Summary
As a Cyber Security Analyst you will deliver an outcome-focused, professional and high-quality service.
You will assist the cyber team in responding to cyber security related alerts, issues, as well as taking part in larger cyber security tasks and projects alongside other cyber professionals within the team.
You will support the team with cyber risk assessment, collecting audit evidence and monitoring controls.
Work Activity Components
| Title | Details |
|---|---|
| Information review (THIN) (Level 2) | Assists with the cleaning and conversion of information gathered into consistent formats for use in operational security activities. |
| Threat intelligence gathering (THIN) (Level 2) | Contributes to routine threat intelligence gathering tasks. Monitors and detects security threats and escalates in accordance with relevant procedures and standards. |
| Threat modelling (THIN) (Level 2) | Assists in threat modelling activities based on intelligence gathered. |
| Violation and security breach (SCAD) (Level 2) | Assists in the investigation and resolution of issues relating to access controls and security systems. Investigates and reconciles violation reports and logs generated by automated systems. Investigates any other minor security breaches, in accordance with established procedures and security standards. Integrates findings from other investigators, and compiles reports and recommendations for management follow-up. |
| Security advice (SCAD) (Level 2) | Receives and responds to routine requests for security support. Maintains records and advises relevant persons of actions taken. |
| Auditable records (SCAD) (Level 2) | For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of evidence for use in internal and external audits, compliance or regulatory reporting, security accreditations, and business recovery plans — particularly in the data collection and compilation/production/distribution phases of the exercise. |
Behavioural Skills
| Title | Details |
|---|---|
| Ambiguity | Comfortable dealing with ambiguity and operating in environments that evolve and change. |
| Analytical Thinking | Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated. |
| Attention to Detail | Applying specific quality standards to all tasks undertaken to ensure that deliverables are accurate and complete. |
| Customer Focus | Understanding the needs of the internal or external customer and keeping these in mind when taking actions or making decisions. |
| Information Acquisition | Identifying gaps in the available information required to understand a problem or situation and devising a means of resolving them. |
| Resilience | Demonstrates resilience when working under pressure, displaying a calm and rational approach to the task at hand. |
| Teamwork | Working collaboratively with others to achieve a common goal. |
| Verbal Expression | Communicating effectively using the spoken word. |
| Written Expression | Communicating effectively in writing, such as reports and via emails. |
Technical Skills
| Title | Details | Depth |
|---|---|---|
| Access Control Systems | Any tool or system which provides security access control (i.e. prevents unauthorised access to systems). | Familiar with |
| Application Systems | Technical or functional understanding of Commercial Off-the-Shelf (COTS) applications and/or other bespoke software deployed within the organisation in order to provide system configuration, audit, technical, and/or functional support. | Aware of |
| Business Environment | The business environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners and competitors), in particular those aspects of the business that the specialism is to support (i.e. localised organisational awareness from a technical perspective). | Aware of |
| BYOD | The policy of permitting employees to bring personally owned mobile devices (laptops, tablets, smart phones etc) to their workplace, and the implications of using those devices to access privileged company information and applications consistent with safeguarding corporate systems and data taking account of security and confidentiality requirements. Also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC). | Aware of |
| Cloud/Virtualisation | The principles and application of cloud/ virtualisation (including ownership, responsibilities and security implications). Use of tools and systems to manage virtualised environments. | Aware of |
| Configuration Management | The discipline that gives precise control over IT assets and components by recording and maintaining information about the 'configuration items', including hardware devices, computer programs, software licences, documentation, network devices, and data centre facilities (virtualised and static). | Aware of |
| Corporate, Industry and Professional Standards | Applying relevant standards, practices, codes, and assessment and certification programmes to the specific organisation or business domain. | Aware of |
| Cyber Security Concepts | The understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied. | Aware of |
| Infrastructure/System Security | The security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. | Familiar with |
| IT Environment | The IT environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners), in particular own organisation's technical platforms and those that interface to them through the specialism, including those in closely-related organisations. | Aware of |
