Cybersecurity Business Analyst

Work Location

100% Remote 

Description

In this role, they will support the Department of Veterans Affairs (VA) CSOC team, particularly focusing on the VA Enterprise Cloud (VAEC) security audit effort. The ideal candidate will have a strong background in business process analysis, change management, and cybersecurity compliance.

Responsibilities

●     Help to establish and maintain a baseline for the VAEC audit efforts.

●     Track and report progress, ensuring all audit activities are documented and communicated effectively.

●     Track the fully updated inventory of cloud systems and assets with corresponding system owners.

●     Ensure accurate and up-to-date records of all cloud systems and related assets.

●     Collect and track metrics and Objectives & Key Results (OKRs) for cloud compliance regarding security capabilities, including Endpoint Detection and Response (EDR), Operating System logging, Tenant Administration logging, External connection compliance, and Compliance with VA vulnerability remediation policy.

●     Help identify gaps in people, processes, and technologies and support plans initial and to address these gaps.

●     Lead change management activities by applying a structured methodology and ensuring adherence to the defined processes.

●     Develop and execute change management plans to support the successful implementation of cybersecurity initiatives.

●     Analyze current business processes related to cybersecurity and identify areas for improvement.

●     Work closely with project managers, cybersecurity engineers, and other stakeholders to ensure alignment and effective communication.

●     Prepare and present reports, updates, and recommendations to senior management and relevant stakeholders.

Requirements

●     Bachelor's Degree or higher is preferred

●     3+ years of experience in in business process analysis, change management, or a similar role, preferably within a cybersecurity or IT environment.

●     Strong understanding of cybersecurity principles, particularly in cloud environments is preferred.

●     Certification in Change Management (e.g., Prosci) or Business Analysis (e.g., CBAP) is a plus.

●     Proficient with program/project management and collaboration tools such as Microsoft SharePoint, Planner, Project, and Teams.

●     Familiarity with cloud technologies (AWS, Azure, Google Cloud) and federal IT security regulations (CISA, DISA) is a plus.

●     Excellent organizational skills and attention to detail, with the ability to manage multiple tasks simultaneously.

●     Exceptional written and verbal communication skills

●     Exceptional analytical and conceptual thinking skills

●     Strong people skills and ability to work collaboratively with a team of peers