Description:
Business Analysis & Service Delivery
A primary responsibility is to analyze the needs of business users and translate these requirements into actionable items, such as user stories, epics, features, and well-defined acceptance criteria. This process is completed using agile methodologies, including frameworks like Scrum and Kanban.
The role involves facilitating formal workshops and daily stand-up meetings to gather and clarify requirements. An important aspect of this is managing product backlogs and ensuring that all deliverables are aligned with business priorities, as well as compliance standards.
Another key responsibility is to develop and execute test scripts, coordinate User Acceptance Testing (UAT), and manage the triage and resolution of defects. These activities are crucial for ensuring the delivery of high-quality software releases.
The documentation and mapping of business processes and workflows are also essential. This includes capturing both the current ("As Is") and future ("To Be") states to support regulatory compliance, such as financial audits, infosec audits and initiatives across the landscape i.e. legal entity separation, divestitures, domain migrations.
Understanding and any practical experience with HR, People & Culture, Workforce Management, and IT Service Management solutions would be ideal. Relevant systems include ServiceNow, Smartsheet, Jira, Zellis, and SaaS scheduling tools such as HumanForce and RotaGeek.
Compliance, Risk & Governance
This role coordinates compliance, risk, and governance activities across the organization. Responsibilities include conducting vendor security assessments, performing GDPR and data privacy impact assessments, and meeting SOX audit requirements for all enterprise IT applications.
Oversight of third-party risk management is also a core duty. This includes ensuring that all vendors meet ISO 27001 and SOC 2 standards, and that statements of applicability and audit documentation remain current and comprehensive.
Collaboration with the Chief Security Office and procurement teams is necessary to ensure the secure onboarding of new vendors, integration of Single Sign-On (SSO) solutions, and ongoing compliance for SaaS applications.
Maintaining up-to-date documentation and evidence is essential for both internal and external audits. This includes compliance with GDPR, SOX, CPRA, CCPA, HIPAA, PCI DSS, and other relevant regulatory requirements.