Cyber Security Technician Apprentice

Job Description

The Cyber Security Technician Apprentice supports Keltbray’s cyber security operations by providing first‑line defence against threats, helping to ensure secure and uninterrupted business activities. This role is responsible for monitoring, detecting, and responding to potential security incidents, maintaining cyber hygiene across all systems, and assisting with compliance to recognised standards such as Cyber Essentials Plus (CE+).

You will help promote cybersecurity awareness throughout Keltbray by leading awareness campaigns and engaging staff in best practices to strengthen the overall security culture.

• Assist in monitoring, analysing, and responding to alerts from security tools such as firewalls, SIEM, EDR, and SWG systems under supervision.
• Identify, triage, and escalate potential security incidents in line with defined procedures, seeking guidance when necessary.
• Support the investigation and remediation of security alerts and vulnerabilities alongside senior team members.
• Help operate and maintain the organisation’s vulnerability management platform (Qualys) to detect and remediate system vulnerabilities, under direction.
• Assist with automated and manual patch deployment cycles, ensuring timely remediation of identified risks.
• Contribute to regular reports summarising vulnerability trends, patch compliance, and remediation progress.
• Support the administration of endpoint protection, detection, and response solutions to safeguard against malware, ransomware, and unauthorised access.
• Assist with the configuration and management of encryption, device control, and endpoint policy enforcement.
• Help ensure devices remain compliant with baseline configurations and endpoint protection policies.
• Support monitoring and management of the organisation’s SWG platform to enforce safe and secure internet usage.
• Apply web access policies and content filtering aligned with organisational security posture, under supervision.
• Assist in investigating and reporting on web‑based security events, ensuring appropriate remediation steps are taken.
• Support the ITSD in maintaining ongoing Cyber Essentials Plus readiness through vulnerability testing, evidence gathering, and compliance validation.
• Assist with annual CE+ assessment preparation and help ensure all technical controls meet required standards.
• Work collaboratively across IT functions to remediate non‑compliance issues and improve audit readiness.

• Understanding of best practice in relation to cyber security.
• Assist in the secure onboarding and offboarding of users, ensuring access rights are correctly provisioned and removed.
• Assist in post‑incident reviews and help document lessons learned for continuous improvement.
• Help carry out periodic checks to ensure systems and processes comply with internal and external standards.
• Basic end‑user support/training of hardware and software.
• Good level of working IT knowledge and practices.
• Engage effectively with any ICT supplier and third parties regarding support of software, hardware and systems.
• Keep working area, cupboards, and storage area clean, tidy, safe and equipment/spares organised.

Desired:

• A demonstrable interest in IT or cyber security
• A‑levels, BTEC, or equivalent in IT, Computer Science, or a related subject
• Any introductory IT or cyber security certification
• Basic principles of cyber security, including confidentiality, integrity, and availability
• Importance of cyber security awareness and promoting a positive security culture
• The importance of maintaining privacy and confidentiality in all aspects of cyber security
• Core components of an organisation’s IT infrastructure: hardware, operating systems, networks, software, and cloud services
• Common cyber security threats and vulnerabilities (e.g., malware, phishing, ransomware, social engineering)
• Key cyber security policies and standards (e.g., acceptable use, incident management, patching, anti‑virus, access control)
• Principles of identity and access management, including authentication and authorisation
• Processes for detecting, reporting, and responding to security incidents
• Fundamentals of vulnerability…