Cyber Security Analyst - Governance, Risk and Culture (GRC)

We are currently looking for a Cyber Security Analyst to join our Governance, Risk and Culture (GRC) capability within the wider Cyber Security Team, where you will play a key role in strengthening the firm's security posture, ensuring compliance, and embedding a cyber‑conscious culture across the organisation. The role contributes to the delivery of governance, risk management and assurance activities, including supplier due diligence, audit responses, and the development and maintenance of security policies, standards and controls. You will be a key member of a growing team in a dynamic, consulting‑led environment, working closely with technical, IT and business stakeholders to identify and manage cyber risks and align security strategy with business priorities. Baringa will support your development across GRC domains, offering exposure to evolving regulatory requirements, cloud technologies and emerging areas such as AI, with a wide range of opportunities to shape our approach and make a meaningful impact.

What will you be doing?

• Develop a complete understanding of Baringa's technology and information systems.
• Lead in the response to RFPs/audits, including supplier security due diligence and third‑party audit and assurance activities.
• Identify and communicate current and emerging security threats and cyber risks.
• Support a program of awareness‑raising and training to deliver compliance and to foster a cyber‑conscious culture across the company.
• Assist with the definition, implementation and maintenance of corporate security policies, standards and procedures.
• Provide ‘hands on’ assistance, particularly in technical control implementation and incident response.
• Coordinating the needs of in‑house IT experts and remote employees, vendors and contractors.
• Work as part of a team to communicate ideas, suggestions and solutions that achieve the firm's long‑term objectives, especially the GRC Strategy.
• Align organisational security strategy and infrastructure with overall business and information technology strategy.
• Manage company compliance with information security, policies, standards, contractual obligations and guidance through business managers and champions providing advice, support and guidance on risk‑based good practice.
• Lead on and produce technical security MI in support of governance and vulnerability management engagements.
• Support client engagement leads on client queries and requests during the business development process and ongoing client engagement regarding Baringa's information technology security policies and processes.

What are we looking for?

• Experience in full‑time operational Cyber Security GRC, or Cyber Security role.
• Experience of compliance requirements for cloud technology stacks such as Microsoft and AWS.
• Experience utilising emerging technologies, such as AI, to design and implement security solutions, monitoring and improving those solutions while working with a Cyber Security team.
• Thorough understanding of relevant industry security standards and protocols including ISO27001, NIST, NSCS CAF, SOC, NIS 2 Directive and NCSC Cloud Security Principles.
• Background of consulting and engineering the design and development of security best practices, implementation of security measures, policies and processes to meet business goals, customer needs and regulatory requirements.
• Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems, while seeking out vulnerabilities in IT infrastructures.
• Assist in risk assessment procedures, policy formation, role‑based authorisation methodologies, authentication technologies and security attack pathologies.
• Growth mentality with excellent problem‑solving skills, willing to assist in all areas of Cyber and to learn new technologies & processes.
• A self‑motivated individual with a “can do” attitude, who can work on their own initiative as well as part of a team.
• An excellent communicator who can help develop good Cyber practices with an ability to interact with all levels within the company.
• Strong leadership, stakeholder management, and project/team‑building skills, including the ability to lead teams and drive initiatives in multiple departments.

Benefits

• Generous Annual Leave Policy: 5 weeks of annual leave available at the start of each year, plus a 5‑Year Recharge benefit granting an extra 2 weeks of paid leave after 5 years of continuous service.
• Flexible Working: Hybrid working policy and additional flexibility around taking unpaid leave.
• Corporate Responsibility Days: 3 days per year to help social and environmental causes.
• Wellbeing Fund: Annual People Fund to support employees’ wellbeing through an activity of their choice.
• Profit Share Scheme: Participation in the Baringa Group Profit Share Scheme.

Diversity and Inclusion

We are proud to be an Equal Opportunity Employer. We believe that creating an environment where everyone feels a sense of belonging is central to our culture and that diversity is paramount to driving creativity, innovation, and value for our clients and our people.

Equal Employment Opportunity Statement

All applications received will be reviewed by a member of our Talent Acquisition team. We never rely solely on automated screening or AI tools to make hiring decisions. Your application will be considered for employment without regard to race, ethnicity, religion, gender, gender identity or expression, sexual orientation, nationality, disability, age, faith or social background. We do not filter applications by university background and encourage those who have taken alternative educational and career paths to apply. We encourage applications from those who identify with less represented and minority groups. We operate an inclusive recruitment process, ensuring reasonable adjustments where needed.