Head of Blue Team
Location: London/Remote
Division/Team: Cyber Security
Type of Contract: Full-time
6point6 cyber practice is a fast-growing community of industry-leading experts. The practice covers Assurance, Compliance, Security Operations, Offensive Security and Security Research. It is critical that the relevance of the services that 6point6 provide is maintained.
Why 6point6?
At 6point6, we drive the right change in every organisation through the positive impact of technology. Leading with strategy, architecture, and design, we connect cloud, data, and cyber to engineer and deliver large-scale, complex transformations across public and private sectors. We help organisations realise the value of their business strategy, allowing them to engage in a more meaningful way with their end customers.
Requirements
The primary goal of the Head of Blue Team is to achieve this through a number of different activities:
- Lead and grow a team of SecOps Analysts in line with customer demand
- Be a point of escalation for technical challenges for the SecOps team
- Maintain team certifications in line with company goals
- Developing the marketed services of the Blue team in line with customer demand
- Leading consulting on all aspects of security monitoring to include
o Evolving client operations capabilities and processes
o Developing strategy for implementation of client SecOps functions
o Developing playbooks
o Threat intelligence reporting
o Brand protection
- Developing a response to reported IOCs for customers
- Providing security incident triage and investigation, including forensics
- Be a thought leader on Security Operations, maintaining knowledge and understanding of technologies, trends, current threats, IOCs, attack methods and mitigations
- Working with business development to respond to bids
Must have:
- Experience of leading a technical team
- Experience of working in Cyber in a technical role
- A working knowledge of Cloud and On-Premises technologies and architectures
- A working knowledge of TCP/IP networks, including the technologies and protocols commonly used in local area and wide area networks
- A working knowledge of a variety of security technologies, including SIEM, logging, network and application firewalls, host-intrusion prevention and EDR
- Working knowledge of Pen-testing methodology / common vulnerabilities
- A basic knowledge and of common infrastructure and security architectures
- Experience with vulnerability management and remediation tools and methodologies
- Experience in leading consulting engagements
- Excellent stakeholder management skills
- Understanding of the cyber regulatory and certification landscape
- Excellent written and oral communication skills
Nice to have:
- BSc in Computer Sciences, Mathematics or Engineering (min 2:1) or equivalent
- Recognised Security qualifications such as CISM, CISSP, CRISC, SABSA
- CCT - Certified Web Application Tester and/or CCT - Certified Infrastructure Tester Hold or working towards a security certification
- SANS - e.g. Cyber Defence Operations, Threat Intel & Forensics
- Relevant TCP/IP network experience, or certifications such as CompTIA Network+ or CCNA
- Familiarity with ISO27001 and other security standards
- Red Team experience
Benefits
We offer a fantastic compensation package which is well above industry standards with a host of benefits including a company pension, laptop, private medical and dental insurance. We also offer an income protection plan, a wellness active allowance fund of up to £600 and access to a life coach for advice or a programme of self-help.