Cyber Apprentice (British International Investment)

BRITISH INTERNATIONAL INVESTMENT PLC

London (SW1E 6DE)

Closes on Monday 23 June 2025

Posted on 15 May 2025

Print

Contents

Summary

British International Investment, the UK's Development Finance Institution, Impact Investor have an exciting new opportunity for a L4 Cyber Security Apprentice based in London.

Wage

£23,000 a year

Check minimum wage rates (opens in new tab)

Training course
Cyber security technologist (2021) (level 4)
Hours
Monday to Friday, 09:00 - 17:15.

36 hours 15 minutes a week

Start date

Monday 30 June 2025

Duration

2 years 2 months

Positions available

1

Work

Most of your apprenticeship is spent working. You’ll learn on the job by getting hands-on experience.

What you'll do at work

Purpose:

We are looking to develop and mature our cyber team by bringing on an apprentice who can learn and develop as a cyber security professional over a two year/24-month period.

As a cyber apprentice, you will collaborate with our cyber team and partners to maintain BII's security. Utilising cutting-edge tools and working alongside a team of seasoned security professionals, you will be integral to our mission. Your role will involve ensuring our technology is designed with security in mind, investigating and escalating suspicious events before they become incidents, and learning about risk management.

Our apprenticeship programme will provide you with experience across the entire cyber security lifecycle and provide you a solid foundation from which to build your career.

Your duties and responsibilities in this role will consist of:

In this dynamic role, you will engage in a variety of activities under the supervision of the head of security and the senior cyber analyst, including:

  • Monitoring and analysing security alerts: You'll keep an eye on our systems for any unusual activity and respond promptly to potential threats
  • Conducting vulnerability assessments: You'll help identify weaknesses in our systems and recommend improvements to enhance security
  • Participating in incident response: When a security incident occurs, you'll be part of the team that investigates and mitigates the impact
  • Collaborating on security projects: You'll work on projects aimed at improving our overall security posture, from implementing new technologies to refining existing processes
  • Educating staff: You'll assist in training sessions to ensure all employees understand best practices for staying safe online
  • Researching emerging threats: You'll stay up to date with the latest cyber threats and trends, helping us stay ahead of potential risks
  • You’ll be required to undertake study for industry recognised cyber security qualifications during the duration of the course. You will be provided time off to attend learning with an industry recognised learning provider

Where you'll work

123
Victoria Street
London
SW1E 6DE

Training

Apprenticeships include time away from working for specialist training. You’ll study to gain professional knowledge and skills.

College or training organisation

FIREBRAND TRAINING LIMITED

Your training course

Cyber security technologist (2021) (level 4)

Understanding apprenticeship levels (opens in new tab)

What you'll learn

Course contents
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.
  • Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes, to a given design requirement without supervision. Provide evidence that the system meets the design requirement.
  • Analyse security requirements given (functional and non-functional security requirements that may be presented in a security case) against other design requirements (e.g. usability, cost, size, weight, power, heat, supportability etc.) for a given system or product. Identify conflicting requirements and propose, with reasoning, resolution through appropriate trade-offs.
  • Design and build, systems in accordance with a security case within broad but generally well-defined parameters. This should include selection and configuration of typical security hardware and software components. Provide evidence that the system has properly implemented the security controls required by the security case
  • Design systems employing encryption to meet defined security objectives. Develop and implement a plan for managing the associated encryption keys for the given scenario or system.
  • Use tools, techniques and processes to actively prevent breaches to digital system security.
  • Configure digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise.
  • Conduct cyber-risk assessments against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
  • Develop information security policies or processes to address a set of identified risks, for example from security audit recommendations.
  • Develop information security policies within a defined scope to take account of legislation and regulation relevant to cyber security.
  • Take an active part in a security audits against recognised cyber security standards, undertake gap analysis and make recommendations for remediation..
  • Develop plans for local business continuity for approval within defined governance arrangements for business continuity.
  • Assess security culture using a recognised approach.
  • Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
  • Develop plans for incident response for approval within defined governance arrangements for incident response.
  • Integrate and correlate information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compare to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach
  • Recognise anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools.
  • Undertake root cause analysis of events and make recommendations to reduce false positives and false negatives.
  • Manage local response to non-major incidents in accordance with a defined procedure.
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.

