Sign upLog in

Business Process Analyst

Leadstack Inc

Santa Rosa, CA

Apply
JOB DETAILS
SKILLS
Agile Programming Methodologies, Analysis Skills, Applications Security, Artificial Intelligence (AI), Atlassian JIRA, Business Analysis, Business Processes, Communication Skills, Computer Science, Computer Security, Continuous Deployment/Delivery, Continuous Improvement, Continuous Integration, Cross-Functional, Detail Oriented, DevOps, Documentation, Editing, Follow Through, GitHub, Information Technology & Information Systems, Organizational Skills, Procedure Development, Process Analysis, Process Flow, Process Improvement, Process Modeling, Product Management, Risk, Risk Analysis, Risk Management, Security Analysis, Security Compliance, Security Policy, Security Software, Software Design, Software Development, Software Development Lifecycle (SDLC), Software Engineering, Source Code/Configuration Management (SCM), Technical Publications, Technical Writing, Threat Modeling, U.S. National Institute of Standards and Technology (NIST), Writing Skills
LOCATION
Santa Rosa, CA
POSTED
8 days ago

Job Summary
• We are seeking a Technical Business Process Analyst with experience in software engineering and security-focused processes. This role partners closely with software engineering, product management, security, compliance, and IT teams to analyze, design, and optimize business and delivery processes that support secure-by-design software development. The ideal candidate understands how business workflows, engineering practices, and security controls intersect across the software lifecycle.
• This is a hands-on, execution-focused role designed to define software engineering procedures and augment internal teams by turning draft content and evolving practices into clear, consistent, and publish-ready documentation and processes. The ideal candidate is highly detail-oriented, comfortable working from partially formed inputs, and skilled at translating complex technical and security concepts into usable, developer-friendly artifacts.

Key Responsibilities
• Translate security requirements and standards into actionable engineering procedures
• Identify gaps, inefficiencies, and security risks in existing processes
• Gather inputs and feedback from subject matter experts and incorporate changes efficiently
• Document "to-be” processes that embed security requirements into engineering workflows with clear handoffs and responsibilities such as
• Process flows
• Swimlane diagrams
• Step-by-step procedures
• Assist with editing, finalizing, and publishing draft:
• Technical security standards
• Technical security procedures
• Reusable technical artifact templates
• Ensure documentation is aligned with approved policies, standards, and engineering practices
• Ensure requirements remain aligned with evolving engineering practices and platforms
• Maintain version control, formatting standards, and publishing readiness for technical content
• Facilitate process mapping and improvement workshops for engineering and security teams
• Support vulnerability triage workflows, risk acceptance, and remediation tracking
• Serve as a key liaison between software engineering, architecture, product, security, IT, and compliance teams
• Excellent documentation, facilitation, analytical, and technical and stakeholder communication skills
• Drive continuous improvement using data and engineering feedback

Preferred Qualifications
• Hands-on experience documenting and improving security-related processes
• Familiarity with application security concepts such as:
• Secure SDLC / DevSecOps
• Vulnerability management
• Threat modeling basics
• Familiarity with security frameworks and standards (e.g., NIST)
• Experience supporting audits, risk assessments, or security reviews
• Exposure to engineering tools such as GitHub/GitLab, Jira, Confluence, CI/CD pipelines
• Experience leveraging AI tools to design and automate processes

What Success Looks Like in This Role
• Engineering teams move fast without bypassing security
• Software development processes consistently incorporate security controls
• Engineering teams clearly understand security-related requirements and workflows
• Vulnerability and risk management processes are efficient, measurable, and auditable
• Reduced friction between engineering delivery and security compliance
• Continuous improvement of secure software practices across the organization
• Draft security procedures and standards are finalized, consistent, and ready for production use
• Engineering and security teams clearly understand documented workflows and expectations
• Documentation templates are reusable and adopted across teams
• Internal teams spend less time explaining processes and more time executing them

Skills:
Key Skills & Competencies
• Secure-by-design thinking and risk awareness
• Ability to translate security policy into practical engineering workflows
• Strong cross-functional influence without authority
• Process modeling and systems thinking
• High attention to detail with pragmatism around developer experience
• Strong technical writing and editing skills for security and engineering audiences
• Comfort working with ambiguity and iterative drafts
• Strong organizational and follow-through skills
• Effective communicator who incorporates feedback quickly

Education:
• Required Qualifications
Bachelor's degree in Information Systems, Computer Science, Engineering, or related field
4+ years of experience as a Business Analyst or Process Analyst in software engineering or technology environments
Strong understanding of modern software development practices (Agile, CI/CD, DevOps)

About the Company

L

Leadstack Inc