Senior Cyber Secruity Analyst - GRC

About Baringa

Baringa is a global consulting firm that partners with leaders to drive change and create value. With deep industry expertise, and enabled by advanced technology, the firm helps clients to deliver with greater confidence and certainty. With over 2,000 people across the UK, Europe, North America, Asia and Australia, the firm combines global insight with local understanding.

The firm works across energy and resources, financial services, government and public sector, consumer products and retail, pharmaceuticals and life sciences, manufacturing, and technology, media and telecoms, with capabilities spanning strategy, transformation and operational excellence – all powered by advanced technology, data, AI and digital innovation.

Clients value Baringa’s collaborative approach and the way its teams integrate seamlessly – all working with a shared understanding of what matters most. The firm is known for its kind, curious experts who listen closely and care deeply about client success as they help clients transform energy markets, modernise financial platforms, expand telecoms and digital networks through advanced data analytics, enable digital services in government, and unlock growth in consumer sectors.

Certified as a Great Place to Work around the world, Baringa has been recognised by the Financial Times in 22 categories of its UK Leading Management Consultants rankings, and by Forbes for four consecutive years as one of the World’s Best Management Consulting Firms.

What you will be doing

• Develop a complete understanding of Baringa’s technology and information systems.
• Lead in the response to RFPs/audits, including supplier security due diligence and third-party audit and assurance activities.
• Identify and communicate current and emerging security threats and cyber risks.
• Lead a program of awareness-raising and training to deliver compliance and to foster a cyber conscious culture across the company.
• Actively lead on the definition, implementation and maintenance of corporate security policies, standards and procedures.
• Align organisational security strategy and infrastructure with overall business and information technology strategy.
• Manage company compliance with information security, policies, standards, contractual obligations and guidance through business managers and champions providing advice, support and guidance on risk based good practice.
• Lead on and produce technical security MI in support of governance and vulnerability management engagements.
• Lead on client engagement for any queries and requests - during the business development process and during ongoing client engagement - regarding Baringa’s information technology security policies and processes.

Your skills and experience

• Experience in full-time operational Senior Cyber Security GRC
• Experience of the Microsoft, AWS and other cloud technology stacks.
• Experience utilising emerging technologies to design and implement security solutions, monitoring and improving those solutions.
• Thorough understanding of relevant industry security standards and protocols including ISO27001, National Institute of Standards and Technology (NIST), NSCS CAF, SOC, NIS 2 Directive and NCSC Cloud Security Principles.
• Background of consulting