About Cloud Infrastructure & Security Services: Cognizant's Cloud, Infrastructure, and Security Services Practice (CIS), is all about embracing digital transformation by driving core modernization holistically across layers! We help customers transform infrastructure and workplace to meet the rapidly evolving needs of the digital era! Our holistic approach delivers key results for our customers by achieving cloud driven modernization and workplace and operational transformation to run the business in a secure environment.
Under the general supervision of the leadership for the Governance, Risk Management and Compliance Accelerator (GRC Accelerator) capital project, the Senior Technical Business Analyst – Integrated Risk Management & SecOps is expected to provide technical business analysis expertise in the area of assessing, identifying, designing/re-designing, and implementing cybersecurity, enterprise risk and data privacy processes in a GRC platform.
The candidate will be required to work with project teams, service providers, and business units internal and external to the client's IT function. The candidate is expected to bring pragmatic technical business analyst experience allowing for the client to meet its present and emergent business needs in the areas of cybersecurity, enterprise risk management and data privacy.
Specific responsibilities include: Develop strong understanding of the following domains at client, and the underlying enabling processes, procedures, and systems: a) cybersecurity governance risk and compliance and security operations
b) data privacy and
c) enterprise risk management
2. Conduct workshops with multiple customer function (cybersecurity, data privacy, enterprise risk management, architecture, product and platform teams, some business functions), to
a) capture their as-is-process needs, current pain-points and
b) design a to-be-model to address the pain-points resulting in streamlined, efficient, effective, and auditable processes. Related expected work include but are not limited to business requirements, functional requirements, detailed technical solution implementation requirements and documented processes (including detailed process flows) for the to-be model.
3. Review, analyze and design a common data access model for cybersecurity (GRC and SecOps), data privacy and enterprise risk management.
4. Work closely with developers, testers, and a broad range of platform teams to ensure accurate implementation of technical requirements.
5. Collaborate with domain authorities and other partners to develop the detailed technical solution requirements, sprint backlogs, including sprint planning, reviews, and story refinement sessions, etc.
6. Work with the Project Manager to develop and lead the Product Backlog for the project.
7. Conduct review of the various category of requirements with relevant team members and domain experts and seek approval from appropriate governance functions.
8. Participate in the review of design artifacts to ensure alignment with business needs and solution requirements.
9. Create acceptance criteria in collaboration with key collaborators and seek approval from appropriate governance functions. Ensure review of test cases to ensure comprehensive test coverage.
10. Support integrated system testing as needed.
11. Support demos to customers and coordinate user acceptance testing (UAT) for the end users, where applicable.
Experience must include: Leading complex, multi-disciplinary projects as the Senior Business Analyst
Practical, hands-on working knowledge with both Waterfall and Agile environments
Hands-on use of Azure DevOps tool for handling development and design artifacts.
Requirement Analysis: Experience in gathering and analyzing business/functional/technical implementation requirements for refined migrations from Archer to ServiceNow implementation.
Process reengineering: Experience with reviewing, analyzing, and redesigning (for robustness, efficiency, effectiveness, and simplicity) cybersecurity governance risk and compliance and security operations that were previously in Archer, but need to move to another GRC platform e.g., ServiceNow.
Documentation Skills: Proficiency in creating comprehensive documentation, including process flows, functional and technical specifications.
Technical Experience: Deep understanding and hands on working experience of ServiceNow Integrated Risk Management (IRM) and Security Operations modules. Prior similar experience with Archer is a plus.
Required Soft Skills Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.
Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity, and responsibility. Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results.
Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers. Interpersonal skills that create openness and trust among colleagues.
Ability to work well under pressure and to meet tight deadlines, whilst demonstrating a high level of motivation, confidence, integrity, and responsibility.
Education Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10 years of relevant experience in regulated industries; OR Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 5 years of relevant experience in regulated industries. #LI-NC1
