Job Description

The Cyber Security Technician Apprentice supports Keltbray’s cyber security operations by providing first‑line defence against threats, helping to ensure secure and uninterrupted business activities. This role is responsible for monitoring, detecting, and responding to potential security incidents, maintaining cyber hygiene across all systems, and assisting with compliance to recognised standards such as Cyber Essentials Plus (CE+).

You will help promote cyber security awareness throughout Keltbray by leading awareness campaigns and engaging staff in best practices to strengthen the overall security culture.

Primary

Duties & Responsibilities

• Assist in monitoring, analysing, and responding to alerts from security tools such as firewalls, SIEM, EDR, and SWG systems under supervision.
• Identify, triage, and elevate potential security incidents in line with defined procedures, seeking guidance when necessary.
• Support the investigation and remediation of security alerts and vulnerabilities alongside senior team members.
• Help operate and maintain the organisation’s vulnerability management platform (Qualys) to detect and remediate system vulnerabilities, under direction.
• Assist with automated and manual patch deployment cycles, ensuring timely remediation of identified risks.
• Contribute to regular reports summarising vulnerability trends, patch compliance, and remediation progress.
• Support the administration of endpoint protection, detection, and response solutions to safeguard against malware, ransomware, and unauthorised access.
• Assist with the configuration and management of encryption, device control, and endpoint policy enforcement.
• Help ensure devices remain compliant with baseline configurations and endpoint protection policies.
• Support monitoring and management of the organisation’s SWG platform to enforce safe and secure internet usage.
• Apply web access policies and content filtering aligned with organisational security posture, under supervision.
• Assist in investigating and reporting on web‑based security events, ensuring appropriate remediation steps are taken.
• Support the ITSD in maintaining ongoing Cyber Essentials Plus readiness through vulnerability testing, evidence gathering, and compliance validation.
• Assist with annual CE+ assessment preparation and help ensure all technical controls meet required standards.
• Work collaboratively across IT functions to remediate non‑compliance issues and improve audit readiness.

Secondary

• Understanding of best practice in relation to cyber security.
• Assist in the secure onboarding and off‑boarding of users, ensuring access rights are correctly provisioned and removed.
• Assist in post‑incident reviews and help document lessons learned for continuous improvement.
• Help carry out periodic checks to ensure systems and processes comply with internal and external standards.
• Basic end‑user support/training of hardware and software.
• Good level of working IT knowledge and practices.
• Engage effectively with any ICT supplier and third parties regarding support of software, hardware and systems.
• Keep working area, cupboards, and storage area clean, tidy, safe and equipment/spares organised.

Requirements

Desired:

• A demonstrable interest in IT or cyber security
• A‑levels, BTEC, or equivalent in IT, Computer Science, or a related subject
• Any introductory IT or cyber security certification
• Basic principles of cyber security, including confidentiality, integrity, and availability
• Importance of cyber security awareness and promoting a positive security culture
• The importance of maintaining privacy and confidentiality in all aspects of cyber security
• Core components of an organisation’s IT infrastructure: hardware, operating systems, networks, software, and cloud services
• Common cyber security threats and vulnerabilities (e.g., malware, phishing, ransomware, social engineering)
• Key cyber security policies and standards (e.g., acceptable use, incident management, patching, anti‑virus, access control)
• Principles of identity and access management, including authentication and authorisation
• Processes for detecting, reporting, and responding to security incidents
• Fundamentals of vulnerability management and assessment

Skills & Abilities

• Ability to follow information security procedures and protocols accurately
• Basic technical troubleshooting and problem‑solving skills
• Capable of supporting vulnerability management and patching activities
• Effective written and verbal communication skills, including the ability to explain technical issues to non‑technical users
• Ability to document incidents, actions, and findings clearly and concisely
• Capable of working collaboratively within a team and with other departments
• Able to handle confidential information responsibly and ethically
• Willingness to learn new technologies and security practices
• Ability to prioritise tasks and manage time effectively
• Basic analytical skills for reviewing logs, reports, and security events
• Ability to elevate issues appropriately when outside own level of expertise

Diversity & Inclusion

We advocate for difference and champion diversity to foster an inclusive environment that allows our people to bring their true selves to their work every day and enable our people to thrive by promoting health and preventing harm. Keltbray welcomes everyone who shares our values, regardless of their age, belief, disability, ethnicity, gender identity, maternity status, marital status, pregnancy, religion, sex or sexual orientation.