A major Insurance organisation is seeking an experienced Cyber Security Business Analyst to lead various cyber security projects.

Long term contract engagement.

Lead cyber projects across Compliance, IAM and DLP uplift, Vulnerability Management and more.

In office in North Sydney 2x per week

Responsibilities:

• Lead end-to-end business analysis across a portfolio of cyber security projects including IAM uplift, DLP implementation, Vulnerability Management, and Compliance programs
• Elicit, document, and manage security requirements through workshops, interviews, and stakeholder engagement across business and technical teams
• Produce high-quality BA artefacts including BRDs, user stories, process maps, RACI matrices, and gap analyses
• Act as the key liaison between cyber security teams, IT, and business stakeholders - translating technical requirements into actionable outcomes
• Support governance and reporting activities, including steering committee updates, risk registers, and compliance documentation
• Identify and manage project risks, issues, and dependencies, escalating where appropriate

Desired Experience:

• 5+ years' experience as a Business Analyst in a cyber security or information security context
• Demonstrated experience delivering across IAM, DLP, and Vulnerability Management programs
• Strong understanding of security compliance frameworks (ISO 27001, NIST, Essential Eight, or equivalent)
• Proven ability to elicit, document, and manage complex security requirements across technical and business stakeholders
• Experience writing BRDs, user stories, process maps, and gap analyses in a security uplift context