As part of this evolution, we are looking for an Internal Cyber Defence Consultant to strengthen our defensive posture, lead the maturity of our Blue Team capability, and ensure Ricoh remains resilient against an ever evolving threat landscape.
This is a high impact individual contributor role with virtual leadership responsibilities and working closely with security, technology and business teams across Europe.
What you will be doing
The Internal Cyber Defence Consultant will be responsible for shaping and maturing Ricoh's defensive security operations. This includes overseeing detection engineering, incident response, threat hunting, and vulnerability management. You will guide the virtual Blue Team, set the direction for defensive strategy, and ensure security controls, processes, and technologies deliver protection across Ricoh's systems, networks and data.
Operating in a complex and fast paced environment, you will be accountable for the design and continual improvement of detection and response capabilities, while ensuring alignment with industry standards, regulatory requirements and Ricoh's risk appetite. This role blends technical expertise, leadership, analysis and communication, requiring someone who can influence without direct authority and act decisively when incidents occur.
Key Responsibilities Include:
Blue Team Leadership & Operations
- Leading and coordinating the virtual Blue Team, including SOC analysts, incident responders, threat hunters and defensive engineers
- Setting strategic direction, improving processes, and supporting skill development across the defensive capability
- Acting as a senior escalation point during investigations and major incidents
- Designing, implementing and tuning detection rules across SIEM, SOAR, EDR and NDR platforms
- Managing log ingestion, telemetry pipelines and data quality to ensure visibility across all environments
- Identifying gaps in logging, coverage or monitoring and driving improvements
- Managing incident response processes, including playbooks, tabletop exercises and post incident reviews
- Leading investigations, coordinating cross functional teams and ensuring effective containment, eradication and recovery
- Embedding lessons learned into future detection, tooling and process enhancements
Threat Hunting & Proactive Defence
- Conducting hypothesis driven threat hunts informed by threat intelligence
- Identifying stealthy or emerging threats not caught by automated detection
- Collaborating with Red Team operators to validate detection gaps and enhance Blue Team response
Vulnerability & Exposure Management
- Overseeing vulnerability management processes and coordinating risk based remediation
- Working with infrastructure and application teams to prioritise and address high risk weaknesses
- Reporting remediation progress and exposure trends to senior leadership
Governance, Reporting & Culture
- Ensuring compliance with ISO 27001, GDPR, NIS2 and internal security policies
- Providing clear reporting on threat trends, risk indicators, detection maturity and incident metrics
- Championing a security first culture through guidance, awareness and training initiatives
You will ideally have
Technical Expertise
- Strong hands on experience across SIEM, SOAR, EDR and NDR technologies - covering the Microsoft suite.
- Zero Trust experience, ideally with zScaler.
- Proficiency in detection engineering, alert tuning, log analysis and data correlation
- Solid understanding of MITRE ATT&CK, cyber kill chain and threat actor TTPs
- Experience conducting or leading incident response and digital forensics investigations
- Skilled in threat hunting techniques, anomaly detection and behavioural analytics
- Strong knowledge of vulnerability management processes and tooling
- Understanding of enterprise networks, cloud environments, endpoints and identity systems
Leadership & Interpersonal Skills
- Experience guiding virtual or multidisciplinary security teams
- Strong communicator, comfortable engaging senior stakeholders across technical and non technical functions
- Able to influence decision making, challenge assumptions and advocate for necessary security improvements
- Skilled at maintaining calm, clarity and leadership during high pressure security incidents
- Capable of building trust, fostering collaboration and promoting continuous improvement
Business & Strategic Acumen
- Understanding of Ricoh's business context, regulatory environment and operational dependencies
- Ability to translate technical risk into meaningful business impact
- Awareness of sector specific risks and organisational priorities
- Experience working in or with regulated enterprise environments
Qualifications & Experience
- Bachelor's degree in Cybersecurity, Computer Science, IT or related field
- Relevant certifications such as GCIH, GCIA, GMON or CISSP
- Extensive proven experience in defensive cyber security roles
- Proven experience in a leadership or senior operational position
- Hands on experience leading major incident investigations in enterprise environments
- Exposure to red/purple team exercises, detection tuning and threat driven defence
In return for your commitment, you can expect
At Ricoh, work should feel meaningful, supportive and fulfilling. The Ricoh Promise shapes your experience through four pillars that bring our culture to life.
Love to Connect
You become part of a global community built on openness, inclusion and genuine collaboration.
Across teams, countries and roles, you'll find people who listen, involve and encourage you - helping you feel valued and able to be yourself every day.
Love to Grow
Your development truly matters to us. With access to learning pathways, mentoring and career opportunities across functions and countries, you'll be supported to stretch your skills, explore new directions and stay future ready in a changing world.
Love to Give Back
Purpose is part of how we work. You'll have opportunities to make a difference through volunteering, sustainability initiatives and community programmes that reflect our shared values and commitment to positive impact.
Love to Succeed
Success at Ricoh is something we pursue together. You'll benefit from fair rewards, flexible working, wellbeing resources and real recognition - including programmes such as the Imagine. Change. Awards, where colleagues celebrate each other's achievements.
We are an equal opportunities employer
We believe that diverse perspectives make us stronger, and we welcome applications from people of all backgrounds, identities, and experiences. Our hiring decisions are based on skills, experience and potential, and we are committed to creating a fair and inclusive recruitment process. If you require any reasonable adjustments at any stage of the recruitment journey, please let us know and we will support you to bring your best self forward.