Details of standard
The primary role of a Cyber Security Technologist is to apply an understanding of cyber threats, hazards, risks, controls, measures and mitigations to protect organisations systems and people.
Those focused on the technical side work on areas such as security design & architecture, security testing, investigations & response.
Those focussed on the risk analysis side focus on areas such as operations, risk, governance & compliance.
Whether focussed on the technical or risk analysis side, all people in this occupation work to achieve required security outcomes in a legal and regulatory context in all parts of the economy. They develop and apply practical knowledge of information security to deliver solutions that fulfil an organisation’s requirements.
Typical job roles
Cyber Operations Manager, Security Architect, Penetration Tester, Security Analyst, Risk Analyst, Intelligence Researcher, Security Sales Engineer, Cyber Security Specialist, Information Security Analyst, Governance & Compliance Analyst, Information Security Assurance & Threat Analyst, Forensics & Incident Response Analyst, Security Engineer, Information Security Auditor, Security Administrator, Information Security Officer.
Individual employers will set the selection criteria, but this is likely to include A’ Levels, a relevant Level 3 apprenticeship, or other relevant qualifications, relevant experience and/or an aptitude test with a focus on functional maths.
Technical Competencies and Technical Knowledge and Understanding
ALL apprentices will cover the following:
|Technical Competencies||Technical Knowledge and Understanding|
|Threats, hazards, risks and intelligence
Developing and using a security case
|Understands the basics of cyber security including:
In addition to the core, all apprentices will do ONE of the following specialisms:
Option 1: Technologist
|Design build & test a network (“Build a network”)
Analysing a security case (“Make the security case”)
Structured and reasoned implementation of security in a network (“Build a secure network”)
|Technical Knowledge and Understanding|
- Understands the basics of networks: data, protocols and how they relate to each other; the main routing protocols; the main factors affecting network performance including typical failure modes in protocols and approaches to error control.
- Understands, at a deeper level than from Knowledge Module 1, how to build a security case: describe what good practice in design is; describe common security architectures; be aware of reputable security architectures that incorporates hardware and software components, and sources of architecture patterns and guidance. Understand how to build a security case including context, threats, justifying the selected mitigations and security controls with reasoning and recognising the dynamic and adaptable nature of threats.
- Understands how cyber security technology components are typically deployed in networks and systems to provide security functionality including: hardware and software
- Understands the basics of cryptography – can describe the main techniques, the significance of key management, appreciate the legal issues
Option 2: Risk Analyst
Cyber security risk assessment
- Conduct a cyber-risk assessment against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
- Identify threats relevant to a specific organisation and/or sector. Information security policy and process
- Develop an information security policy or process to address an identified risk.
- Develop an information security policy within a defined scope to take account of a minimum of 1 law or regulation relevant to cyber security.
Audit and assurance
- Take an active part in a security audit against a recognised cyber security standard, undertake a gap analysis and make recommendations for remediation.
Incident response and business continuity
- Develop an incident response plan for approval (within an organisations governance arrangements for incident response).
- Develop a business continuity plan for approval (within an organisations governance arrangements for business continuity).
Cyber security culture in an organisation
- Assess security culture using a recognised approach.
- Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
Technical Knowledge and Understanding
Understands relevant types of risk assessment methodologies and approaches to risk treatment; can identify the vulnerabilities in organisations and security management systems; understand the threat intelligence lifecycle; describe different approaches to risk treatment. Understand the role of the risk owner and contrast that role with other stakeholders.
Understands, at a deeper level than from Knowledge Module 1, the legal, standards, regulations and ethical standards relevant to cyber security: governance, organisational structure, roles, policies, standard, guidelines and how these all work together to deliver identified security outcomes. Also awareness of the legal framework, key concepts applying to ISO27001 (a specification for information security management), and awareness of legal and regulatory obligations for breach notificatio
Underpinning Skills, Attitudes & Behaviours
- Logical and creative thinking skills
- Analytical and problem solving skills
- Ability to work independently and to take responsibility
- Can use own initiative
- A thorough and organised approach
- Ability to work with a range of internal and external people
- Ability to communicate effectively in a variety of situations
- Maintain productive, professional and secure working environment
The Knowledge Modules are summarised below and further details are available in the occupational brief available from https://www.nsar.co.uk/digital-eqa/digital-apprenticeship-standards/
No vendor or professional qualifications have been identified that would exempt these Knowledge Modules. Core (all the apprentices take this Knowledge Module)
Knowledge Module 1: Cyber Security Introduction
Option 1 (Technologist): in addition to the core
Knowledge Module 2: Network and Digital Communications Theory Knowledge Module 3: Security Case Development and Design Good Practice Knowledge Module 4: Security Technology Building Blocks
Knowledge Module 5: Employment of Cryptography
Option 2 (Risk Analyst): in addition to the core
Knowledge Module 6: Risk Assessment
Knowledge Module 7: Governance, Organisation, Law, Regulation & Standards
English and Maths
Level 2 English and maths will need to be achieved, if not already, prior to taking the end point assessment.
This apprenticeship is recognised for entry to both IISP and BCS Associate Membership and for entry onto the Register of IT Technicians confirming SFIA level 3 professional competence. Those completing the apprenticeship are eligible to apply for registration.
The duration of this apprenticeship is typically 24 months.
This is a level 4 apprenticeship