Business Analyst (NCSC CAF) - Outside IR35 - SC Cleared

Outside IR35: 400 - 500 p/d

Active SC Clearance Required

Once a week to London

We are seeking 2x Business Analysts to support the internal rollout of Cyber Assessment Framework (CAF) requirements for a critical government programme. This role will ensure that security and compliance objectives are met while maintaining a user‑centric approach.

• Business Analysis
  • Gather, document, and prioritize business and technical requirements aligned with CAF principles
  • Map current processes and identify gaps against NCSC CAF controls
  • Collaborate with security, IT, and delivery teams to define acceptance criteria and ensure compliance
  • Support backlog refinement and sprint planning in line with Agile and GDS standards
• CAF & Security Focus
  • Interpret NCSC CAF requirements and translate them into practical implementation steps.
  • Work closely with technical teams on PAWS deployment and device security hardening.
  • Ensure solutions meet both security and usability objectives without compromising user experience.
• Stakeholder Engagement
  • Facilitate workshops and discussions with internal teams to align on priorities.
  • Communicate findings and recommendations clearly to technical and non-technical audiences.

• Proven experience as a Business Analyst in Agile delivery environments.
• Strong understanding of GDS Service Standards and Agile methodologies.
• Familiarity with NCSC CAF principles and cyber security best practices.
• Experience with device security, endpoint management, and privileged access solutions.
• Excellent communication and stakeholder management skills.