Business Unit: Information Technology
Location: Halifax, Nova Scotia
Type of Employment: Regular, Full Time
Nova Scotia Power's greatest source of energy is our people. In a culture focused on safety and our customers, we're committed to providing exceptional service to our customers and rewarding jobs to our employees. We're hiring solution-minded people excited to help us grow into the future. We are currently looking to fill the position of Senior Business Analyst to join our Cybersecurity Program team.
Nova Scotia Power's Cybersecurity Program is responsible for delivering a series of projects to mitigate cybersecurity risks and threats that could affect our ability to safely, efficiently and cost effectively deliver electricity to Nova Scotians. This IT PMO position will work closely with project teams and across the Business to ensure projects meet their stated goals and timelines. You will be an integral part of the Business Analysis team, dedicated to Cybersecurity Program initiatives.
The Cybersecurity Business Analyst will concurrently support multiple projects and Project Managers within the Program, as well as assisting the Program Manager with broader corporate Cybersecurity initiatives and mandates. Part of your role is to maintain an understanding cybersecurity operational processes and projects to provide a lens of business-centric insight across the portfolio to ensure new technical solutions are aligned. Accountabilities will include, but not be limited to:
- Facilitate stakeholder workshops and conduct stakeholder interviews to elicit, document, validate and track business processes and requirements of all levels, including security requirements .
- Facilitate teams to develop user stories and define acceptance criteria.
- Utilize standard business analysis tools and techniques (process flow charts, swim lane diagrams, requirements traceability, SWOT analysis, deliverable creation, etc.) as appropriate.
- Work closely with solution owners, subject matter experts and technical support teams to ensure effective translation of business requirements into solution configuration and/or design specifications.
- Work closely with development and architecture teams to ensure that security is built into solutions as early in the lifecycle as possible.
- Work closely with business users to ensure that business processes are developed and implemented to enable optimal solution effectiveness.
- Work with operations teams to identify, analyze, recommend and implement business process optimization opportunities.
- Define and quantify new or changing project-driven user and support roles, FTE and skill requirements needed to operate and support the solution in steady-state.
- Work with the Organizational Change Management specialist contributing to the development and delivery of change management plans, training and job aids for end users.
- Work with the Test Analyst contributing to the development of Test Strategies, Scenarios and Scripts to ensure extensive testing of critical or complex requirements.
- Participate in solution threat risk analyses to ensure that any process-related risk mitigations are incorporated effectively into future state operations.
- Lead in the development of Operation Support Plans and Business Impact Assessments for all new Cybersecurity capability being brought into the organization by the Program.
- Lead work across the Business related to the organization's compliance with Cybersecurity Standards Framework.
- Work with the Program Team contributing to strategic planning, scheduling and communications.
- Work closely with application/service Vendors and Managed Service Providers to design process and task RACIs, to ensure that end-to-end service delivery is continuous, reliable, repeatable and supported, in all aspects of people, process and technology.
- A post-secondary degree with at least 5 years' practical experience in standard business analysis techniques and methodologies, in a technical environment.
- A professional Business Analyst Certification is required for this position; IIBA®'s Certified Business Analysis Professional (CBAP®) or equivalent is a must.
- IIBA®'s Certificate in Cybersecurity Analysis (CCA®) is a desired asset; Certified Information Systems Security Professional (CISSP®) is considered a strong asset.
- Knowledge of Office automation software such as Word, Excel, PowerPoint, email and collaboration software to write and share documentation, schedules, create reports and spreadsheets.
- The analytical skill to conduct gap assessments and convert business requirements into business cases/opportunity assessments.
- Ability to collect, evaluate and compress data and information from multiple sources, resolve conflicts and differentiate between actual and required user needs.
- Understanding of the cybersecurity landscape, current threats, technologies and key risks.
- Knowledge and experience with Organizational Change Management.
- Actionable understanding of the NIST Cybersecurity Framework is a must; familiarity with NERC/CIP, ISO 27001, and SOx are assets.
- Ability to flex and balance your workload across multiple initiatives, ensuring that deadlines are met while deliverable quality and completeness is maintained.
- Confidence working with and presenting to clients, colleagues and vendors at all levels of the respective organizations.
- The ability to problem solve, prioritize, make decisions and/or recommendations.
- Ability to analyze at a detailed level as well as to see the bigger picture and how individual initiatives and solutions relate to each other and contribute to the organization's security objectives.
- Excellent interpersonal skills and the ability to communicate technical concepts to non-technical clients and colleagues, including negotiation and influencing skills.
- Significant experience working in the delivery of information technology through projects, including direct experience with IT projects that have a significant cybersecurity component.
- Experience delivering through Agile project management techniques is desirable.
- Experience with implementation of IT solutions, including cloud and SaaS, and transition from project to operations.
- Practical experience with cybersecurity concepts, including security controls, threats, risks, vulnerabilities and mitigations, access control, encryption, securing solution layers, and patch and release management.
At Nova Scotia Power, our employees are our greatest strength. Our Leadership Competencies set standards that advance our business strategy, deliver results for customers, and provide career development for employees. As the ideal candidate for this position you speak up on health, safety and environment issues, and demonstrate a belief that all injuries are preventable. You support flexibility in the workplace and embrace change. An Electrical Engineering Technologist builds strong collaborative relationships with a commitment to a respectful, inclusive and productive work environment while demonstrating integrity and a commitment to operational excellence for our customers. Lastly, we encourage you to proactively ask questions and seek information to understand how your work relates to the business goals and make well informed decisions.
Reports to: Manager, Solution Development
Form of Application: Click the APPLY button at the end of the online job posting. Complete all required information fields, and copy and paste your covering letter and resume into the online form.
Salary: Commensurate with qualifications and experience
Must Be Received By: All interested candidates should apply no later than Dec 31st, 2020. Late applications may not receive consideration.
Recruitment and Promotion Policy: When filling vacant positions, we are determined to hire the best candidates available. We're committed to providing employees with a fair and equal opportunity to compete for jobs. Hiring and promotion of employees is based on skills, capabilities, knowledge and demonstrated abilities.
We value diversity in the workplace and strongly encourage applications from all qualified candidates including African Nova Scotians and other members of the visible minority community, Aboriginal peoples, persons with disabilities, and women in non-traditional roles.
Normally, unless otherwise requested in advance, the supervisors of internal candidates selected for an interview will be contacted in order to facilitate scheduling of the interviews. The supervisor will maintain the confidentiality of the employee's application.