Business Analyst (Contract)
Legal | UK - Bristol Office
About the company:
ForgeRock® rocks when others are rolling. We aren’t your typical high-tech company and aren’t looking for typical people. We look for real people. Whoever you are. Whatever you are. While you play well with others you aren’t afraid to be you and let others be themselves. Someone has called you wicked smart before, but you would never refer to yourself that way.
ForgeRock pioneered open source identity and access management, went on to invent identity relationship management for customer identities, and is now busy playing with the identity of things. Yes, we’re growing fast, but we remain true to our start up culture. We’re decidedly creative, we’re always learning, no one hesitates to ask questions, and we’re on a never-ending search for new ideas.
Our customers are some of the biggest companies, organizations, and even countries in the world. On any given day, it’s likely that the ForgeRock Identity Platform helped keep your data safe, gave you access to stuff, and supported trusted relationships between you, companies and the devices you were using. Please read more about us at forgerock.com or follow ForgeRock on Twitter at http://www.twitter.com/forgerock.
ForgeRock is a leading technology provider in the area of identity management software. As a global organisation with operations across the EU and in the US, it has a requirement to comply international standards around privacy, security and compliance best practice.
As a part of its privacy, security and compliance journey, ForgeRock now has a requirement for a Business Analyst to join the team on an (initial) six-month assignment to help the privacy and compliance team identify current data flows, working practice and to deliver new processes in order to certify parts of ForgeRock as compliant to standards such as ISO27001:2013, Cyber Security Essentials Plus and ISO9001:2015.
You will be working as a part of a small team to identify the necessary changes to processes, systems and current practices concerning the management, privacy, security and use of personal and customer data within areas of ForgeRock that need to conform to specific best practice or regulatory standards.
The role will initially be focused on delivering an information audit on platforms that are used by ForgeRock to interact with its customers and internal team members where personal or customer data is processed or held. After completing the audit, you will work within the project team to derive and deliver new processes to the business that support ISO27001, Cyber Security Essentials and IS9001 compliance. This includes fully documenting the ‘as is’ and ‘to be’ state for ForgeRock systems, tools and processes. The role will need a degree of flexibility, pragmatism, a good understanding of risks and priorities and the ability to be an influencer to ensure processes are implemented, tested and adopted.
- Understanding privacy and security requirements and the performance of gap analysis on specific Business and IT processes, systems, procedures and controls, producing a summary report as an initial deliverable
- Documenting the ‘as is’ and ‘to be’ state of the business and IT processes, systems, procedures and controls that are in scope for certification
- Performing risk assessments where needed to aid a risk-based approach for the application/implementation of compliance standards
- Supporting the identification of business processes and systems that relate to personal and customer data that are deemed in-scope of certification
- Understanding compliance standards and translate them into business and data management requirements with the Privacy and Compliance Team in the form of user stories/functional specifications or business change documentation
- Working with the privacy, security and compliance Project under the direction of the Privacy and Compliance team to deliver new processes and standards to ensure compliance with ISO27001, Cyber Security Essentials and ISO9001 as well as the GDPR
- Working with the Senior Programme Manager for Privacy and Certifications to update and implement a new compliance toolset, ISMS Online.
- Working with the Senior Programme Manager for Privacy and Certifications to deliver work packages based upon priorities and risks
Required Skills & Qualifications:
- Delivery focused individual with excellent attention to details,
- Proficient in quality auditing and documentation,
- Proven background as a Business Analyst in a regulated organisation such as a bank, insurance etc.
- An understanding of Agile project deliveries
- An understanding of data flows through IT systems and a recognition of impact to Personal Identifiable Information and customer data storage / processing
- An understanding of business functions such as Customer Support, HR, Sales, Marketing and Finance as well as the types of systems that they use.
- An understanding of business and technology operations and the ability to bridge them to ensure that the best solutions are delivered
- Previous experience working in process change
- Expertise around GAP Analysis & Process Mapping
- Experience of privacy and security standards such as ISO27001, Cyber Security Essentials and ISO9001
- Experience of banking compliance requirements and associated privacy, security and certifications
- Previous experience of working with data protection regulations such as the GDPR
- Ability to “own” a piece of work and deliver work packages as directed by Senior Programme Manager for Privacy and Certifications for the privacy, security and compliance Project
- Strong Stakeholder Management
- Previous experience on the delivery of Regulatory Projects
- Excellent communication internally with key stakeholders and ForgeRock team members
Life at ForgeRock:
We believe in and facilitate a flexible, collaborative work environment. We’ve grown enormously, but remain true to the innovative, can-do startup values that got us here. Most important of all, we keep hiring talented, smart, fun, and genuinely nice people because that’s who we want to succeed with every day. Below are just a few of the great things we have to offer at ForgeRock:
- A great team of smart, fun and genuinely nice individuals.
- Awesome company culture focused around providing a flexible and collaborative work environment
- Regular office bonding events, from lunches and happy hours to group offsites and hack-days
- Well-stocked fridges, whether you’re hungry or thirsty
- Competitive benefits and perks
- We’re Mac-friendly!
- Generous employee referral bonus program
- Amazing offices across the globe – San Francisco HQ; Vancouver, WA; Austin, TX; Munich, Germany; London & Bristol, UK; Grenoble & Paris, FR; Oslo, NO; Singapore, Australia & counting!