IT Cyber Security Apprentice

Summary

You will help safeguard Plus Dane's systems, data, and devices. Your role will encompass various aspects of cyber security, including monitoring, analysis, investigations, and incident response. Additionally, you will have opportunities to participate in the general day-to-day infrastructure tasks.

Wage

£22,932 a year

Check minimum wage rates (opens in new tab)

The annual leave year operates between 1st April and 31st March. Annual leave entitlement for full time employees is 35 days (245 hours) plus bank holidays.

Training course

Cyber security technologist (2021) (level 4)

Hours

Monday to Friday, working hours TBC.

35 hours a week

Start date

Monday 1 September 2025

Duration

1 year 8 months

Positions available

1

Work

Most of your apprenticeship is spent working. You’ll learn on the job by getting hands-on experience.

What you'll do at work

PLEASE NOTE: Possession of a valid driving license and access to a vehicle is essential, as the role requires travel to offices in Liverpool (L3 4AE), Cheshire (CW12 1DT), and Runcorn, as well as visits to various sites across Merseyside and Cheshire.

Initially, there will be up to 4 days working out of our Liverpool and or Cheshire office to deliver shadowing of the team functions and processes or as the business requires.

We are excited to be recruiting an IT Cyber Security Apprentice who will have the opportunity to work as part of the infrastructure team within the broader IT Department.

You will assist the team in accordance with health and safety regulations and will be given an opportunity to gain skills alongside your apprenticeship qualification. The ideal candidate will be looking to develop a career which gives you the opportunity to develop your skills in IT, with a particular flare for infrastructure and Cyber Security and along with your customer service, communication, and people skills.

Monitor Security Alerts: Assist in monitoring security alerts and responding to potential threats, working with the infrastructure Team and Plus Dane partners
Incident Response: Participate in incident response activities, including identifying, analysing, and mitigating security incidents, working with the infrastructure Team and Plus Dane partners
Vulnerability Assessment: Conduct vulnerability assessments and assist in the implementation of remediation measures, working with the infrastructure Team and Plus Dane partners
Security Tools Management: Learn to use and manage various security tools and technologies
Support: Provide first-line support on incidents and service requests over the telephone, email, teams, in person and self-service portal and communicate updates on progress until resolution as needed by the business
Documentation: Maintain accurate and detailed documentation of security incidents, procedures, and policies
Administration: Complete general administrative tasks within the team such as managing inboxes, managing PO’s and other administrative tasks within the service area
Training and Awareness: Participate in security awareness training and contribute to educating staff on security best practices. Collaborating with our in-house trainer

Where you'll work

This apprenticeship is available in these locations:

Plus Dane Housing, Shepherds Mill, Worral Street, Congleton, CW12 1DT
Atlantic Pavilion, Salt House Quay, Royal Albert Dock, Liverpool, L3 4AE

Training

Apprenticeships include time away from working for specialist training. You’ll study to gain professional knowledge and skills.

College or training organisation

QA LIMITED

Your training course

Cyber security technologist (2021) (level 4)

Understanding apprenticeship levels (opens in new tab)

