Cyber Security Technologist

In today’s digital age, cyber security is more important than ever. With threats from malware, ransomware, phishing, and hacking on the rise, companies of all sizes are turning to cyber security professionals to safeguard their crucial data and protect their customers. As a cyber-security technologist, you’ll play a vital role in defending organizations, systems, and personal information from attacks and unauthorized access.

With almost all personal data stored online, the impact of cyber security breaches can be devastating to businesses and individuals alike. High-profile attacks on organizations like the NHS, Yahoo, and LinkedIn have heightened awareness of the risks involved. In fact, nearly half of all UK businesses have experienced some form of cyber attack in the past year. As a cyber-security technologist, you’ll be at the forefront of the fight against these threats.

Picture of a Cyber Security Technologist

The Cyber Security Technologist role offers three distinct options, each with its own focus and responsibilities:

1) Cyber Security Engineer: Design, build, and test secure networks and systems, with a strong emphasis on security aspects.

2) Cyber Risk Analyst: Assess risks, analyze data, and provide advice on mitigating threats. Support security governance, compliance, and regulatory processes.

3) Cyber Defender & Responder: Configure and operate secure systems, monitor for breaches, and respond swiftly to security incidents.

In this dynamic field, you’ll collaborate with a diverse range of people, both within and outside your organization. From technical specialists to non-specialists, you’ll interact with a variety of stakeholders to achieve cyber security outcomes. Your work may take place in an office, computer room, or lab setting, and your role may include supervisory responsibilities and budget management.

Embark on a rewarding career that combines cutting-edge technology with critical problem-solving skills. Join the fight against cyber security threats and become a cyber security technologist today.

Enquire now to start your learning journey

Knowledge, Skills and Behaviours

Knowledge

Principles of networks: OSI and TCP/IP models, data, protocols and how they relate to each other; the main routing protocols; the main factors affecting network performance including typical failure modes in protocols and approaches to error control; virtual networking
The concepts, main functions and features of at least three Operating Systems (OS) and their security functions and associated security features.
Cyber security concepts and why cyber security matters to business and society; Security assurance concepts and how assurance may be achieved in practice including penetration testing and extrinsic assurance methods.
The main types of common attack techniques; also the role of human behaviour, including the significance of the ‘insider threat’. Including: how attack techniques combine with motive and opportunity to become a threat. Techniques and strategies to defend against attack techniques and mitigate hazards
The significance of identified trends in cyber security threats and understand the value and risk of this analysis. How to deal with emerging attack techniques (including ‘zero day’), hazards and vulnerabilities relevant to the digital systems and business environment.
Lifecycle and service management practices to an established standard to a foundation level for example Information Technology Infrastructure Library (ITIL) foundation level.
Cyber incident response processes, incident management processes and evidence collection/preservation requirements to support incident investigation
Understands the main features, applicability and how to apply the significant law, regulations and standards relevant specifically to cyber security. To include: laws, regulations & standards relating to personal data and privacy (e.g. Data Protection Act 2018 implementing General Data Protection Regulation); use of digital systems (e.g. Computer Misuse Act 1990 ); regulatory standards for cyber security, intelligence collection and law enforcement (e.g. Intelligence Services Act 1994, Regulation of Investigatory Powers Act 2000; standards for good practice in cyber security (e.g. ISO 27001, CyberEssentials, NIST) and any updates or additions
Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
How to analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
Horizon scanning including use of recognised sources of threat intelligence and vulnerabilities.
Common security architectures and methodologies; be aware of reputable security architectures that incorporates hardware and software components, and sources of architecture patterns and guidance. How cyber security technology components are typically deployed in digital systems to provide security functionality including: hardware and software to implement security controls
The basic terminology and concepts of cryptography; common cryptography techniques in use; the importance of effective key management and the main techniques used; legal, regulatory and export issues specific to the use of cryptography
Risk assessment and audit methodologies and approaches to risk treatment; approaches to identifying the vulnerabilities in organisations and security management systems; the threat intelligence lifecycle; the role of the risk owner in contrast with other stakeholders
Principles of security management systems, including governance, organisational structure, roles, policies, standards, guidelines and how these all work together to deliver the identified security outcomes.
Function and features of significant digital system components; typical architectures; common vulnerabilities in digital systems; principles and common practice in digital system security
Programming or scripting languages

