The broad purpose of the occupation is to apply an understanding of cyber security to protect organisations, systems, information, personal data and people from attacks and unauthorised access.

Fighting cyber security threats is a multi-billion-pound industry, and one that continues to grow as threats from the likes of malware, ransomware, phishing, DDoS attacks and hacking increase. Organisations both large and small are turning to cyber security professionals to help them keep their commercial and financial data, websites, infrastructure sites and their customers’ details safe.

With almost all personal data now stored online, cyber security attacks have the potential to completely ruin businesses – not to mention people’s lives – in the process. There are often

news stories about high-profile attacks, such as those on the NHS, Yahoo and LinkedIn, meaning that organisations are becoming increasingly concerned with any potential leaks that could occur. In fact, nearly half of all UK businesses experienced some form of attack in the last 12 months. As a cyber-security technologist, you will be part of the response to those attacks.

Cyber Security Technologists all require an understanding of security concepts and technology and how to mitigate risks arising from threats. The specific tasks undertaken vary depending on what needs to be achieved by the team at any particular time. Some tasks may be very technical, others may be more analytical, business or user focused. All roles in this occupation work to achieve required cyber security outcomes in a legal and regulatory context in all parts of the economy. They develop and apply practical knowledge of information security to deliver solutions that fulfil an organisations requirement.

The Cyber Security Technologist standard has three distinct options. At the end of the apprenticeship you will be competent in either:

1) The Cyber Security Engineer is the most technology focused role in the occupation and will typically design, build and test secure networks or security products or systems with a particular focus on the security aspects of the design.

Typical job titles include: Cyber Security Engineer, Cyber Security Consultant, Cyber Security Architect, Cyber Security Analyst, Cyber Security Specialist, IT Security Technician, Embedded Engineer.

2) The Cyber Risk Analyst Focuses on risk assessment, analysis and giving advice on risk mitigations. The roles may support formal security governance, regulatory & compliance (GRC).

Typical job titles include: Cyber Security Consultant, Cyber Security Analyst, Cyber Risk Analyst, Intelligence Researcher, Cyber Security Specialist, Information Security Analyst, Governance & Compliance Analyst, Information Security Assurance & Threat Analyst, Information Security Auditor.

3) The Cyber Defender & Responder is more operationally focused, configuring and operating secure systems to prevent security breaches or monitoring systems to detect and respond to security breaches.

Typical job titles include: Cyber Security Analyst, Cyber Security Operator, Forensics & Incident Response Analyst, Cyber Security Administrator, Information Security Officer, Secure Operations Centre (SOC) Analyst, Network Intrusion Analyst, Incident Response Centre (IRC) Analyst, Network Operations Centre (NOC) Security Analyst.

In their daily work, an employee in this occupation interacts with a broad range of people from their own organisation and externally including suppliers and customers, technical specialists, non-specialists, peers and senior representatives. The roles are typically office or computer room/lab based. Some employers will also have security clearance requirements, which may impose residency or nationality restrictions. An employee in this occupation will be responsible for their own work, work as part of a team including different levels of technical and non-technical skills, and may also be required to supervise work, budgets and other staff.

Candidates for this course should be working in a related sector.

All applications will be reviewed on an individual basis. If you have experience or previous knowledge that will support your application please remember to include it. Apprentices without level 2 English and maths will need to achieve this level prior to taking the End-Point Assessment.

Training and assessment fee £11,000

Levy employers 100% contribution required.
Non-levy employers Co-invested government contribution 95% Employer 5% £600

As an employer that doesn’t pay the apprenticeship levy, you pay just 5% towards the cost of training and assessing an apprentice.

The government will pay the rest up to the funding band maximum.

You’ll pay the training provider directly and agree on a payment schedule.

If you employ fewer than 50 employees, the government will pay 100% of the apprenticeship training costs up to the funding band maximum for apprentices aged:

  • 16 to 21
  • 19 to 24 with an education, health and care plan provided by their local authority or has been in the care of their local authority

Paying employer National Insurance contributions
Employers may not need to pay Class 1 National Insurance contributions for an apprentice, if the apprentice is:

  • under 25 years old
  • on an approved UK government apprenticeship standard or framework (these can differ depending on country)
  • earns less than £967 a week (£50,270 a year)

The apprentice, as an employee, will continue to pay Class 1 insurance contributions through their salary, this will only benefit the employer.

Read HMRC’s guidance on paying National Insurance contributions.