Cyber Security Technologist Apprenticeship

SOFTSERVE SYSTEMS LIMITED

LONDON (EC4M 6XH)

Closes in 3 days (Friday 25 April 2025 at 11:59pm)

Posted on 7 April 2025

Print

Contents

Summary

This crucial role focuses on protecting digital environments, securing sensitive data, and minimizing cybersecurity threats. You'll assist in identifying vulnerabilities, deploying security measures, and monitoring potential risks to ensure robust security. Additionally, you'll be engaged in implementing Secure Software Development practices

Wage

£15,704 to £25,396.80, depending on your age

National Minimum Wage

Check minimum wage rates (opens in new tab)

Training course
Cyber security technologist (2021) (level 4)
Hours
Monday to Friday , 40 hours / week.

40 hours a week

Start date

Monday 5 May 2025

Duration

2 years

Positions available

1

Work

Most of your apprenticeship is spent working. You’ll learn on the job by getting hands-on experience.

What you’ll do at work

  • Collaborate with teams to identify cybersecurity risks and implement security controls, detection and prevention mechanisms
  • Assist in analyzing and mitigating security vulnerabilities across corporate systems and applications.
  • Analyse events from networks, security controls, systems and applications to detect and respond to security threats.
  • Support the development and enforcement of security policies, playbooks and best practices
  • Assist in performing security assessments, monitoring, audits, and penetration testing
  • Contribute to incident response plans and participate in resolving security breaches 
  • Stay updated with emerging cybersecurity threats, trends, and regulatory requirements 
  • Work collaboratively with IT, Cybersecurity teams, and business units to enhance overall security posture 

Where you’ll work

PART LOWER GROUND FLOOR
30 CANNON STREET
LONDON
EC4M 6XH

Training

Apprenticeships include time away from working for specialist training. You’ll study to gain professional knowledge and skills.

College or training organisation

GINGER NUT MEDIA LIMITED

Your training course

Cyber security technologist (2021) (level 4)

Equal to higher national certificate (HNC)

Course contents
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.
  • Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes, to a given design requirement without supervision. Provide evidence that the system meets the design requirement.
  • Analyse security requirements given (functional and non-functional security requirements that may be presented in a security case) against other design requirements (e.g. usability, cost, size, weight, power, heat, supportability etc.) for a given system or product. Identify conflicting requirements and propose, with reasoning, resolution through appropriate trade-offs.
  • Design and build, systems in accordance with a security case within broad but generally well-defined parameters. This should include selection and configuration of typical security hardware and software components. Provide evidence that the system has properly implemented the security controls required by the security case
  • Design systems employing encryption to meet defined security objectives. Develop and implement a plan for managing the associated encryption keys for the given scenario or system.
  • Use tools, techniques and processes to actively prevent breaches to digital system security.
  • Configure digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise.
  • Conduct cyber-risk assessments against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
  • Develop information security policies or processes to address a set of identified risks, for example from security audit recommendations.
  • Develop information security policies within a defined scope to take account of legislation and regulation relevant to cyber security.
  • Take an active part in a security audits against recognised cyber security standards, undertake gap analysis and make recommendations for remediation..
  • Develop plans for local business continuity for approval within defined governance arrangements for business continuity.
  • Assess security culture using a recognised approach.
  • Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
  • Develop plans for incident response for approval within defined governance arrangements for incident response.
  • Integrate and correlate information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compare to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach
  • Recognise anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools.
  • Undertake root cause analysis of events and make recommendations to reduce false positives and false negatives.
  • Manage local response to non-major incidents in accordance with a defined procedure.
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.

Your training plan

  • 1 hour per week with the training provider
  • The rest of the week at the employer's office, including remote work 
  • The schedule will be provided

Requirements

Essential qualifications

GCSE in:

  • English (grade 9-4)
  • Math (grade 9-5)

A Level in:

  • Computer Science (grade A*-C)
  • Math (grade A*-C)

Desirable qualifications

A Level in:

  • Business Study (grade A*-C)

Let the company know about other relevant qualifications and industry experience you have. They can adjust the apprenticeship to reflect what you already know.

Skills

  • Communication skills
  • IT skills
  • Attention to detail
  • Organisation skills
  • Problem solving skills
  • Presentation skills
  • Number skills
  • Analytical skills
  • Logical
  • Team working
  • Initiative
  • Patience

About this company

SOFTSERVE SYSTEMS LIMITED is a leading provider of digital business solutions, digital advisory, and digital engineering services, with a team of professionals across 14 countries. Headquartered in the US, SoftServe serves clients primarily in North America and Europe, helping them navigate complex challenges and transform through technology and domain insights.

https://www.softserveinc.com/en-us (opens in new tab)

Company benefits

SoftServe offers comprehensive benefits: access to Well Hub for wellness resources, generous vacation allowances, and private health medical coverage. These perks are designed to support your well-being and ensure you have the resources you need.

After this apprenticeship

  • Cyber Security Analyst: Focus on monitoring, detecting, and responding to security incidents and vulnerabilities
  • Cyber Security Engineer: Design, implement, and maintain security systems and infrastructure
  • Information Security Manager: Oversee security policies and procedures, and ensure compliance within an organisation
  • Penetration Tester: Test systems for vulnerabilities by simulating cyber-attacks
  • Security Consultant: Advise organisations on improving their security posture, risk management, and compliance
  • Security Architect: Design and implement secure IT infrastructures for  the organisation

Ask a question

The contact for this apprenticeship is:

GINGER NUT MEDIA LIMITED

ApprenticeUK@softserveinc.com

The reference code for this apprenticeship is VAC1000304789.

Apply now

Closes in 3 days (Friday 25 April 2025 at 11:59pm)

When you apply, you’ll be asked to sign in with a GOV.UK One Login. You can create one at the same time as applying for this apprenticeship.