Our direct client in seeks an Information Security Business Analyst for a long-term contract position, to be interviewed and hired immediately.   This position will be on the Information Security & Technology Risk team, which is responsible for delivering services to the client's business and support organisations, globally, in order to effectively mitigate and manage technology risk. The position is in Stamford, commutable directly via Metro-North RR or easily accessible from I-95 or the Merritt Parkway.  This role is within the Project function and will be responsible for delivering a number of security initiatives managing both technical and business analyst aspects. The high level roles and responsibilities of the Business Analyst will include the following: • Analysing applications, roles and permissions across the user base to determine appropriateness of access. • Engaging relevant Business managers to review and validate any inappropriate access identified. • Documenting feedback on the existing tools and processes and turning them in to agreed business requirements. • Working with the technical team to produce functional specifications and communicating the requirements to the development team. • Introducing new toolsets and processes to the user base, including communication and information where necessary. • Reviewing the existing roles defined across applications and working with operational and application support teams to update / amend where necessary. • On-boarding any applications into the Access Control toolset, if they are not currently managed by this framework. • Managing any risks / issues identified, ensuring timely communication to the Project Manager. The Business Analyst will be required to interface with with Business Control Heads and Reviewers based in the US to review existing toolsets and processes and to capture feedback. They will also be required to review specific access data with these same contacts to validate potential inappropriate access. In addition to this, the role will also be required to work closely with US based application teams to refine and update existing roles and where necessary define new ones. Essential Experience: (Must have skills) • Experience of implementing RBAC(role based access controls) or logical access controls on applications experience is ideal • Knowledge of different access control models used to permission applications is desirable • Excellent verbal and written communication skills • Strong organisational skills with attention to detail and quality. • Ability to interact effectively with technical and non-technical staff. • Able to gather information quickly and accurately. • Ability to challenge existing processes appropriately and propose improvements and new ideas. • Proven business analyst experience. • Solid grasp of security principles relating to access controls. • Ability to effectively multi-task across multiple projects. • Specific skills in much of the following o Microsoft Excel Supplementary Experience: (Useful additional skills) • Information Security Consultancy •  Experience working in Information Security departments within the financial services sector •  CISSP / CISA  / CISM certified •  MSc in Information Security •  Other IT based certification Personal Attributes: • Excellent communicator - Verbal and written • Stamina and determination – A strong sense of initiative, a ‘can do’ attitude and a deep drive to improve service quality • Able to build effective relationships and trust with all stakeholders – from senior business executives to technical experts • Intellectually strong – Able to balance business and technical drivers with excellent problem management skills and vision • A good understanding of the principles and terminology involved in the provision of access control services