Business Process Analyst

Mjolnir Security is a Canadian cybersecurity firm headquartered in Toronto, with a reputation for excellence in Digital Forensics, Incident Response (DFIR), Threat Intelligence, and Managed Security Services. With over 500 DFIR engagements completed, we help clients across public and private sectors navigate complex cyber threats and regulatory demands. Our mission is to combine sharp technical expertise with practical execution to deliver security solutions that actually work.

Position Summary

We are seeking a Business Process Analyst with strong technical acumen and a talent for documentation to join our growing consulting team. This role is client-facing and will involve direct engagements with organizations to analyze, design, and document IT and cybersecurity-related processes. The successful candidate must be able to work semi-independently, communicate effectively with both technical and non-technical stakeholders, and produce high-quality documentation including policies, process workflows, and audit-ready reports.

This is an ideal role for someone with a background in IT or cybersecurity who enjoys writing, improving processes, and creating operational clarity for organizations.

Key Responsibilities

Client Engagement & Process Analysis

• Analyze and document current-state IT and cybersecurity processes for clients across multiple industries.
• Conduct interviews and workshops with client stakeholders to identify inefficiencies, risks, and opportunities for improvement.
• Map workflows (e.g., incident response, change management, access reviews) and propose future-state enhancements.

Policy & Documentation Development

• Draft clear, audit-ready documentation including:

Security policies (e.g., password policy, acceptable use, access control)

• SOPs and work instructions
• Governance frameworks and internal controls
• Customize documentation to meet frameworks such as NIST CSF, ISO 27001, SOC 2, and CIS v8.

Reporting & Communication

• Produce client-facing reports that summarize findings, gaps, and recommendations in a structured, readable format.
• Support delivery of cybersecurity program assessments, maturity models, and roadmaps.
• Communicate technical concepts clearly in writing and during meetings.

Workflow & Tooling Enablement

• Assist clients in identifying automation or tool enhancements for process improvement.
• Document workflows using BPMN, Lucidchart, Visio, or similar tools.
• Support implementation efforts by creating playbooks or bridging documents for IT / security teams.

Qualifications

• 4+ years of experience in a Business Analyst or Process Analyst role, with at least 2 years in a client-facing capacity.
• Proven experience creating policies, SOPs, and technical documentation from scratch.
• Solid understanding of IT systems, service management, and cybersecurity best practices.
• Familiarity with governance and compliance frameworks: NIST, ISO 27001, SOC 2, CIS Controls, PCI-DSS is preferred.
• Strong writing and communication skills as this role is documentation-heavy.
• Ability to work semi-independently, manage deadlines, and adapt quickly to client environments.
• Proficiency in tools such as Microsoft 365, SharePoint, Confluence, Lucidchart, Visio, and task tracking platforms like Jira.

Nice to Have

• Experience working with or in a cybersecurity team, MSP / MSSP, or consulting firm.
• Certifications such as ITIL, Lean Six Sigma, CISA, ISO 27001 Lead Implementer, or CISSP (Associate OK).
• Experience supporting policy audits, tabletop exercises, or IR plan development.
• Opportunity to work alongside elite DFIR and threat intelligence professionals.
• Work at our HQ in Toronto's financial district (302 Bay Street).
• Exposure to diverse industries and technologies in a fast-paced, high-impact environment.
• Competitive compensation, learning opportunities, and a collaborative, mission-driven environment.