PAM Business Analyst

PAM Business Analyst
Utilities
Predominantly remote: 1 day per month in Warwick
6 months+
£550 per day

In short: We require a Business Analyst with strong experience with Privileged Access Management to assist in improving the controls around our chosen PAM solution, CyberArk.

Essential: please only apply if you have real-world, demonstrable experience of PAM.

In full:

The role supports the enhancement of our Identity and Access Management (IDAM) capability and will be working across IDAM and Privileged Access Management (PAM).

The IT Cyber Technical Business Analyst is responsible for:

• Assessing business needs, converting these into requirements, processes, and producing the documents that will allow the definition, development and implementation of a solution that will meet these needs. They will create and provide input to a range of other project deliverables, and work across the entire development life cycle
• Discovery activities to perform a large-scale user access review (UAR)
• Creating IDAM and PAM control operation processes and standard operating procedures to transition tooling and capability into Business As Usual (BAU) activity

Key accountabilities:

• Collect, understand, and transmit the business requirements following the MoSCoW methodology for the project and translate these into functional specifications and detailed test plans.
• Analyse the requirements and ensure that the business and operations areas have been considered, challenging the originator as required.
• Impact assesses any change-proposals to baselined requirements providing recommendations to programme change control governance.
• Leading discovery activity either for a user access review or privileged account onboarding
• Provide documented proof of test results for business sign off.
• Analysing and improving business processes or creating from scratch
• Communicate, translate, and simplify business processes to ensure buy-in from all stakeholders
• Work with Operations and engineers to ensure that they understand the processes
• Conduct business process modelling and generate applicable scenarios
• Perform basic consulting activities (information gathering, analysis, problem resolution and presentation) in accordance with assignment objectives.
• Facilitate or Chair meetings with internal and external stakeholders representing the position of the organisation/department/project/service. Facilitate views and opinions of senior staff, peers and representatives from external organisations and produce supporting meeting documentation.
• Present data in various forms to suit the audience, using graphical and other techniques to large groups to portray the required information, offering supporting narrative as necessary.
• Identifying and reporting on risks, issues and dependencies
• Provision of business analysis support to non-business analysis resource undertaking analytical tasks.
• Perform role of Client Lead on workstreams, typically project managed by Information Technology.

Knowledge/experience:

• Experience working in security on Identity and Access Management programmes (or equivalent)
• Technical Business Analysis: Expertise with the application of Business Analysis techniques, methods and tools; experience of the implementation of Business Analysis techniques, methods and tools as well as the enhancement of their application
• Business Modelling: In-depth knowledge of business modelling techniques and experience in obtaining input from and communicating modelling results to senior managers for agreement.
• Data Modelling: Experience of establishing and maintaining a data structure using data analysis and data modelling techniques
• Experience of creating requirements, processes and specifications
• Excellent written and verbal communication skills to create unambiguous project artifacts.
• Stakeholder Relationship Management/Consultancy: Experience of using established consulting activities and techniques including facilitating stakeholder groups for eliciting stakeholder requirements.
• Working knowledge of Agile and Waterfall Methodologies

Desirable

Knowledge of cybersecurity regulations (NIS Regulations) and frameworks, eg, ISA/IEC 62443 or NIST Cyber Security Framework.

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.