Logo of Huzzle

Home

Matches

Explore

Manage

Business Analyst

image

UST

2mo ago

  • Job
    Full-time
    Senior Level
  • Consulting
    Business, Operations & Strategy
  • Toronto

AI generated summary

  • You should have 5-7 years in Identity & Access Management, CyberArk expertise, strong communication skills, ability to analyze problems, and knowledge of JIRA, ServiceNow, Confluence, and tech controls.
  • You will develop tech risk reports, assess controls, define security strategies, guide partners on tech policies, ensure compliance, support audits, and improve processes while managing stakeholder relationships.

Requirements

  • Information Security Certification / Accreditation an asset.
  • 5-7 years of relevant experience, especially with Identity & Access Management concepts and tools, especially CyberArk
  • Sound to advanced knowledge of business, technology controls, security, and risk issues.
  • Effective business communicator, written and in person.
  • Be a resource/SME to internal customers, as well the team.
  • Ability to analyze and problem-solve issues.
  • Using JIRA and ServiceNow to action integration tasks, such as CyberArk plug-ins and Application Access Manager (AAM) activities based on discussions with internal customers.
  • Be able to consult, and utilize the knowledge gained, to perform integrations.
  • Advanced knowledge of one or more technology controls or security domains, disciplines, and practices.
  • Document processes, new or existing, to better the team's information, using Confluence and other collaboration tools.
  • Be able to manage several different tasks effectively, within delivery deadlines.
  • Ability and commitment to serve as a subject matter expert on business-specific, cross-functional and enterprise initiatives.
  • Programming or scripting skills are an asset.
  • Systems administrator (operating system, database, mainframe) skill are an asset.
  • Demonstrated ability to participate in projects of moderate to high complexity.

Responsibilities

  • Develop on-going technology risk reporting, monitoring key trends and defining metrics to measure control effectiveness for your own area.
  • Engage in assessments related to risk, controls, implemented control procedures, vulnerability, etc.
  • Actively contribute to the definition, development, and oversight of a global security management strategy and framework.
  • Contribute to risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
  • Guide and advise partners on a broad range of specific Technology Controls and Information Security programs, policies, standards, and incidents.
  • Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats to our client.
  • Apply a teamwork philosophy with technology and partners, service, or platform owners to integrate all technology security components and address control gaps.
  • Consult on regulatory compliance requirements, reporting and questions.
  • Provide support and consulting for Audits, help compose management responses and appropriate remediation activities.
  • Adhere to policies, procedures, technology control standards and regulatory guidelines.
  • Contribute to internal activity and process review, flag windows for improvement.
  • Manage relationships with other technology/business/corporate/control functions.
  • Assess, identify, and escalate issues appropriately.

FAQs

Do we support remote work?

Yes, we support remote work in a hybrid format.

What is the primary responsibility of the Business Analyst role?

The primary responsibility is to provide specialized expertise in assessing risks, identifying potential gaps, and offering security solutions to mitigate risks and protect our clients.

What qualifications are required for this position?

Candidates should have 5-7 years of relevant experience, particularly in Identity & Access Management, and should possess an Information Security Certification or Accreditation as an asset.

What tools and technologies are used in this role?

The role involves using tools like JIRA and ServiceNow for integration tasks, as well as CyberArk and Application Access Manager (AAM) activities.

Is prior knowledge of security controls and risk issues necessary?

Yes, a sound to advanced knowledge of business, technology controls, security, and risk issues is required for this position.

How many paid vacation days do full-time employees receive each year?

Full-time employees accrue a minimum of 10 days of paid vacation per year.

Are there any benefits related to healthcare?

Yes, employees and their dependents residing in Canada are eligible for Supplemental Healthcare coverage.

What are the values that UST emphasizes?

UST emphasizes three core values: Humility, Humanity, and Integrity.

What is expected in terms of communication skills for this position?

Effective business communication skills, both written and in-person, are essential for this role.

Is programming or scripting experience considered an asset for this position?

Yes, programming or scripting skills are considered an asset for the Business Analyst role.

What is the compensation range for this position in Ontario?

The compensation range for this position in Ontario is $108,000 to $132,000.

image

UST

IT Services and IT Consulting

Technology
Industry
10,001+
Employees

Mission & Purpose

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 26,000 employees in 25 countries, UST builds for boundless impact—touching billions of lives in the process.