Develop a complete understanding of Baringa’s technology and information systems.
Lead in the response to RFPs/audits, including supplier security due diligence and third-party audit and assurance activities.
Identify and communicate current and emerging security threats and cyber risks.
Lead a program of awareness-raising and training to deliver compliance and to foster a cyber conscious culture across the company.
Actively lead on the definition, implementation and maintenance of corporate security policies, standards and procedures.
Align organisational security strategy and infrastructure with overall business and information technology strategy.
Manage company compliance with information security, policies, standards, contractual obligations and guidance through business managers and champions providing advice, support and guidance on risk based good practice.
Lead on and produce technical security MI in support of governance and vulnerability management engagements.
Lead on client engagement for any queries and requests
during the business development process and during ongoing client engagement
regarding Baringa’s information technology security policies and processes.

Experience in full-time operational Senior Cyber Security GRC
Experience of the Microsoft, AWS and other cloud technology stacks.
Experience utilising emerging technologies to design and implement security solutions, monitoring and improving those solutions.
Thorough understanding of relevant industry security standards and protocols including ISO27001, National Institute of Standards and Technology (NIST), NSCS CAF, SOC, NIS 2 Directive and NCSC Cloud Security Principles.
Background of consulting and engineering the design and development of security best practices, implementation of security measures, policies and processes to meet business goals, customer needs and regulatory requirements.
Ability to use logic and reasoning to identify the strengths and weaknesses of IT systems, while seeking out vulnerabilities in IT infrastructures.
Managing risk assessment procedures, policy formation, role-based authorisation methodologies, authentication technologies and security attack pathologies.
Strong leadership, stakeholder management, and project/team-building skills, including the ability to lead teams and drive initiatives in multiple departments.

Generous Annual Leave Policy: We recognise everyone needs a well-deserved break. We provide our employees with 5 weeks of annual leave, fully available at the start of each year. In addition to this, we have introduced our 5-Year Recharge benefit which allows all employees an additional 2 weeks of paid leave after 5 years continuous service.
Flexible Working: We know that the ‘ideal’ work-life balance will vary from person to person and change at different stages of our working lives. To accommodate this, we have implemented a hybrid working policy and introduced more flexibility around taking unpaid leave.
Corporate Responsibility Days: Our world is important to us, so all our employees get 3 every year to help social and environmental causes and increase our impact on the communities that mean the most to us.
Wellbeing Fund: We want to encourage all employees to take charge and prioritise their own wellbeing. We’ve introduced our annual People Fund to support this by offering every individual a fund to support and manage their wellbeing through an activity of their choice.
Profit Share Scheme: All employees participate in the Baringa Group Profit Share Scheme so everyone has a stake in the company’s success.

Senior Cyber Security Analyst – GRC

Key skills