validation and management, and business and systems analysis
  • Demonstrable experience in information and cyber security, and involvement throughout lifecycle of security policies, procedures and implementations
  • Demonstrable experience engaging with stakeholders from different business and technical areas; Experience dealing with complex problems, discovering requirements and recommending how to support through process and applications
  • Major IT implementation experience and understanding how systems are affected by business process change and security considerations
  • Excellent communicator, both verbally and written with ability to manage and influence stakeholders; Strong ability to sell recommendations and solutions by stating advantages and value in business terms
  • Experience in developing business cases
  • Experience in developing scope of services documentation, participating in RFI/RFP and the evaluation of vendor responses.

Other Skills / Certification

  • Self-motivated and is willing / able to work under pressure
  • Strong familiarity with industry Information Security standards and frameworks e.g. ISO 27K series
  • Familiarity and understanding of Key Performance Indicator (KPI) analysis and performance measurement
  • Expert knowledge of MS Office tools
  • Thorough understanding of project management and data security audit concepts
  • Experience with process for project selection, approval and budgeting
  • Real world experience utilizing a major process optimization framework such as Kaizen, Lean, Six Sigma, TQM, etc. is an asset
  • Hands-on experience developing process flow chart/diagrams and use of formal process notation such as BPMN-2.0
  • CBAP, PBA, PMP and/or Security certification(s) an asset
  • Public Service experience is an asset.


  • Documented current state and recommendations for process adjustments, improvements and integrations
  • Documented future state solution, processes, technology and human resources
  • Detailed process descriptions, models and other related artifacts
  • Analysis of costs and benefits of alternatives and business cases
  • Documented scope of services
  • Vendor and IT system Functional Requirements Documents and Specifications, and mapping of vendor solution to the requirements
  • Support to QA team to develop test cases and during testing execution
  • Training Materials and Training Plan based on approved solutions
  • Business capability and business process related artifacts, which may include maintaining tool based information and repositories
  • Process and policy documents associated workflows
  • Presentation materials and related documents
  • High level roadmaps, project and program plans
  • Project vision document, Requirement Management Plan, Use cases, User stories, Business Requirement Document, Requirement traceability matrix (RTM), Functional requirement specification (FRS)/ Functional Specification Document (FSD), System requirement specification (SRS)/ System Requirement Document (SRD), Test case and other project documentation & artifacts

Job URL:

Business Analyst Security


Apply Online