Skills

Discover vulnerabilities in a system by using a mix of research and practical exploration
Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
Configure, deploy and use computer, digital network and cyber security technology.
Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes, to a given design requirement without supervision. Provide evidence that the system meets the design requirement.
Analyse security requirements given (functional and non-functional security requirements that may be presented in a security case) against other design requirements (e.g. usability, cost, size, weight, power, heat, supportability etc.) for a given system or product. Identify conflicting requirements and propose, with reasoning, resolution through appropriate trade-offs.
Design and build, systems in accordance with a security case within broad but generally well-defined parameters. This should include selection and configuration of typical security hardware and software components. Provide evidence that the system has properly implemented the security controls required by the security case
Write program code or scripts to meet a given design requirement in accordance with employers’ coding standards
Design systems employing encryption to meet defined security objectives. Develop and implement a plan for managing the associated encryption keys for the given scenario or system.
Use tools, techniques and processes to actively prevent breaches to digital system security.
Conduct cyber-risk assessments against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
Identify cyber security threats relevant to a defined context
Develop information security policies or processes to address a set of identified risks, for example from security audit recommendations.
Develop information security policies within a defined scope to take account of legislation and regulation relevant to cyber security.
Take an active part in a security audits against recognised cyber security standards, undertake gap analysis and make recommendations for remediation..
Develop plans for incident response for approval within defined governance arrangements for incident response.
Develop plans for local business continuity for approval within defined governance arrangements for business continuity.
Assess security culture using a recognised approach.
Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
Integrate and correlate information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compare to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach
Recognise anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools.
Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.
Configure digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise.
Undertake root cause analysis of events and make recommendations to reduce false positives and false negatives.
Manage local response to non-major incidents in accordance with a defined procedure.

Behaviours

Logical – Applies logical thinking, for example, uses clear and valid reasoning when making decisions related to undertaking the work instructions
Analytical – working with data effectively to see patterns, trends and draw meaningful conclusions.
Works independently and takes responsibility. For example works diligently regardless of how much they are being supervised, and stays motivated and committed when facing challenges
Shows initiative, being resourceful when faced with a problem and taking responsibility for solving problems within their own remit
Thorough & organised. For example uses their time effectively to complete work to schedule and takes responsibility for managing their own work load and time
Works effectively with a wide range of people in different roles, internally and externally, with a regard to inclusion & diversity policy
Communicates effectively in a wide variety of situations for example contributing effectively to meetings and presenting complex information to technical and non-technical audiences
Maintains a productive, professional and secure working environment.
Creative – taking a variety of perspectives, taking account of unpredictable adversary and threat behaviours and approaches, bring novel and unexpected solutions to address cyber security challenges
Problem Solving – Identifies issues quickly, solves complex problems and applies appropriate solutions. Dedicated to finding the true root cause of any problem and find solutions that prevent recurrence.

Key Info

Duration

This apprenticeship will typically take 24-27 months to complete.

Level

This apprenticeship standard is at Level 4.

Qualifications

Where an apprentice has not already achieved Level 2 English and Maths, they must do so before taking the end-point assessment.

Professional Recognition

This standard aligns with the following professional recognition:

RITTech for level 4

Training Provider

Receive top-notch training from one of our handpicked providers in our trusted network.

Allow us to handle the seamless connection between you and a training provider who will expertly guide you and your employer through your personalised training journey. With their support, you will elevate your skills and excel in your role.

Enquire now to start your learning journey

[fluentform id=”30″]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cyber Security Technologist