Security Business Analyst

The Security Business Analyst will support security initiatives from early concept through to delivery, helping define requirements, clarify priorities, and enable teams to move forward with confidence.

Collaboration is central to the role. Working closely with security specialists, IT teams, and business stakeholders, the role will help build shared understanding of challenges, priorities, and desired outcomes across multiple initiatives. Responsibilities will include facilitating workshops, guiding discussions, and driving alignment between technical and business teams.

The role requires translating complex or ambiguous inputs - including risk assessments, regulatory requirements, audit findings, and strategic objectives, into structured outputs such as business requirements, user stories, process maps, impact assessments, and supporting documentation.

Working across multiple initiatives simultaneously, the Security Business Analyst will help improve consistency, governance, visibility, and delivery alignment across the broader security portfolio., We're more interested in how someone approaches problem-solving, collaboration, and delivery than in ticking every box.

The ideal candidate will be comfortable working in fast-moving environments where priorities evolve and ambiguity exists. Strong communication skills, sound judgement, and the ability to build trusted relationships across technical and non-technical teams will be important to success in the role.

A structured and analytical mindset is essential, alongside the ability to simplify complexity, challenge assumptions constructively, and support practical decision-making. Strong candidates will be confident managing competing priorities while maintaining attention to detail and delivery outcomes.

Experience working across cross-functional teams within technology, cybersecurity, risk, or transformation environments will also be important., * Experience working as a Business Analyst within cybersecurity, technology, risk, or transformation-focused environments

• Proven ability to elicit, analyse, and document business, functional, and non-functional requirements across complex initiatives
• Experience supporting security transformation, remediation, compliance uplift, or security maturity improvement programmes
• Familiarity with recognised security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, or CIS Controls
• Exposure to enterprise security domains such as vulnerability management, identity and access management, cloud security, governance and compliance, or security operations
• Strong analytical and problem-solving skills, including experience with process mapping, gap analysis, workflow optimisation, and impact assessments
• Experience facilitating workshops, stakeholder discussions, and cross-functional decision-making sessions
• Ability to build trusted relationships and communicate effectively with technical and non-technical stakeholders at all levels of the organisation
• Experience supporting governance, reporting, risk tracking, and delivery visibility across multiple initiatives
• Familiarity with Agile, Scrum, Waterfall, or hybrid delivery methodologies, including use of tools such as Jira and Confluence
• Comfortable working within globally distributed, matrixed organisations managing competing priorities and dependencies

"Nice To Have" Skills and Experience:

• Exposure to complex technology environments such as semiconductor, engineering, cloud, or advanced technology industries would be beneficial
• Relevant certifications such as BCS Business Analysis, CBAP, CompTIA Security+, CISSP, are advantageous but not required

Enterprise Security is looking for a Security Business Analyst to join the Security Transformation & Performance team. This role sits at the heart of how security transformation is shaped and delivered at Arm. Working across diverse teams, the successful candidate will help turn strategic priorities, risks, and emerging requirements into clear, actionable outcomes that strengthen Arm's security posture and support the future of secure computing., This role is designed to grow over time. As context, relationships, and experience develop, there will be opportunities to take on greater ownership and play a key role in shaping how security initiatives are defined, prioritised, and delivered at Arm. Over time, the role will become a trusted partner within the team, helping improve consistency, support effective decision-making, and contribute to broader security transformation initiatives across the organisation. In Return: This is an opportunity to work on meaningful security challenges at a time when Arm is evolving rapidly and shaping the future of computing. Arm technology powers billions of devices worldwide, and this role will contribute to protecting what comes next. The position offers exposure to a wide range of teams, technologies, and ways of working across the business, alongside continued development in an environment that values curiosity, collaboration, and continuous improvement. Accommodations at Arm At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Hybrid Working at Arm Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.