CODE: ST0124

          LEVEL: 4

          DURATION: 24 months

A work based development programme designed for ICT colleagues that wish to develop their knowledge and skills in Cyber Security. They will have a key responsibility around cyber security will need to be able to apply an understanding of cyber threats, hazards, risks, controls, measures and mitigations to protect the organisations’ systems and people. They will be focused on the technical side work on areas such as; security design & architecture, security testing, investigations & response, and on the risk analysis side focus on areas such as operations, risk, governance & compliance.
  • Basic theory concepts such as security, identity, confidentiality, integrity, availability, threat, vulnerability, risk and hazard
  • Security assurance concepts and how assurance may be achieved in practice
  • How to build a security case deriving security objectives with reasoned justification in a representative business scenario
  • Explain how attack techniques combine with motive and opportunity to become a threat
  • Ability to describe ways to defend against attack techniques
  • Can describe the significance of identified trend in cyber security and understand
  • Discuss (through a mix of research and practical exploration) vulnerabilities in a system
  • Analyse and evaluate security threats and hazards to a system, service or processes
  • Research and investigate some common attack techniques and recommend how to defend against them
  • Be aware of and demonstrate use of relevant external sources of vulnerabilities (e.g. OWASP)
  • Undertake a security risk assessment for a simple system without direct supervision and propose basic remediation advice
  • Develop a simple security case without supervision
  • Logical and creative thinking skills
  • Analytical and problem solving skills
  • Ability to work independently and to take responsibility
  • Can use own initiative
  • A thorough and organised approach

In addition to the core one of the following specialisms must be completed:

Option 1: Technologist
Option 2: Risk Analyst

B-Skill directly delivers the whole standard through a delivery model that best suits the needs of the Employer. This can include 1:1 in the workplace, day release or a blended learning model that includes face-to-face sessions and distant learning via VLE.
This apprenticeship is recognised for entry to both IISP and BCS Associate Membership and for entry onto the Register of IT Technicians confirming SFIA level 3 professional competence. Those completing the apprenticeship are eligible to apply for registration.