Level 4 Cyber Security Technologist
This apprenticeship is designed for individuals specialising in the cyber threats, hazards, risks, controls, measures and mitigations sector to protect organisations systems and people, through working on security design
and architecture, security testing, investigations and response.
Typical job roles: Security Architect, Penetration Tester, Security Analyst, Cyber Security Specialist, Information Security Assurance & Threat Analyst, Forensics and Incident Response Analyst, Security Engineer, Security Administrator
The learner role must have the knowledge to be able to carry out the below as a minimum the list below:
- Discover (through a mix of research and practical exploration) vulnerabilities in a system
- Analyse and evaluate security threats and hazards to a system or service or processes
- Be aware of and demonstrate use of relevant external sources of threat intelligence or advice
- Research and investigate some common attack techniques and recommend how to defend against them. Be aware of and demonstrate use of relevant external sources of vulnerabilities (e.g. OWASP)
- Undertake a security risk assessment for a simple system without direct supervision and propose basic remediation advice in the context of the employer.
- Develop a simple security case and design then build a system in accordance with the security case.
- Investigate different views of the future and trends in a relevant technology area and describe what this might.
- Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes
- Select and configure relevant types of common security hardware and software components to implement a given security policy.
- Conduct cyber risk assessments against externally recognised cyber security standard using a recognised risk assessment methodology.
The learner must hold Level 3 qualifications, which could include: A levels, a level 3 apprenticeship or other relevant qualifications. They must have a minimum of 12 months experience with the role or similar. Maths and English qualificaitons must be held. Minimum accepted levels include: Grade D GCSE or Level 1 Functional Skills.
Core/Mandatory Knowledge Module: Cyber Security Introduction
Option 1 (Technologist)
Module 2: Network and Digital Communications Theory
Module 3: Security Case Development and Design Good Practice
Module 4: Security Technology Building Blocks
Module 5: Employment of Cryptography
Option 2 (Risk Analyst)
Module 6: Risk Assessment
Module 7: Governance, Organisation, Law, Regulation and Standards
The duration of this apprenticeship is 24 months (please note the last 3 months of the apprenticeship are allocated for the end point assessment).
How Do We Support
During the duration of the programme, the learner will have a dedicated assessor who will visit them within the work place a minimum of once per month in order to support their learning, development of competency and generation of evidence.
This will also be supported between visits by off-site information, advice, guidance, academic progress and technical competence support.
The assessor will work with the learner and the employer in order to ensure that all learning needs are being met for both parties, in order to ensure successful progression against all elements of the apprenticeship during the period of the programme.
The knowledge modules and vendor qualifications will require formal teaching sessions, which may take place within an appropriate area within the workplace or off site, in order to ensure the learner gets the maximum benefit of the learning in order to successfully pass all associated exams.
End Point Assessment
In order to pass the apprenticeship, the learner needs to successfully pass the End Point Assessment. This assessment is made up through a number of stages:
- A portfolio – this is a collection of evidence from real work projects which have been completed during the apprenticeship
- A project – learners will undertake a business related project, within a controlled environment (away from the day to day workplace) over the period of one-week
- An employer reference – this is usually carried out via a face to face or skype call with an assessor from the end point assessment body
- A learner interview – this is carried out via a face to face or Skype call with an assessor from the end point assessment body, where questioning will be carried out around the contents of the portfolio and the project in order to verify the learners knowledge and competence
- The assessor from the end point assessment body will then decide whether to award successful apprentices with a pass, a merit or a distinction.
This apprenticeship is recognised for entry to both IISP and BCS Associate Membership and for entry onto the register of IT Technicians confirming SFIA level 3 professional competence and those completing the apprenticeship are eligible to apply for registration.