| National/International Standards | Current and emerging standards associated with IT practice nationally and internationally, published by authorities such as IEEE, IEC, BSI, ISO. | Aware of |
| Network Data Security | Network security and threat mitigation, including physical, electronic, firewalling, encryption, access, and authorisation; protecting data at rest and in transit; defending against viruses and malware; the impact of Big Data; and the integration of robust security controls into enterprise services and policies. | Familiar with |
| Operational/Service Architecture | Knowledge of the IT/IS infrastructure and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. | Aware of |
| Own Organisation's IT Products and Services | The IT products and/or services supplied to internal and external customers by own organisation. | Aware of |
| Third Party IT Products and Services | The IT products and/or services supplied to own organisation by external suppliers. | Aware of |
Other Skills
| Title | Details | Depth |
|---|---|---|
| Document Management Techniques | Methods and techniques for the organisation, storage and version control of information in both paper and electronic formats. | Aware of |
| Information Elicitation Techniques | The selection and application of information elicitation methods, tools and techniques that are appropriate to the information required and the sources available. | Aware of |
| Legislation | Relevant national and international legislation. | Familiar with |
| Literature Search | Methods, techniques and tools for searching and obtaining relevant knowledge from published literature. | Aware of |
| Network Data Gathering Techniques | The selection, implementation and application of network data gathering methods, tools and techniques that are appropriate to the information required and the sources available. | Familiar with |
| Research Techniques | Methods, techniques and tools for the systematic discovery, analysis, and reporting of knowledge about all aspects of information systems. | Aware of |
| Risk Management | Methods and techniques for the assessment and management of business risk. | Aware of |
| Threat Landscape | Knowledge and understanding of the threat landscape, regulatory and legislative requirements and awareness of industry good practice relating to information governance, privacy and security. | Aware of |
Training
| Title | Details |
|---|---|
| Information Security Management | Frameworks and standards for information security management, such as the international standard ISO/IEC 27001 for Information Security. |
| Investigation Techniques | Investigation and elicitation techniques (such as interviews, workshops, observation, statistical analysis) to obtain complete and accurate information about business areas and systems of interest. |
| Network Traffic Analysis | Methods and techniques for the capture of all forms of traffic information and the analysis of this into its constituent elements. |
| Security Software | Understanding the security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents. For example access control software like Active Directory (AD). |
| Software Security and Vulnerability Assessment | The process of identifying, quantifying and prioritizing (or ranking) the vulnerabilities in a system by assessing the threats from potential hazards to the organisation and infrastructure. |
| Supplier/Service Provider Training | The installation, testing and commissioning of supplier specific-products and services in a variety of situations and locations. |
Professional Development Activity (PDA)
| Title | Details | PDA Group |
|---|---|---|
| Communications | Undertaking learning and practice in oral and written communications, including report writing and presentation. | Developing Professional Skills |
| Gaining Knowledge of Employing Organisation | Gaining basic knowledge of the employing organisation, its business, structure, culture, policies, products/services, operations and terminology. | Increasing Knowledge |
| Gaining Knowledge of the Technical Environment | Gaining knowledge of IT activities in the employing organisation. | Increasing Knowledge |
| Involvement in Professional Body Activities | Attending meetings, seminars and workshops organised by professional body and reading published material, such as journals and web content. | Participation in Professional Activities |
| Job Shadowing and Special Assignments | Undertaking temporary periods or secondments in other roles, particularly those that offer a new perspective on own function or exposure to other environments and cultures. | Broadening Activities |
| Participation in Group Activities | Participating in group activities inside or outside of the working environment that can assist with the development of interpersonal skills. | Broadening Activities |
| Team Working | Undertaking learning and practice in the techniques of team and collaborative working. Gaining an understanding of the underlying concepts. | Developing Professional Skills |
Qualification Components
| Title | Awarding Bodies |
|---|---|
| FEDIP Associate Practitioner | The Federation for Informatics Professionals |
| SSCP Systems Security Certified Practitioner | (ISC)2 International Information Systems Security Certification Consortium |
The Professional Body Responsible for this job family is BCS. This job role profile was created in collaboration with BCS, using Role Model Plus.