Your training plan

This training plan has not been finalised. Check with this employer if you’ll need to travel to a college or training location for this apprenticeship.

More training information

Firebrand’s sector leading Level 4 Cyber Security Technologist (L4CST) Apprenticeship Programme trains apprentices to implement a series of technical, procedural, and physical controls to monitor, detect and respond to a wide range of cyber security threats.

The apprentice is trained in cyber risk and mitigation, maintaining the confidentiality, integrity, and availability of digital data. They will use their skills to feed into policy decisions of a cyber security awareness culture within the business.

The CST standard has 3 distinct options:

  • Cyber Security Engineer - designs, develops and implements security solutions across a network
  • Cyber Risk Analyst - assesses, analyses, and mitigates cyber-related risk
  • Cyber Defender & Responder - configures and monitors security systems and responds to incidents/security breaches

Firebrands course is delivered either Online (online live instructor led), or face to face in the classroom environment (your choice). Our Subject Matter Experts (SMEs), Learning Mentors (LMs) and world-leading trainers prepare apprentices to work across multiple sectors.

Completion of this apprenticeship will provide learners with the following world class vendor certifications in addition to the Cyber Security Technologist apprenticeship:

  • CompTIA Network+
  • CompTIA Security+
  • EC Council Certified Network Defender

Key areas covered are:

  • Networking & Cyber Security Fundamentals
  • Network Security
  • Threat, Vulnerability and Risk Assessment
  • Operating System Security
  • Cryptography
  • Information Security & Management Frameworks
  • Access Control Systems
  • Security Policies

Requirements

Essential qualifications

GCSE in:

5 GCSE's including English and Maths (grade (A*-C/9-4 or equivalent))

Let the company know about other relevant qualifications and industry experience you have. They can adjust the apprenticeship to reflect what you already know.

Skills

  • Team working
  • Initiative
  • Enthusiastic
  • Proactive learner
  • Adaptable
  • Fast paced environment
  • Reliable
  • Professional appearance
  • Seeks growth opportunities
  • Collaborative
  • Keen and curious

Other requirements

• Learning and development opportunities, including a two-year professional and technical skills training programme • Buddy & mentor scheme • International travel • 38 days annual leave, including bank holidays • Pension scheme • Mental wellbeing support, including psychological coaching, and talking therapies • Private medical insurance • Health screenings • Remote GP, virtual physiotherapy, and medical second opinions • Cycle to work scheme • Interest free season ticket loan • Access to Employee Assistance Programme – providing you with access to 24-hour confidential telephone counselling and a comprehensive online source of information on a range of issues, including mental health.

About this company

British International Investment are the UK's development finance institution and impact investor, backed by the UK Government. With over 70 years’ experience, we are a trusted investment partner to businesses in Africa, South Asia, Indo-Pacific and the Caribbean. We invest to create more productive, sustainable and inclusive economies, enabling people to build better lives for themselves and their communities. We currently partner with over 1,600 businesses, working with our investees to help them succeed and grow impactful businesses.

After this apprenticeship

The opportunity to progress to a higher certification and depending on performance conversion to a full-time role.

Ask a question

The contact for this apprenticeship is:

FIREBRAND TRAINING LIMITED

Sean Hove

SeanHove@bpp.com

01133500333

The reference code for this apprenticeship is VAC1000320739.

Apply now

Closes on Monday 23 June 2025

When you apply, you’ll be asked to sign in with a GOV.UK One Login. You can create one at the same time as applying for this apprenticeship.