Fruition Group
Job title:
Security Business Analyst
Company
Fruition Group
Job description
Security Business Analyst
Remote (UK-based)
Competitive daily rate, Outside IR35
6 months with chance of extensionWhy Apply?
This is a unique opportunity to contribute to a large-scale uplift of security posture across a global organisation operating at enterprise scale. Following a refresh of security policies aligned to NIST CSF v2.0, the company requires a strong Security Business Analyst to carry out a broad review of systems, infrastructure, and applications. This role will focus on identifying legacy security issues, performing gap analysis, and assessing how fit-for-purpose existing security controls are under the updated standards.Key Responsibilities
- Perform end-to-end security control assessments across infrastructure, enterprise applications, SaaS platforms, and bespoke systems.
- Review current (“as-is”) environments and conduct gap analyses against the organisation’s new security control framework based on NIST CSF v2.0.
- Identify weaknesses or outdated practices and define clear, actionable remediation plans in partnership with other teams.
- Dig into legacy security issues and help shape the future state of security posture.
- Work across a wide stack including AWS, GitHub Enterprise, Slack, Zoom, Atlassian, and SaaS tools like Workday, Workiva, and EquatePlus.
- Partner with internal stakeholders to ensure compliance and drive down organisational risk.
What We’re Looking For
- Proven experience in security auditing and assessment across a broad range of technologies.
- Strong working knowledge of cloud platforms, enterprise infrastructure, and SaaS environments.
- Ability to dig into security controls and evaluate them against formal security frameworks.
- Experience conducting risk assessments, performing gap analysis, and recommending mitigations.
- Confident working with technical and non-technical stakeholders to influence remediation strategies.
- Desirable exposure to tools such as Splunk, Crowdstrike, AWS, Kubernetes, or MITRE ATT&CK.
Expected salary
Location
England
Job date
Sun, 29 Jun 2025 06:51:52 GMT
To help us track our recruitment effort, please indicate in your email/cover letter where (jobsjobs.org) you saw this job posting.