SafePaaS is seeking a Business Analyst with a compliance and fraud-risk background to bridge business stakeholders, client teams, and technical delivery on GRC implementations. This role focuses on requirements gathering, data analysis, and dashboard/reporting delivery for clients using SafePaaS to manage SoD violations, access risk, and regulatory controls — rather than deep ERP security configuration itself. It's ideal for someone who understands financial risk, fraud patterns, and regulatory frameworks, and can translate those into system requirements, controls logic, and stakeholder-facing reporting.
Key Responsibilities
- Elicit and document business requirements from client stakeholders (compliance, audit, risk, and IT teams) for SoD rules, access controls, and risk libraries within the SafePaaS platform.
- Translate regulatory requirements into functional specifications and user stories for the SafePaaS product/config team.
- Build dashboards and reports visualizing SoD violations, remediation status, control effectiveness, and audit-readiness metrics for client stakeholders and internal leadership.
- Support client onboarding by mapping business processes and risk taxonomies to SafePaaS rule sets, working alongside technical configuration teams.
- Facilitate Agile ceremonies for platform enhancement and client implementation projects, managing requirements in JIRA/Confluence.
- Prepare audit-ready documentation: functional specs, SOPs, control narratives, and remediation reports.
- Serve as a liaison between clients' compliance/audit teams and SafePaaS's technical delivery team, ensuring requirements are accurately captured and delivered.
- Stay current on emerging risk areas — including AI/non-human identity (NHI) governance and evolving regulatory frameworks — and help incorporate them into requirements.
Required Qualifications
- Bachelor's degree in Business, Systems Engineering, Finance, or related field.
- 4+ years of Business Analyst experience, ideally within financial compliance, fraud/risk, or regulatory environments.
- Strong SQL skills and experience validating/reconciling data across multiple systems.
- Experience with Agile/Scrum delivery (JIRA, Confluence) and writing user stories/functional specs.
- Strong dashboard/reporting skills (Power BI or equivalent BI tools).
- Understanding of internal controls frameworks (SOX, COSO, ITGC) and segregation of duties concepts.
- Excellent stakeholder communication skills, with experience working across compliance, audit, and technical teams.
Preferred Qualifications
- Familiarity with ERP security/access governance concepts (Oracle GRC/AACG/CCG/PCG, SAP GRC, or similar platforms) — hands-on config experience not required but a plus.
- Experience supporting regulatory/government clients (SEC, FHFA, financial institutions).