About

Business Analyst - Cyber Security Annual Salary: £45,084 to £55,435 per annum experience dependent + 12.5% employer pension + private medical insuranceLocation: Bristol – with parkingJob Type: Full-time We are seeking an experienced Business Analyst with a strong understanding of Secure by Design principles, ideally aligned with UK government cyber security frameworks. This role is crucial for integrating business needs with cyber security requirements to ensure that services are designed, built, and maintained with security from the outset. Day-to-day of the role: Elicit and document business and functional requirements with embedded security and privacy considerations.Produce security-aware artefacts, including Business Requirements Documents (BRDs), Functional Specifications, Threat Modelling inputs, Risk Assessment reports, and Security Requirements Traceability Matrix (SRTM).Support the identification and documentation of service assets, data flows, and access controls.Contribute to security risk assessments, Data Protection Impact Assessments (DPIAs), and asset classification activities.Facilitate workshops with security, compliance, and technical stakeholders to capture security obligations.Ensure traceability from security requirements through to test validation and service go-live.Support the secure onboarding and retirement of service components, aligned with UK government guidance. Required Skills & Qualifications: 3-5 years of experience as a Business Analyst in secure or regulated environments.Demonstrable experience working on security-critical, compliance-driven, or government-led programmes is ideal but not essential.Strong knowledge in designing operational processes and service transition.Familiarity with Secure by De