Role Description Baringa’s TeCy Group (Technology & Cyber) is a global function supporting the firm as it enters new markets. We’re on a mission to develop great technology products and deliver great services. We’ve installed a new operating system for ourselves and rebooted what was a corporate IT department to an in-house technology company - transforming the way we work and opening the way to serve Baringa’s clients directly. We’re working on sustainability, committed to Net Zero in our supply-chain and services. We’re keeping our firm safe: protecting our data and our reputation. We are embarking upon and will be the driving force behind a new 3-Year digital strategy for the firm. We are currently looking for a Cyber Security Analyst to join our Defensive Operations Section within the wider Cyber Security Team where you will play a key role in protecting the company from cyber vulnerabilities and attacks, as well as ensuring the company’s security programme keeps up with the growing business. The role reports to the Head of DefOps, contributing to the effective delivery of security processes and tooling to enable proportionate and effective application of security controls. You will be responsible for the technical configuration, maintenance, and operation of the security tooling. You will be a key member of a growing team in a dynamic company, helping to define new ways of working using modern security architectures and tools. Baringa will work with you to develop a personal training pathway and gain recognised security certifications. We are always evolving and there is a constant stream of exciting challenges and opportunities for us to work towards, together as a team. - Perform vulnerability scans, analysis, and prioritise identified weaknesses, working with the Technology Team to remediate identified issues. - Collate alerts from security tooling, perform triage, prioritise and where appropriate escalate for further action. - Act as the first point of contact for security incidents, providing timely responses, coordination, and communication throughout all stages - including liaison with any 3rd party security providers. - Perform hands-on investigations to analyse incidents, identify suspicious behaviour, gather evidence, and build on lessons learned to prevent their recurrence. - Research and implement new security technologies to better protect company information and assets. - Participate in the response to RFPs, third party audit and assurance activities. - Lead on and produce technical security MI in support of governance and vulnerability management engagements. - Provide ‘hands on’ assistance, particularly in technical control implementation or administration where needed. - Work as part of a team to communicate ideas, suggestions and solutions that achieve the firm’s long-term objectives. Qualifications - Experience in full-time Cyber/Information Security or IT operational role. - CompTIA Security+, GIAC Security Essentials or equivalent. - Experience of the Microsoft Technology Stack. - Hands-on experience with security technologies such as: Security operations, IT 2nd line support, server or network administration/configuration or application testing or development. - Growth mentality with excellent problem-solving skills, willing to assist in all areas of CyberSec and to learn new technologies & processes. - A self-motivated individual with a “can do” attitude, who can work on their own initiative as well as part of a team. - An excellent communicator who can help develop good InfoSec practices with an ability to interact with all levels within the company. - Experience with security tooling, i.e. MS Defender and Sentinel, vulnerability scanners, Intrusion Detection Systems (IDS), firewalls, web and email filtering, endpoint protection, and mobile device management (MDM). - Computer science or IT security related degree. Benefits - The chance to operate at the forefront of our industries. - Good work-life balance with flexible working solutions. - Promotion based on performance with two promotional reviews a year. - Ability to work closely with senior stakeholders both within Baringa TeCY and beyond. - Control over your training and development. - A people first culture focused on employee wellbeing.

• Stay updated on emerging threats and cybersecurity best practices, continuously improving security operations and procedures • Participate in an off-hours on-call rotation to ensure continuous security coverage • Ensure timely resolution of security cases, operating within defined SLAs • Produce detailed technical incident reports and communicate findings to stakeholders • Conduct front-line investigations of security alerts, ensuring thorough analysis and coordination with partner teams • Assess the scope and impact of security risks and drive mitigation and resolution activities • Monitor security investigations, perform analysis, and apply remedial or protective actions • Proactively hunt for suspicious or malicious activity using threat intelligence and advanced analytics • Act as an escalation point for associate analysts, guiding complex cases • Participate in the global incident response team during major incidents and contribute to post-incident reviews

• Design and build SecOps tools, including SIEM, SOAR, vulnerability detection and management, EDR, logging pipelines, and user behavior analytics • Develop architecture patterns and solution designs for the security tool ecosystem • Evaluate and integrate new tools and platforms to improve detection, response, and automation capabilities • Build and maintain scalable data ingestion, correlation, and alerting workflows for advanced detection and response • Coordinate with operations engineers to jointly maintain SecOps workflows and ensure platform reliability • Develop automation scripts, playbooks, and workflows in SOAR tools to improve response efficiency and reduce analyst workload • Design and build an internal SecOps product to deliver detection and response capabilities for vulnerabilities, threats, and security incidents • Integrate with the internal observability product and broader corporate SOC functions • Provide technical leadership during incidents, including tool behavior, data quality, and technical issues • Develop, test, and operationalize detection capabilities based on evolving threats and platform telemetry • Create and maintain detection-as-code artifacts such as Sigma rules, YARA, KQL queries, and static analysis rules • Validate detection quality through adversary simulation, purple teaming, or continuous tuning

• Monitor, detect, and respond to security incidents across the organization; • Analyze and correlate security events, alerts, and logs; • Investigate security incidents and recommend remediation actions or workarounds; • Research and assess emerging cyber security threats and mitigation strategies; • Conduct vulnerability assessments and analyze vulnerability reports; • Validate potential findings and support remediation activities; • Contribute to the continuous improvement of SOC monitoring and response processes; • Collaborate with technical teams to implement security best practices; • Produce technical documentation and incident reports.