Cybersecurity Business Analyst

Job Title: Business Analyst – TIBER / TLPT Readiness

Department: Cyber Security / Operational Resilience

Location: Hybrid (onsite + remote)

Contract Role

Role Overview

Business Analyst required to support TIBER-EU / TLPT (Threat-Led Penetration Testing) readiness. The role involves analysing business processes, identifying critical assets, mapping systems and dependencies, and ensuring organisational readiness for DORA-aligned regulatory testing. You will work closely with Cyber Security, Threat Intelligence, Red Team providers, and business stakeholders.

Key Responsibilities

Analysis & Documentation

• Conduct critical business service and function analysis aligned to TIBER and DORA
• Map end-to-end processes, data flows, systems, and dependencies
• Produce Targeted Systems Scope (TSS) and Targeted Testing Scope (TTS) documentation
• Identify and document critical assets: systems, data, people, third parties, architecture
• Support Threat Intelligence Report (TIR) and scenario development

Stakeholder Engagement

• Work with SMEs to gather business and technical requirements
• Facilitate workshops, interviews, and scoping sessions
• Coordinate with Threat Intelligence and Red Team providers
• Translate technical cyber concepts into business language

Governance & Delivery

• Support Project Manager with planning, risks, and reporting
• Track readiness activities, gaps, and dependencies
• Contribute to steering committee and regulatory updates
• Ensure alignment with TIBER-EU, DORA, and internal frameworks

Readiness & Control Assessment

• Identify control weaknesses, detection gaps, and process vulnerabilities
• Assess Blue Team detection capabilities against threat scenarios
• Support remediation planning ahead of Red Team testing

Test Support

• Support coordination during Red Team execution
• Ensure correct business response (no tip-offs, confidentiality maintained)
• Maintain and update scope, SMEs, and documentation

Skills & Experience

Essential

• Business Analyst experience in Cyber Security, Risk, or Operational Resilience
• Strong knowledge of TIBER-EU, DORA, and TLPT
• Experience in process mapping, data flows, and system dependency mapping
• Understanding of threat intelligence and attack scenarios
• Strong documentation, analysis, and stakeholder management skills
• Experience in regulated environments (Banking, Insurance, Financial Services)

Desirable

• Previous TIBER / TLPT programme experience
• Knowledge of MITRE ATT&CK, Cyber Kill Chain, Red/Purple Teaming
• Understanding of IT architecture or information security

Qualifications (Preferred)

• BCS Business Analysis or similar
• CISSP, CISM, CRISC or equivalent
• TIBER / Red Team training

Personal Attributes

• Analytical and detail-oriented
• Strong communicator and facilitator
• Able to simplify complex technical concepts
• Highly organised and comfortable in regulatory environments