Apprentice ICT Officer (Cyber)

Calderdale Metropolitan Borough Council

Halifax (HX1 1SP)

Closes in 31 days (Sunday 31 August 2025)

Posted on 30 July 2025

Print

Contents

Summary

Working in local government means being part of something bigger. You'll be part of a passionate team that values innovation, diversity, and service. If you're a curious, analytical thinker with a passion for technology and problem-solving, we want to hear from you!

Wage

£14,526.20 to £23,492.04, depending on your age

National Minimum Wage

Check minimum wage rates (opens in new tab)

Training course
Cyber security technologist (2021) (level 4)
Hours
Monday - Friday, 9.00am - 5.00pm. Flexible working hours, including home-working (subject to the needs of the role). The role may on occasion require working outside of the flexible working hours to support service delivery.

37 hours a week

Start date

Monday 3 November 2025

Duration

1 year 10 months

Positions available

1

Work

Most of your apprenticeship is spent working. You’ll learn on the job by getting hands-on experience.

What you'll do at work

  • Support cyber security risk assessments, cyber security audits and cyber security incident management.
  • Identify security threats and hazards to a system, service or processes to inform risk assessments and design of security features.
  • Liaise with colleagues across the Council to ensure the smooth running of the service, including IT, Procurement, Legal, Communications.
  • Manage cyber security operations processes in accordance with organisational policies and standards and business requirements.
  • Supporting IT Cyber procurements and implementations. Configure, deploy and use computer, digital network and cyber security technology.
  • Promote awareness and compliance of best cyber security and business controls posture within the service and across all customers.
  • Provide documented guidance within the service and across all customers.
  • Plan and manage own workload, under the guidance of IT Officers, to ensure that service delivery targets and project deadlines are met.
  • Develop skills relevant to the post and attend appropriate training commensurate with the role (full training will be provided on servers and infrastructure) and to provide and receive feedback
    on career development and progress.
  • Participate in simulated exercises to understand cyber-attack and defence, rehearse responses, test and evaluate cyber security techniques.

Where you'll work

Mulcture House
11 Mulcture Hall Rd
Halifax
HX1 1SP

Training

Apprenticeships include time away from working for specialist training. You’ll study to gain professional knowledge and skills.

Training provider

ESTIO TRAINING LIMITED

Training course

Cyber security technologist (2021) (level 4)

Understanding apprenticeship levels (opens in new tab)

What you'll learn

Course contents
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.
  • Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes, to a given design requirement without supervision. Provide evidence that the system meets the design requirement.
  • Analyse security requirements given (functional and non-functional security requirements that may be presented in a security case) against other design requirements (e.g. usability, cost, size, weight, power, heat, supportability etc.) for a given system or product. Identify conflicting requirements and propose, with reasoning, resolution through appropriate trade-offs.
  • Design and build, systems in accordance with a security case within broad but generally well-defined parameters. This should include selection and configuration of typical security hardware and software components. Provide evidence that the system has properly implemented the security controls required by the security case
  • Design systems employing encryption to meet defined security objectives. Develop and implement a plan for managing the associated encryption keys for the given scenario or system.
  • Use tools, techniques and processes to actively prevent breaches to digital system security.
  • Configure digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise.
  • Conduct cyber-risk assessments against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
  • Develop information security policies or processes to address a set of identified risks, for example from security audit recommendations.
  • Develop information security policies within a defined scope to take account of legislation and regulation relevant to cyber security.
  • Take an active part in a security audits against recognised cyber security standards, undertake gap analysis and make recommendations for remediation..
  • Develop plans for local business continuity for approval within defined governance arrangements for business continuity.
  • Assess security culture using a recognised approach.
  • Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
  • Develop plans for incident response for approval within defined governance arrangements for incident response.
  • Integrate and correlate information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compare to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach
  • Recognise anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools.
  • Undertake root cause analysis of events and make recommendations to reduce false positives and false negatives.
  • Manage local response to non-major incidents in accordance with a defined procedure.
  • Discover vulnerabilities in a system by using a mix of research and practical exploration
  • Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
  • Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
  • Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
  • Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
  • Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
  • Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
  • Configure, deploy and use computer, digital network and cyber security technology.
  • Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
  • Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
  • Identify cyber security threats relevant to a defined context
  • Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.

Training schedule

  • Successful completion of this apprenticeship gives you an accredited Level 4 Cyber Security Technologist qualification.
  • Workplace Learning
  • Provided with a 1:1 Tutor
  • Block Delivery - Virtual workshops

Requirements

Essential qualifications

GCSE in:

Maths and English (grade C / 5 or above)

Other in:

IT (grade Pass)

Share if you have other relevant qualifications and industry experience. The apprenticeship can be adjusted to reflect what you already know.

Skills

  • Communication skills
  • IT skills
  • Attention to detail
  • Problem solving skills
  • Patience

About this employer

Calderdale Metropolitan Borough Council is the local authority of the Metropolitan Borough of Calderdale in West Yorkshire, England. Calderdale is set in the beautiful South Pennines in West Yorkshire, a vibrant Metropolitan Borough, and an active part of Leeds City Region. With a career move to Calderdale Council, you will find a meaningful way to contribute. You will also make a real difference to others. With over 600 services, we offer a wide variety of roles. So, you can use your skills and experience to help others and make Calderdale a better place for everyone.

Company benefits

We have a range of workplace benefits available to all our employees, including: generous annual leave, Local Government Pension Scheme, Car leasing, Cycle scheme, travel offers, access to Mental Health services, staff networks, hybrid working

Disability Confident

Disability Confident

A fair proportion of interviews for this apprenticeship will be offered to applicants with a disability or long-term health condition. This includes non-visible disabilities and conditions.

You can choose to be considered for an interview under the Disability Confident scheme. You’ll need to meet the essential requirements to be considered for an interview.

After this apprenticeship

  • At the end of the apprenticeship programme, it is anticipated that you will be employment ready, and will be given the opportunity to apply for any available permanent employment opportunities within the IT Service and across the Council

Ask a question

The contact for this apprenticeship is:

ESTIO TRAINING LIMITED

The reference code for this apprenticeship is VAC1000334687.

Apply now

Closes in 31 days (Sunday 31 August 2025)

Sign in with your GOV.UK One Login to apply.

After signing in, you’ll apply for this apprenticeship on the company's website.