What you'll learn

Course contents

Discover vulnerabilities in a system by using a mix of research and practical exploration
Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
Configure, deploy and use computer, digital network and cyber security technology.
Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
Identify cyber security threats relevant to a defined context
Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.
Design, build, test and troubleshoot a network incorporating more than one subnet with static and dynamic routes, to a given design requirement without supervision. Provide evidence that the system meets the design requirement.
Analyse security requirements given (functional and non-functional security requirements that may be presented in a security case) against other design requirements (e.g. usability, cost, size, weight, power, heat, supportability etc.) for a given system or product. Identify conflicting requirements and propose, with reasoning, resolution through appropriate trade-offs.
Design and build, systems in accordance with a security case within broad but generally well-defined parameters. This should include selection and configuration of typical security hardware and software components. Provide evidence that the system has properly implemented the security controls required by the security case
Design systems employing encryption to meet defined security objectives. Develop and implement a plan for managing the associated encryption keys for the given scenario or system.
Use tools, techniques and processes to actively prevent breaches to digital system security.
Configure digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise.
Conduct cyber-risk assessments against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.
Develop information security policies or processes to address a set of identified risks, for example from security audit recommendations.
Develop information security policies within a defined scope to take account of legislation and regulation relevant to cyber security.
Take an active part in a security audits against recognised cyber security standards, undertake gap analysis and make recommendations for remediation..
Develop plans for local business continuity for approval within defined governance arrangements for business continuity.
Assess security culture using a recognised approach.
Design and implement a simple ‘security awareness’ campaign to address a specific aspect of a security culture.
Develop plans for incident response for approval within defined governance arrangements for incident response.
Integrate and correlate information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compare to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach
Recognise anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools.
Undertake root cause analysis of events and make recommendations to reduce false positives and false negatives.
Manage local response to non-major incidents in accordance with a defined procedure.
Discover vulnerabilities in a system by using a mix of research and practical exploration
Analyse and evaluate security threats and hazards to a system or service or processes. Use relevant external source of threat intelligence or advice (e.g. National Cyber Security Centre) Combine different sources to create an enriched view of cyber threats and hazards
Research and investigate common attack techniques and relate these to normal and observed digital system behaviour and recommend how to defend against them. Interpret and demonstrate use of external source of vulnerabilities (e.g. OWASP, intelligence sharing initiatives, open source)
Undertake security risk assessments for simple systems without direct supervision and propose basic remediation advice in the context of the employer.
Source and analyse security cases and describe what threats, vulnerability or risks are mitigated and identify any residual areas of concern.
Analyse employer or customer requirements to derive security objectives and taking account of the threats and overall context develop a security case which sets out the proposed security measures in the context with reasoned justification
Identify and follow organisational policies and standards for information and cyber security and operate according to service level agreements or other defined performance targets.
Configure, deploy and use computer, digital network and cyber security technology.
Recommend improvements to the cyber security posture of an employer or customer based on research into future potential cyber threats and considering threat trends.
Write program code or scripts to meet a given design requirement in accordance with employers' coding standards
Identify cyber security threats relevant to a defined context
Accurately, objectively and concisely record and report the appropriate cyber security information, including in written reports within a structure or template provided.

Your training plan

Why choose our Cyber Defender & Responder Level 4 apprenticeship?

The Cyber Defender & Responder apprentice will use investigation techniques and analytics skills to defend against and respond to cyber incidents within the network environment.

QA's exclusive partnership with Circadence Corporation, the pioneer of the hands-on gamified learning platform Project Ares®, allows us to uniquely incorporate hands-on scenario training into our cyber security apprenticeships.

The Project Ares platform offers a totally immersive experience, using automated features to support skills adoption with an in-game advisor, Athena, who advises our players through scenario-based challenges. The platform scenarios replicate the unpredictability and escalating levels of complexity that cyberattacks can present. It drives high levels of engagement through leaderboards and badges, elements used widely in the gaming world.

QA’s Cyber Defender & Responder Level 4 apprenticeship programme enables the apprentice to:

Develop problem-solving and critical thinking skills in a safe, but realistic environment
Apply all of the acquired skills throughout the programme, with added scoring of players and opponent actions with replay for objective assessment
Take part in hands-on training and active-learning models that increase retention rates by 75% so that cyber apprentices can prepare for real-world challenges

Requirements

Desirable qualifications

A Level in:

IT (grade Any)

BTEC in:

IT (grade Extended diploma)

Other in:

ICT (grade Level 3)
Relevant subject (grade Level 3)

Let the company know about other relevant qualifications and industry experience you have. They can adjust the apprenticeship to reflect what you already know.

Skills

IT skills
Customer care skills
Team working

Other requirements

Other requirements: This vacancy will close early if 100 applications are received.

About this company

We are a housing association with a strong social purpose. We employ almost 600 people and have more than 13,500 homes across Merseyside and Cheshire. We are an ambitious organisation striving to provide the very best possible services to over 30,000 customers who live in our homes. What unites us, as a team of colleagues, is our social purpose, strong values base and the positive impact that we can have on the communities our customers live in. We are committed to providing safe and secure homes for our customers, as well as delivering services that support them to live happy, healthy and fulfilled lives. At Plus Dane we are committed to Equality, Diversity and Inclusion. We encourage applications from all diverse backgrounds and all ages. If you have just left education, returning from a career break, or looking for a new direction we would love to hear from you.

Company benefits

This role requires you to drive. You will receive an additional £1,100 via monthly payments as part of your salary.

After this apprenticeship

When you successfully complete your apprenticeship you will be supported to apply for permanent roles in Plus Dane

Ask a question

The contact for this apprenticeship is: