Security Business Analyst

Enterprise Security is looking for a Security Business Analyst to join the Security Transformation & Performance team.

This role sits at the heart of how security transformation is shaped and delivered at Arm. Working across diverse teams, the successful candidate will help turn strategic priorities, risks, and emerging requirements into clear, actionable outcomes that strengthen Arm's security posture and support the future of secure computing.

Job Overview:

The Security Business Analyst will support security initiatives from early concept through to delivery, helping define requirements, clarify priorities, and enable teams to move forward with confidence.

Collaboration is central to the role. Working closely with security specialists, IT teams, and business stakeholders, the role will help build shared understanding of challenges, priorities, and desired outcomes across multiple initiatives. Responsibilities will include facilitating workshops, guiding discussions, and driving alignment between technical and business teams.

The role requires translating complex or ambiguous inputs - including risk assessments, regulatory requirements, audit findings, and strategic objectives, into structured outputs such as business requirements, user stories, process maps, impact assessments, and supporting documentation.

Working across multiple initiatives simultaneously, the Security Business Analyst will help improve consistency, governance, visibility, and delivery alignment across the broader security portfolio.

Responsibilities:

We're more interested in how someone approaches problem solving, collaboration, and delivery than in ticking every box.

The ideal candidate will be comfortable working in fast moving environments where priorities evolve and ambiguity exists. Strong communication skills, sound judgement, and the ability to build trusted relationships across technical and non technical teams will be important to success in the role.

A structured and analytical mindset is essential, alongside the ability to simplify complexity, challenge assumptions constructively, and support practical decision making. Strong candidates will be confident managing competing priorities while maintaining attention to detail and delivery outcomes.

Experience working across cross functional teams within technology, cybersecurity, risk, or transformation environments will also be important.

Required Skills and Experience:

• Experience working as a Business Analyst within cybersecurity, technology, risk, or transformation focused environments
• Proven ability to elicit, analyse, and document business, functional, and non functional requirements across complex initiatives
• Experience supporting security transformation, remediation, compliance uplift, or security maturity improvement programmes
• Familiarity with recognised security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, or CIS Controls
• Exposure to enterprise security domains such as vulnerability management, identity and access management, cloud security, governance and compliance, or security operations
• Strong analytical and problem solving skills, including experience with process mapping, gap analysis, workflow optimisation, and impact assessments
• Experience facilitating workshops, stakeholder discussions, and cross functional decision making sessions
• Ability to build trusted relationships and communicate effectively with technical and non technical stakeholders at all levels of the organisation
• Experience supporting governance, reporting, risk tracking, and delivery visibility across multiple initiatives
• Familiarity with Agile, Scrum, Waterfall, or hybrid delivery methodologies, including use of tools such as Jira and Confluence
• Comfortable working within globally distributed, matrixed organisations managing competing priorities and dependencies

Nice To Have Skills and Experience:

• Exposure to complex technology environments such as semiconductor, engineering, cloud, or advanced technology industries would be beneficial
• Relevant certifications such as BCS Business Analysis, CBAP, CompTIA Security+, CISSP, are advantageous but not required

Growth and Development

This role is designed to grow over time. As context, relationships, and experience develop, there will be opportunities to take on greater ownership and play a key role in shaping how security initiatives are defined, prioritised, and delivered at Arm.

Over time, the role will become a trusted partner within the team, helping improve consistency, support effective decision making, and contribute to broader security transformation initiatives across the organisation.

In Return

This is an opportunity to work on meaningful security challenges at a time when Arm is evolving rapidly and shaping the future of computing. Arm technology powers billions of devices worldwide, and this role will contribute to protecting what comes next.

The position offers exposure to a wide range of teams, technologies, and ways of working across the business, alongside continued development in an environment that values curiosity, collaboration, and continuous improvement.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.