Role Purpose
The Security Operations Apprentice role within the RAC Security Operations team carries out operational monitoring, detection and response activities. Operations spans multiple domains including cyber threat intelligence, threat hunting, detection, incident response, vulnerability management and access control management.

Reports to: Security Architect & Engineering Manager

Relationships: IT & Digital Technical Teams, Managed Service Providers/Suppliers, InfoSec Team

Apprenticeship Overview – L4 CST – Security Engineer

Expected duration: 24 months

Apprenticeship level: Higher (Level 4)

Programme: L4 Cyber Security Technologist

During this apprenticeship, you will follow a fully supported training programme with LearnTech, delivered through combined classroom-based training, workplace assessment/training and online learning.

The training covers the following core occupational duties:

https://www.instituteforapprenticeships.org/apprenticeship-standards/cyber-security-technologist-2021-v1-0

Key Responsibilities:

• Apply procedures and controls to maintain security and control of an organisation.
• Process cyber security helpdesk requests ensuring confidentiality, integrity and availability of digital information, meeting relevant legal and regulatory requirements for example access control requests.
• Monitor, identify, report and escalate information security incidents and events in accordance with relevant procedures and standards.
• Contribute to documenting the scope and evaluating the results of vulnerability assessments in accordance with management requirements.
• Maintain an asset register of controlled environments in accordance with relevant policies, procedures and standards.
• Monitor and detect potential security threats and escalate in accordance with relevant procedures and standards.
• Practice continuous self-learning to keep up to date with industry trends and developments to enhance relevant skills and take responsibility for own professional development.
• Conduct regular review of access rights to digital information assets in accordance with relevant procedures and standards.
• Produce regular KPIs and Metrics

Need to know

The role holder will work predominantly within a cybersecurity operational capacity with a focus on monitoring, detection and response.

They will be capable of acting outside the scope of playbooks in an out-of-the-box and on occasion “living off the land” scenario.

What you’ll need:

• A drive to progress, with a hunger to learn new things and pick up increasing responsibilities.
• Working understanding of Cyber security policies and standards based on an Information Security Management System (ISMS)
• Cyber security awareness and components of an effective security culture, different organisational structures and cultures, the importance of maintaining privacy and confidentiality of an organisation's information and the impact of a poor security culture
• Working understanding of Core terminology of cyber security – confidentiality, integrity, availability (the CIA triad), assurance, authenticity, identification, authentication, authorization, accountability, reliability, non-repudiation, access control
• Working understanding of effective offensive tactics, techniques and procedures – particularly within a blue team context.
• Working understanding of threat hunting methodologies and techniques.
• Working understanding of how detections work in various mediums, and how to develop them.
• A general knowledge of vulnerability management and/or access management concepts would be beneficial.
• General coding/scripting knowledge would be greatly beneficial.

Education:

Those with a bachelor’s degree in a computing subject may apply for this position, however, relevant checks will be completed to ensure the candidate is eligible for the apprenticeship programme. Cyber security specific degrees and master’s degrees in computing subjects will make a candidate ineligible for this apprenticeship programme.

Competencies/Behaviours:

• Achievement Drive
• Building Relationships
• Continuous Improvement
• Interpersonal & Influencing Skills
• Judgement & Decision-Making
• Leading Change
• Specialist Knowledge – Job Specific, technical network and security.

Requirements

It is a requirement to have GCSE 9-4 (A*-C) grades or equivalent in English and Maths to apply for this type of apprenticeship. Entry also requires a good knowledge of IT systems, network infrastructure and hardware and software systems. Level 3 study would be advantageous.

Eligibility

You must meet the following eligibility criteria to apply for the role:

- Have been a UK/EEA resident for the last 3 years

- Hold valid residency status

- Have the right to work in the UK

Job Types: Full-time, Apprenticeship

Pay: £22,000.00-£23,000.00 per year

Work Location: In person

Application deadline: 30/09/2024