Apprentice Cyber Security Analyst
A cyber security analyst is responsible for the implementation, maintenance and support of the security controls that protect an organisation's systems and data assets from threats and hazards. They ensure that security technologies and practices are operating in accordance with the organisation's policies and standards to provide continued protection. They require a broad understanding of network infrastructure, software and data to identify where threat and hazard can occur. They are responsible for performing periodic vulnerability assessments to evaluate the organisation's ongoing security posture and will provide visibility to management of the main risks and control status on an ongoing basis. They respond to security incidents and implement resolution activities across the organisation.
Skills - Be able to:
- Analyse and evaluate security threats and vulnerabilities to planned and installed information systems or services and identify how these can be mitigated against.
- Perform security risk assessments for a range of information systems and propose solutions.
- Develop a security case against recognised security threats, and recommend mitigation, security controls and appropriate processes.
- Define and justify a user access policy for an information system given knowledge of the system architecture, security requirements and threat/risk environment. This should be in terms of what they can do, resources they can access, and operations they are allowed to perform.
- Perform a business impact analysis in response to a security incident and follow a disaster recovery plan to meet elements of a given business continuity policy.
- Conduct a range of cyber security audit activities to demonstrate security control effectiveness.
Technical Knowledge - Knows and understands:
- The types of security (confidentiality, authentication; nonrepudiation; service integrity) and security big picture (network security; host OS security; physical security).
- The main types of common attack techniques, including phishing, social engineering, malware, network interception, blended techniques, denial of service and theft.
- How to recognise and assess risk including performing a risk assessment.
- How to apply penetration testing effectively and how it contributes to assurance.
- The different approaches to risk treatment and management in practice.
- What the 'cyber security culture' in an organisation is, and how it may contribute to security risk.