Principal Business Analyst – Cyber Security
Department of Health | eHealth Queensland
Contract opportunities: 12 months and 6 months

About the role Reporting to the Project Director, the Principal Business Analyst – Cyber Security will lead business analysis activities across one or more major cyber initiatives. This role is focused on delivering high-quality requirements, process design and business analysis artefacts for large-scale IM/ICT cyber security projects.
You will manage the end-to-end analysis lifecycle, including:

• business case development
• requirements elicitation and validation
• gap analysis
• future-state modelling
• review and uplift of vendor-produced artefacts

This role has a strong focus on cyber security technologies and initiatives such as Multi-Factor Authentication (MFA), Data Loss Prevention (DLP), Network Security, Security Governance, and Microsoft Entra ID. There are two contract opportunities available: one for 12 months and one for 6 months.
Key responsibilities In this role, you will:

• Lead business analysis activities for large-scale cyber security projects
• Analyse business requirements and system specifications to ensure alignment with business needs
• Elicit and document functional and non-functional requirements, configuration details, integration specifications and traceability matrices
• Develop high-quality business analysis artefacts in line with eHealth Queensland standards
• Build and maintain strong stakeholder relationships across eHealth, Hospital and Health Services, the Department of Health and external partners
• Review deliverables from external vendors, identify gaps and improve document quality
• Support the transition of deliverables through review, feedback and executive approval processes
• Provide expert advice, coordination and support for timely project delivery within the business analysis function

About you To succeed in this role, you will bring proven experience leading end-to-end business analysis activities within large, complex IM/ICT environments, ideally in cyber security and/or healthcare.
You will demonstrate:

• Strong experience leading business analysis activities within IM/ICT projects, preferably in cyber security
• Expertise in navigating complex organisations and facilitating requirements discovery across diverse stakeholder groups
• The ability to translate ambiguous business needs into validated functional and technical specifications for enterprise-scale solutions
• Strong knowledge of business analysis frameworks, methodologies and tools, ideally aligned to BABOK v3
• Proven experience in business process modelling and requirements definition in complex environments
• Experience reviewing and validating outcomes delivered by external vendors
• Strong leadership capability, including mentoring other business analysts and building high-performing teams
• Excellent consultation, facilitation, written and verbal communication skills
• Demonstrated capability in developing robust business cases for large-scale enterprise technology or security transformation initiatives

Highly regarded The following experience will be highly regarded:

• Domain knowledge in cyber security strategy, risk management frameworks, and security architecture concepts
• Experience with compliance and maturity initiatives, including Information and Cyber Security Policy (IS18)
• Knowledge of technologies such as RSA SecureID, DLP, MFA, and Microsoft Entra ID
• Experience delivering projects that establish security foundations and strengthen organisational cyber maturity