Senior Cyber Security Analyst - GRC

About Baringa: Baringa is an award-winning, global management consulting powerhouse on an ambitious mission to partner with industrial leaders to drive structural change and uncover deep corporate value. Enabled by advanced technologies, data models, and digital breakthroughs, the firm equips clients across financial services, energy, government, and life sciences to execute multi-tier transformations with absolute market certainty. Recognized globally by Forbes as one of the World’s Best Management Consulting Firms and certified as a Great Place to Work, Baringa unifies a international presence of over 2,000 specialists with deep local domain understanding to engineer long-term operational excellence.

Position Overview

We are seeking a highly autonomous, compliance-fluent, and risk-aware Senior Cyber Security Analyst - GRC to join our core global Cyber team under a permanent, full-time remote configuration open across the United Kingdom. In this high-leverage information security governance seat, you will hold absolute operational ownership over security due diligence, internal technology system audits, and risk assessment procedures. Shifting completely away from routine non-regulated data transcription loops, entry-level web template modifications, or basic desktop hardware support ticketing, you will run an active corporate security policy formulation, multi-tenant compliance alignment, and structural vulnerability management laboratory. Partnering face-to-face with cross-functional business managers and technical stakeholders, you will build strategic security guardrails that align our internal infrastructure with overarching business goals and international regulations. This position requires a governance authority with dedicated operational experience who maps security roadmaps fluidly natively using Cybersecurity and GRC primitives, navigates specialized compliance guidelines, and fosters a cyber-conscious corporate culture across multiple departments.

Key Responsibilities

• Security Infrastructure Governance: Develop a comprehensive, deep architectural understanding of Baringa’s global technology and distributed information networks natively utilizing Cybersecurity and GRC primitives.
• RFP and Vendor Assurance Control: Lead the technical evaluation and execution of responses to RFPs, third-party security assessments, and complex supplier security due diligence workflows.
• Corporate Policy Instrumentation: Actively lead the definition, implementation, and programmatic maintenance of corporate security frameworks, role-based authorization rules, and authentication technologies.
• Risk Mitigation and Triage: Identify, evaluate, and communicate current or emerging digital threat patterns and infrastructure cyber risk vulnerabilities using rigorous logic and reasoning.
• Compliance Management and Auditing: Oversee firm-wide alignment with data protection regulations, contractual security obligations, and international frameworks by providing data-driven advice to business champions.
• Vulnerability Telemetry Reporting: Lead and produce detailed technical security Management Information (MI) reports and metric dashboards to optimize ongoing vulnerability management engagements.
• Security Awareness Training: Design and execute organization-wide educational campaigns and training initiatives to enforce regulatory compliance and maximize institutional security awareness.
• Client-Facing Security Advisory: Act as the principal point of contact for complex queries during the business development phase or ongoing client delivery loops regarding Baringa’s global data protection strategies.

Required Skills & Qualifications

• A minimum of 5+ years of proven, successful professional history operating inside a Senior Cyber Security GRC Analyst, Information Security Officer, IT Compliance Auditor, Technical Risk Manager, or closely matching data-protection capacity.
• Expert Information Security Framework Command: Thorough, practical working knowledge of prominent industry security standards and protocols, including ISO27001, NIST, NCSC CAF, SOC frameworks, NIS 2 Directive, and NCSC Cloud Security Principles.
• Verified history analyzing IT attack pathologies, configuring role-based authorizations, and auditing complex structural cloud architecture environments (including Microsoft Azure and AWS technology stacks).
• Demonstrated experience consulting on, designing, and engineering security best practices, technical policies, and documentation metrics to satisfy stringent regulatory mandates.
• Outstanding written and verbal communication strengths in English, with an established history handling sensitive multi-stakeholder relationships and leading cross-departmental initiatives with high emotional intelligence.
• Location Context: Position operates under remote guidelines open exclusively to qualified technical compliance specialists residing permanently within the United Kingdom.

Preferred Strategic Indicators (Nice to Have)

• Prior technical or consulting experience managing data security compliance frameworks specifically within Management Consulting, Financial Services, or Central Government sectors.
• Possess professional security or audit certifications (such as CISA, CISM, CISSP, or ISO27001 Lead Auditor tokens).
• Familiarity with emerging automated compliance tools, security script auditing, or AI security guardrails.

What We Offer

• Top-Tier UK Cybersecurity Consulting Remuneration: A highly competitive annual total salary package customized to your compliance trajectory, supplemented by direct participation in the Baringa Group Profit Share Scheme so everyone has a stake in our shared success.
• 100% remote workspace infrastructure autonomy anywhere within the United Kingdom under a People First culture focused on mental and physical well-being.
• Venture-Scale Governance Footprint: Elite professional milestones built by securing the core technical assets and client compliance channels of a globally ranked top-tier consulting firm.
• Comprehensive health and wellness preservation options, featuring an annual dedicated Wellbeing Fund to support an activity of your personal choice.
• Access to a generous annual leave policy providing 5 weeks of annual vacation available from day one, an extra 2 weeks of paid leave via our 5-Year Recharge benefit, 3 paid Corporate Responsibility days to support social or environmental causes, premium hardware provisions, and structured paths to advance into senior global security leadership roles.