AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals and minerals – safely, efficiently and more sustainably.

We’re the first software business in the world to have our sustainability targets validated by the SBTi, and we’ve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We’ve also recently been named as one of the world’s most innovative companies.

If you’re a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers.

For more information about our privacy policy and how to manage cookies, visit our Privacy Policy.

Role: Senior Security Business Analyst

Location: London, United Kingdom

Employment type: Full-time regular

Benefits: Competitive package with an attractive bonus plan, regionally specific benefits ranging from above the norm paid vacation, contributions to retirement investment plans or pensions, insurances and a many other memberships and perks designed to enhance the workplace experience, your health, and wellbeing. 

The Job

The Senior Security Business Analyst is a seasoned professional responsible for supporting complex, high-impact Digital Security projects within AVEVA. This role supports the information and cyber security control owners and control operators in AVEVA to analyse the control needs, document the as-is and to be processes, prioritize and implement relevant control processes and systems effectively while ensuring alignment with the AVEVA’s cybersecurity standards and business objectives using appropriate behaviours, techniques, and frameworks.

Responsibilities

Accountable for documenting and analysing Security Control requirements in a way that the security and business teams understand and approve them, and other delivery team members can successfully utilize them to deliver expected outcomesEnsures the solution meets the cybersecurity control and project requirements. Should have strong understanding of business processes, cybersecurity and analyses complex business problems to be solved with IT technologies.Supports the security team to define stakeholder groups and develop good working relationships with these parties to understand their goals and objectives and their vision for change.Help to prioritize the work within the Information and Cyber Security backlogDevelops detailed functional, system and project specific requirementsMaintain commonly accepted templates to enable consistent and thorough project scoping and business requirements definitionWork closely with cybersecurity solutions architect and the project manager to review and confirm the decision(s)Escalate any scoping and requirements risks to project managementOwn the UAT project phase and support business stakeholders in understanding the change and creating test scenariosWork on business analysis activities for Security, liaising with IT, Product, R&D, Sales, marketing, Finance, HR, Legal, Global Delivery Services, and Global Customer Support customers as necessaryRecommend improvements to working practices within and outside of the business analysis functionRaise risks, issues, and dependency within and across the Security, Business and IT portfolio as appropriateSupports definition of service strategy, service design, continues service improvement service transition into BAUSupports definition of SLAs/KPIsSupports client engagement and campaigns

Skills and Qualifications

Bachelor's degree in Information Technology, Computer Science, Cyber Security, Engineering or a related field (Master's degree preferred)Any BA qualification such as PMI-PBA, BCS International Diploma in Business Analysis or equivalent is a plusKnowledge and extensive experience with project management methodologies (e.g., Agile, Scrum, Waterfall).Exceptional leadership, communication, stakeholder management, and negotiation skills.Proficiency in project management software and tool such as Microsoft Project, Azure DevOps, Trello, JIRA etcStrong analytical and strategic thinking capabilities5+ years of experience in IT and Cyber Security Projects, with a demonstrated history of supporting delivery of large-scale, high-impact projects as a Business AnalystExperience of delivering Information and Cyber Security Projects such as Vulnerability Management, Cloud Access Security Brooker, Data Security, Application Security Assessment, Threat Intelligence, SOC & SIEM, Identity Access Management, Network Security etc.Involved in the delivery of Infrastructure implementation and/or transformation projects, potential examples include Security Patching, Vulnerability Remediation, DC and Network Migrations etc. is a plusUnderstanding of Leading Internal Standards on Information and Cyber Security such as ISO27001, NIST Cyber Security Framework is desiredUnderstanding of Security Policies and procedures, Governance Risk and ComplianceProcess mapping using a recognized system i.e., Visio; Business Optix or equivalentData modelling and understanding of data structuresBusiness process management tools, Process mapping techniques and methodologies e.g., UML; BPMNEffective influencing and negotiating skills in an environment where this role may not directly control resources Strong knowledge and understanding of business needs, with the ability to establish and maintain a high level of customer trust and confidence Thorough understanding of current and emerging technologies and how other enterprises are employing them to drive digital business Demonstrated ability to develop and execute a project resource plan that ensures that the right people are in the right place doing the right things at the right time

Desirable Training and Certifications

Cyber Security Certifications such as CompTIA Security+, Certified Information Security Manager (CISM), Certified Information Security Professional (CISSP), Certified in Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Auditor (CISA).

AVEVA requires all successful applicants to undergo and pass a comprehensive background check before they start employment.  Background checks will be conducted in accordance with local laws and may, subject to those laws,  include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check.  Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.
 
Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.