Lead Blue Team Instructor

Company 

Cyber Search Partners

Location 

London

Employment Hours 

Full Time

Employment Type 

Permanent

Salary 

Job Requirements/Description

Senior/Lead Blue Team Instructor

Location: The Gulf Cooperation Council (GCC) country

Salary: DOE

Contract Type: Long Term 1-5years

Lead Blue Team Instructor

Company Overview

  • Our client is a globally recognized, privately held holding company with a diverse portfolio spanning multiple industries and sectors. Known for delivering world-class quality, the company offers bespoke training and products tailored to meet specific market needs.
  • With a growing international footprint, the client has established regional offices across EMEA and APAC, driving expansion worldwide.
  • Their training programs stand out for their focus on real-life scenarios, simulations, and hands-on practical learning. Courses are delivered in custom-designed environments, replicating a fully operational Cyber Security Operations Center (SOC), ensuring participants receive immersive, real-world experience.

In this position, you will:

  • As a Lead Blue Team Instructor, you will play a pivotal role in developing future cybersecurity professionals focused on defensive security operations.
  • The Blue Team Instructor will be responsible for delivering comprehensive training on network defence, threat detection, and incident response, providing students with the practical skills needed to protect organizations from cyber threats.
  • Join a team of instructors, responsible for our cybersecurity programs.
  • Conduct frontal teaching of information security and cyber courses.
  • Use Innovative technologies.
  • Develop and teach advanced labs.
  • Development of pedagogic materials and labs.
  • Help with the operations of the academy


Please note!

  • This is a relocation position – the role requires you to relocate the Gulf as this is where the Cyber SOC Academy is
  • Due to the nature of the project, only candidates with a UK/EU or US passport would be suitable!


Package:

  • Competitive Salary/Rate (dependent on experience), with a comprehensive range of financial benefits to be discussed.
  • All flights provided, including 2-3 return trips home within a 12-month period.
  • Daily private transportation to and from work, if required.
  • Optional laundry and cleaning services available.
  • Fully furnished apartment accommodation.
  • Comprehensive medical coverage for the entire duration of employment.


Key Responsibilities:

  • Design and deliver in-depth instruction on network defense, threat hunting, IAM, and security architecture etc
  • Develop, update, and maintain curriculum focusing on security monitoring, threat intelligence, log analysis, and endpoint security.
  • Lead practical exercises and labs on using security tools such as SIEM (Splunk, ELK), IDS/IPS systems, firewalls, and EDR solutions.
  • Teach students how to identify, investigate, and respond to cyber threats and incidents, including malware analysis, phishing investigations, and forensic analysis.
  • Guide students through log correlation, detection of anomalies, and building defensive playbooks to mitigate risks.
  • Conduct labs on network security monitoring using tools like Wireshark, Snort, Zeek, and TShark to detect malicious activity.
  • Instruct on vulnerability management techniques, including scanning, patching, and mitigation using tools like Nessus, Qualys, or OpenVAS.
  • Guide students through incident response and recovery processes, including containment, eradication, and post-incident reviews.
  • Train students on cloud security defense strategies for platforms such as AWS, Azure, and Google Cloud.
  • Conduct blue vs. red team exercises, helping students gain experience in detecting and mitigating live attacks.
  • Mentor and coach students to improve their skills in critical thinking, problem-solving, and cyber defense methodologies.
  • Develop and facilitate cybersecurity simulations and capture-the-flag (CTF) challenges focused on defensive tactics.


Technical Skills:

  • Expertise in network defense, incident response and threat hunting using tools such as:
  • SIEMs (e.g., Splunk, ELK Stack, QRadar), IDS/IPS (e.g., Snort, Suricata), EDR solutions (e.g., CrowdStrike, Carbon Black, Microsoft Defender ATP), and firewalls.
  • Proficiency in log analysis and event correlation to detect and respond to security incidents in real time.
  • Experience in malware analysis (using tools such as Cuckoo Sandbox, Remnux, and YARA rules).
  • Knowledge of threat intelligence platforms (TIP) and the use of frameworks such as MITRE ATT&CK to build detection rules and improve defenses.
  • Experience with forensic analysis tools such as FTK, Autopsy, and Volatility to investigate cyber incidents.
  • Hands-on experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS) and remediation processes.
  • Familiarity with cloud security defense and tools specific to AWS, Azure, and Google Cloud, including IAM roles, network security groups, and security monitoring in cloud environments.
  • Knowledge of firewall management, intrusion detection, DDoS protection, and network segmentation to prevent cyber threats.
  • Experience with cyber threat hunting, leveraging threat intelligence feeds and building detection strategies.
  • Ability to instruct students on best practices in secure configurations (e.g., CIS benchmarks, NIST standards) and compliance with security frameworks like ISO 27001, NIST, and GDPR.
  • Ability to teach active defense strategies such as honeypots, decoy systems, and network deception techniques.


Requirements:

  • Proven experience in Blue Team operations, network defense, or incident response roles.
  • Expertise in using SIEMs, IDS/IPS, firewalls, endpoint detection and response (EDR) tools.
  • Relevant certifications (e.g., GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Intrusion Analyst (GCIA), CompTIA Security+).
  • Strong communication skills with the ability to teach complex concepts to students of varying skill levels.
  • Willingness to relocate to one of our cyber academies.


Preferred Qualifications:

  • Previous experience as an instructor or in a training role in cybersecurity.
  • Familiarity with cyber range platforms and simulated attack environments.
  • Knowledge of cyber incident handling processes and forensic analysis tools.
  • Experience conducting blue vs. red team exercises or working closely with penetration testers.


Key Points:

  • The academy is based in a GCC country, so relocation is required
  • Accommodation is provided (a fully furnished apartment with everything you need)
  • A flexible contract of 1-5 years with a preference for longer-term commitments.
  • Attractive package with a based salary DOE

Apply Now
Company 

Cyber Search Partners

Location 

London

Employment Hours 

Full Time

Employment Type 

Permanent

Salary 

Apply Now
An error has occurred. This application may no longer respond until reloaded. Reload 🗙