skip navigation
skip mega-menu

Meet Sajawal Kiani, Cyber Security Analyst at 6point6

This article was originally published on 14 September 2021. 
You can read the original article on the 6point6 website here.

 


 

Saj joined 6point6 from a highly reputable professional services firm, Deloitte, where he worked as a Cyber Security Consultant/ Manage, Detect and Respond Analyst. In this interview, we get to know Saj better as he shares insights into his experience in cyber security.


Saj, we are excited to have you on board. Why did you choose to join 6point6?

I joined 6point6 for two main reasons:

1) Technical knowledge: I have met many people with experience working in the military, public and private sectors. It is great to be around people who are passionate about all aspects of technology. Since everyone is a Subject Matter Expert (SME) in their fields, we can collaborate on new and exciting projects.

2) Opportunity to develop cyber capabilities: 6point6 is growing at a phenomenal speed and works to solve unique challenges. This allows us to grow and develop cyber capabilities. 6point6 was built by people who are dedicated and driven to solve the most complex problems, it is inspiring to work with such great people. I continue to learn from these great minds and build out our industry-changing cyber capabilities.

Thank you for the two great reasons! Let’s move on to the importance of cyber: how important do you think cyber security is to organisations in the public and private sectors?

That’s a great question as many companies don’t ask this. I like to use our defence forces as an example to helps put into perspective the importance of cyber. If you look at traditional warfare, we had three domains, Sea, Air and Land. However, now all defence teams acknowledge the fourth domain, cyber, which is considered one of the most important domains. We use technology for almost everything, nearly all aspects of our life are at risk of a cyber-attack. Anything from your smart TV to cars and phones connects to the internet in one way or another. In my lifetime technology has developed and evolved so fast, from phones just being used to make calls to them now functioning as a minicomputer in your pocket, highlighting that businesses need to update their security as fast, if not faster than their technology.

Traditionally, businesses avoided spending on security until they had to, but that approach and thinking must change. Firms are now attempting to take the security-first approach. I think organisations that don’t already have SMEs to implement security can use the services we offer here at 6point6. We can solve the most complex issues a company faces and use our experience to help build cyber capabilities.

Finally, I would encourage all firms to research recent cyber attacks in and outside their sector to understand the risk they face as a company.


Having worked across multiple clients from different sectors, what do you think are the biggest threats to firms in terms of Threat Monitoring?

The biggest weakness and threat all businesses have is their people. If we look at initial access, a lot of attackers gain access by tricking users into either downloading malware or giving away login credentials by clicking on links in emails, giving away confidential information via a phone or message. This is something very common, often people who don’t work in cyber don’t understand the concept of social engineering and adversaries often use this weakness to their advantage. I have always said that basic compliance training isn’t enough.  Firms should run active phishing campaigns, have talks, lunch and learns or podcasts, to create awareness of recent cyber issues that their people could face. 

Small things like marking external emails as external or training users to read and check sender emails can go a long way. It’s great to see that 6point6 train their employees to better detect social engineering techniques and phishing emails. 

At 6point6, everyone enjoys solving complex problems. How do you feel about this focus on taking complex projects?

Anyone who joins 6point6 is looking for a challenge to expand their technical knowledge and a steep learning curve. From what I’ve experienced, people at 6point6 work hard to make brilliant ideas happen, and I believe it’s this attitude that propels us forward. There is a collaborative culture at 6point6, this enables us to solve the problems our clients are not aware of.  


Can you tell me about your background?

I started my career as a cyber security graduate in 2019. Since then, I have had the opportunity to learn from and work with SMEs across all cyber capabilities. Early on, I joined the Cyber Intelligence Centre working in the threat monitoring team. This allowed me to investigate, escalate and respond to security threats for numerous clients across multiple sectors. As a security analyst, I would also provide customer-specific security recommendations on the identified threats, this enabled our clients to deal with threats efficiently and promptly.

As my knowledge of cyber security expanded, I was promoted to a lead analyst for a global energy company. I was the key point of contact between my team and the client. I led this engagement for almost two consecutive years and supported the client’s recovery from a cyber attack. As the lead analyst, my responsibilities included advising my client on their cyber security posture via weekly, monthly and quarterly reports, creating custom playbooks for new detection rules, service and security KRIs (Key Risk Indicators) and many others.


Any last words?

I would like to encourage anyone who is looking for a challenge and wants to grow as a professional to come join our ever-growing 6point6 family. If anyone has any questions related to cyber, feel free to reach out to me or my peers. 

 


 

Interested in a career at 6point6? Explore our current opportunities.



Subscribe to our newsletter

Sign up here