Cyber Security Analyst - Governance, Risk and Culture (GRC)

Baringa is a global consulting firm that partners with leaders to drive change and create value. With deep industry expertise, and enabled by advanced technology, the firm helps clients to deliver with greater confidence and certainty.

We are currently looking for a Cyber Security Analyst to join our Governance, Risk and Culture (GRC) capability within the wider Cyber Security Team, where you will play a key role in strengthening the firm’s security posture, ensuring compliance, and embedding a cyber-conscious culture across the organisation. The role contributes to the delivery of governance, risk management and assurance activities, including supplier due diligence, audit responses, and the development and maintenance of security policies, standards and controls.

You will be a key member of a growing team in a dynamic, consulting-led environment, working closely with technical, IT and business stakeholders to identify and manage cyber risks and align security strategy with business priorities. Baringa will support your development across GRC domains, offering exposure to evolving regulatory requirements, cloud technologies and emerging areas such as AI, with a wide range of opportunities to shape our approach and make a meaningful impact.

What will you be doing?

• Develop a complete understanding of Baringa’s technology and information systems.
• Lead in the response to RFPs/audits, including supplier security due diligence and third-party audit and assurance activities.
• Identify and communicate current and emerging security threats and cyber risks.
• Support a program of awareness-raising and training to deliver compliance and to foster a cyber conscious culture across the company.
• Assist with the definition, implementation and maintenance of corporate security policies, standards and procedures.
• Provide ‘hands on’ assistance, particularly in technical control implementation and incident response.
• Coordinating the needs of in-house IT experts and remote employees, vendors and contractors.
• Work as part of a team to communicate ideas, suggestions and solutions that achieve the firm’s long-term objectives, especially the GRC Strategy.
• Align organisational security strategy and infrastructure with overall business and information technology strategy.
• Manage company compliance with information security, policies, standards, contractual obligations and guidance through business managers and champions providing advice, support and guidance on risk based good practice.
• Lead on and produce technical security MI in support of governance and vulnerability management engagements.
• Support client engagement leads on client queries and requests regarding Baringa’s information technology security policies and processes.

What are we looking for?

• Experience in full-time operational Cyber Security GRC, or Cyber Security role.
• Experience of compliance requirements for cloud technologies stacks such as Microsoft and AWS.
• Experience utilising emerging technologies, such as AI, to design and implement security solutions.
• Thorough understanding of relevant industry security standards and protocols including ISO27001, NIST, NSCS CAF, SOC, NIS 2 Directive and NCSC Cloud Security Principles.
• Background of consulting and engineering the design and development of security best practices.
• Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems.
• Assist in risk assessment procedures, policy formation, role-based authorisation methodologies, authentication technologies and security attack pathologies.
• Growth mentality with excellent problem-solving skills.
• A self-motivated individual with a “can do” attitude.
• An excellent communicator who can help develop good Cyber practices.
• Strong leadership, stakeholder management, and project/team-building skills.

What a career at Baringa will give you

• Generous Annual Leave Policy: 5 weeks of annual leave, fully available at the start of each year.
• Flexible Working: Hybrid working policy and flexibility around taking unpaid leave.
• Corporate Responsibility Days: 3 days every year to help social and environmental causes.
• Wellbeing Fund: Annual People Fund to support wellbeing through an activity of their choice.
• Profit Share Scheme: All employees participate in the Baringa Group Profit Share Scheme.

Baringa is proud to be an Equal Opportunity Employer. We believe that creating an environment where everyone feels a sense of belonging is central to our culture and that diversity is paramount to driving creativity, innovation, and value for our clients and for our people.