GRC - Technical Business Analyst
Location: Anywhere in United States, remote
Logistics
This position is remote, with business travel expectation every quarter.
The selected candidate may work remotely from Washington, DC. or any of the 50 states of the United States, except for 1 week (3 days in 1 week i.e., Tuesday- Thursday) every quarter (i.e., every 3 months) where it is mandatory that candidate physically work from the client’s HQ offices in Washington, DC
.
Overview
Under the general supervision of the leadership for the Governance, Risk Management and Compliance Accelerator (GRC Accelerator) capital project, the
Senior Technical Business Analyst – Integrated Risk Management & SecOps is expected to provide technical business analysis expertise in the area of assessing, identifying, designing/re-designing, and implementing cybersecurity, enterprise risk and data privacy processes in a GRC platform.
The candidate will be required to work with project teams, service providers, and business units internal and external to the client’s IT function. The candidate is expected to bring pragmatic technical business analyst experience allowing for the client to meet its present and emergent business needs in the areas of
cybersecurity, enterprise risk management and data privacy.
Specific Responsibilities Include
- Develop strong understanding of the following domains at client, and the underlying enabling processes, procedures, and systems:
- cybersecurity governance risk and compliance and security operations
- data privacy and
- enterprise risk management
- Conduct workshops with multiple stakeholder function (cybersecurity, data privacy, enterprise risk management, architecture, product and platform teams, some business functions), to
- capture their as-is-process needs, current pain-points and
- design a to-be-model to address the pain-points resulting in streamlined, efficient, effective, and auditable processes. Related expected deliverables include but are not limited to business requirements, functional requirements, detailed technical solution implementation requirements and documented processes (including detailed process flows) for the to-be model.
- Review, analyze and design a common data access model for cybersecurity (GRC and SecOps), data privacy and enterprise risk management.
- Work closely with developers, testers, and a broad range of platform teams to ensure accurate implementation of technical requirements.
- Collaborate with subject matter experts and other stakeholders to develop the detailed technical solution requirements, sprint backlogs, including sprint planning, reviews, and story refinement sessions, etc.
- Work with the Project Manager to develop and manage the Product Backlog for the project.
- Conduct review of the various category of requirements with relevant stakeholders and subject matter experts and seek approval from appropriate governance functions.
- Participate in the review of design artifacts to ensure alignment with business needs and solution requirements.
- Create acceptance criteria in collaboration with key stakeholders and seek approval from appropriate governance functions. Ensure review of testcases to ensure comprehensive test coverage.
- Support integrated system testing as needed.
- Support demos to stakeholders and coordinate user acceptance testing (UAT) for the end users, where applicable.
Experience Must Include
- Leading complex, multi-disciplinary projects as the Senior Business Analyst
- Practical, hands-on working knowledge with both Waterfall and Agile environments
- Hands-on use of Azure DevOps tool for managing development and design artifacts.
- Requirement Analysis: Experience in gathering and analyzing business/functional/technical implementation requirements for refined migrations from Archer to ServiceNow implementation.
- Process reengineering: Experience with reviewing, analyzing, and redesigning (for robustness, efficiency, effectiveness, and simplicity) cybersecurity governance risk and compliance and security operations that were previously in Archer, but need to move to another GRC platform e.g., ServiceNow.
- Documentation Skills: Proficiency in creating comprehensive documentation, including process flows, functional and technical specifications.
- Technical Experience: Deep understanding and hands on working experience of ServiceNow Integrated Risk Management (IRM) and Security Operations modules. Prior similar experience with Archer is a plus.
Required Soft Skills
1. Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
- Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
- Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.
- Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility. Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.
- Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers. Interpersonal skills that create openness and trust among colleagues.
- Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.
Education
- Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience in regulated industries; OR
- Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 5 years of relevant experience in regulated industries.
- Applications will be accepted until 9/16/2024
Salary And Other Compensation
- The annual salary for this position is [$84,600 to $154,00] depending on experience and other qualifications of the successful candidate.
- This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:
Medical/Dental/Vision/Life Insurance
Paid holidays plus Paid Time Off
401(k) plan and contributions
Long-term/Short-term Disability
Disclaimer: The benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Why Cognizant?
Collaborate with a community of experts to enhance and expand your skills.
Join a team where global culture adopts diversity of thought and background.
Find balance with our hybrid model that prioritizes your health, safety and well-being.
Opportunity to work for leading global companies while advancing your career.