Apply on Employer Site

Lafayette Group · 11 hours ago

Cybersecurity Operations Business Analyst

DC-Baltimore Area

Full-time

Onsite

Mid, Senior Level

$75K/yr - $120K/yr

5+ years exp

Lafayette Group is seeking qualified and team-oriented individuals to work with federal government organizations in support of national cybersecurity programs. The Cybersecurity Business Analyst will enhance national operational readiness and deliver tailored cybersecurity guidance while working with Project Managers and other Program Analysts across the cybersecurity operations lifecycle.

AssociationCyber SecurityGovernmentInformation Technology

Work & Life Balance

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serve as primary liaison with federal clients during cybersecurity incidents and program reviews, managing client communication protocols, maintaining stakeholder relationships, and translating technical findings into executive-level briefings and actionable recommendations for federal leadership

Develop, document, and continuously improve SOPs supporting cybersecurity programs and incident response activities, utilizing process auditing techniques, metrics analysis, gap assessments, and maturity model evaluations to systematically identify improvement opportunities and measure effectiveness

Facilitate cross-functional collaboration with diverse teams including cybersecurity analysts, incident responders, compliance officers, and federal program managers to ensure comprehensive stakeholder engagement and alignment. Analyze and map business process workflows for cyber operations, ensuring clarity and operational efficiency

Facilitate knowledge management initiatives, including organizing repositories, optimizing workflow documentation, and ensuring business continuity through updated materials

Lead efforts to translate complex technical and business requirements into actionable deliverables, bridging teams and stakeholders

Advise incident handling procedures with evolving organizational and federal standards

Establish KPIs, process metrics, and improve tracking capabilities. To quantify process improvements, measure SOP effectiveness, and provide data-driven recommendations for workflow optimization

Qualification

Cybersecurity expertiseBusiness analysisSOP documentationKnowledge management platformsWorkflow optimizationProject managementStakeholder engagementDiagramming softwareCollaboration toolsAdvanced communicationTechnical writing

Required

Bachelor's degree in an analytical, technical, or cybersecurity-related field

5+ years' experience in cybersecurity, business analysis, or a related discipline

Proven expertise in documenting SOPs and supporting technical writers; skilled in workflow optimization and business process design

Experience with knowledge management platforms and collaboration tools (such as SharePoint, Jira, Confluence)

Advanced communication, stakeholder engagement, and project management abilities

US citizenship with the ability to obtain and maintain DHS Suitability (EOD)

Preferred

Active TS security clearance and SCI eligibility. SCIF work may be required

Experience leading cybersecurity business analysis and documentation efforts in a federal or enterprise environment

Experience with federal documentation standards, templates, version control systems for maintaining SOPs and technical documentation in regulated environments

Ability to synthesize feedback from various teams to deliver actionable process improvements and documentation

Skilled in using diagramming software, workflow modeling tools, and technical writing best practices

Familiarity with the operations and mission of CISA or other federal cybersecurity organizations

Experience with federal compliance requirements and cybersecurity frameworks, including NIST Cybersecurity Framework and Risk Management Framework (RMF), with knowledge of government procurement processes and federal regulatory requirements

Deep understanding of the Cyber Incident Lifecycle, able to communicate lifecycle stages to technical and non-technical audiences