Summary
As a Cyber Security Specialist you will delivering an outcome-focused, professional and high-quality service.
Using your specialist knowledge, you will conduct risk assessments on complex projects whilst being an escalation point to other members of the team.
You will lead on aspects of work, such as regularly managing audits and research projects.
You will act as a mentor and may be required to coach more junior members of the team.
You will support and contribute to the overall strategic approach of the department.
Work Activity Components
| Title | Details |
|---|---|
| Compliance (SCTY) (Level Four) | Contributes to compliance reviews. Assists in the assessment of configuration and security procedures for adherence to legal and regulatory requirements. |
| Controls and reviews (SCTY) (Level Four) | Conducts security control reviews in well-defined areas. Assesses security of information and infrastructure components. Investigates and assesses risks of network attacks and recommends remedial action. |
| Network usage (SCTY) (Level Four) | Reviews network usage. Assesses the implications of any unacceptable usage and breaches of privileges or corporate policy. Recommends appropriate action. |
| Risks and vulnerability (SCTY) (Level Four) | Conducts business risk and vulnerability assessments and business impact analysis for medium-complexity information systems. |
| Security architecture (SCTY) (Level Four) | Delivers elements of the security components of system architectures. |
| Security expertise (SCTY) (Level Four) | Explains the purpose of, and provides advice and guidance on, the application and operation of elementary physical, procedural and technical security controls (for example, the key controls defined in IS27002). Communicates information assurance risks and requirements effectively to users of systems and networks. |
| Threats and breaches (SCTY) (Level Four) | Investigates suspected attacks and undertakes the investigation and resolution of security incidents, in accordance with established procedures including incident management procedures. Uses forensics where appropriate. Reports on findings and lessons learnt/improvement actions. |
| Advice and guidance (INAS) (Level Four) | Provides advice and guidance to support and encourage adherence to information security principles. |
| Data privacy and information security culture (INAS) (Level Four) | Champions organisational commitment to data privacy and information security in their areas of influence. Promotes and supports a culture where data privacy and information security are the responsibility of every employee. Delivers awareness training to improve the security culture. |
| Implementation and processes (INAS) (Level Four) | Contributes to the effective implementation of information security processes to support the organisation’s information assurance strategy and policies. |
| Influencing partners (INAS) (Level Four) | Influences internal and external partners to ensure compliance with the organisation’s information security requirements. |
| Performance measures (INAS) (Level Four) | Produces information assurance management reports. |
| Policies (INAS) (Level Four) | Contributes to the development of, and implements, security and assurance policies relating to assessment of risks to information availability, integrity, authentication and confidentiality. |
| Risk assessment (INAS) (Level Four) | Carries out risk assessment as directed, using standard processes for identifying potential risks to information systems and infrastructure components. |
| Networking and communities (VURE) (Level 3) | Participates in research communities and uses available resources to maintain current knowledge of malware attacks and other cyber security threats. |
| Reporting (VURE) (Level 3) | Analyses and reports on research activities and results. |
| Research activities (VURE) (Level 3) | Applies standard techniques and tools for vulnerability research into new threats, attack vectors, risks and potential solutions. |
| Tools and techniques (VURE) (Level 3) | Applies tools, such as disassemblers, debuggers and fuzzers, to the analysis of embedded devices and/or the reverse engineering of hardware or software. |
| Threat intelligence gathering (THIN) (Level 3) | Performs routine threat intelligence gathering tasks. Interprets detected security threats to identify actionable insights. |
| Threat modelling (THIN) (Level 3) | Conducts basic modelling of threats based on gathered intelligence. |
| Risk strategy, processes and monitoring (BURM) (Level 3) | Maintains documentation of risks, threats, vulnerabilities and mitigation actions. |
Behavioural Skills
| Title | Details |
|---|---|
| Analytical Thinking | Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated. |
| Attention to Detail | Applying specific quality standards to all tasks undertaken to ensure that deliverables are accurate and complete. |
| Conceptual Thinking | Acquiring understanding and insights regarding the underlying issues in complex problems or situations through the development of abstract representations, the identification of patterns and the analysis of hypotheses. |
| Flexibility | Taking account of new information or changed circumstances and/or business requirements and modifying response to a problem or situation accordingly. |
| Information Acquisition | Identifying gaps in the available information required to understand a problem or situation and devising a means of resolving them. |
| Initiative | Being proactive, anticipating opportunities for systems, service or product improvement or development and taking appropriate action(s). |
| Persistence | Meeting targets, acting and/or fulfilling agreements even when adverse circumstances prevail. |
| Teamwork | Working collaboratively with others to achieve a common goal. |
| Verbal Expression | Communicating effectively using the spoken word. |
| Written Expression | Communicating effectively in writing, such as reports and via emails. |
Technical Skills
| Title | Details | Depth |
|---|---|---|
| Access Control Systems | Any tool or system which provides security access control (i.e. prevents unauthorised access to systems). | Proficient in |
| Analytical Tools | Analytical, statistical and machine learning tools appropriate to the organisational environment. Able to apply these tools and techniques to meet the requirements of stakeholders. | Familiar with |
| Application Systems | Technical or functional understanding of Commercial Off-the-Shelf (COTS) applications and/or other bespoke software deployed within the organisation in order to provide system configuration, audit, technical, and/or functional support. | Aware of |
| Big Data | The discipline associated with data sets so large and/or complex that traditional data processing applications are inadequate. The data files may include structured, unstructured and/or semi-structured data, such as unstructured text, audio, video, etc. Challenges include analysis, capture, curation, search, sharing, storage, transfer, manipulation, analysis, visualization and information privacy. | Aware of |
| Business Continuity Planning | Methods and techniques for risk assessment, business impact analysis, establishment of countermeasures and contingency arrangements relating to the serious disruption of IT services. | Aware of |
| Business Environment | The business environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners and competitors), in particular those aspects of the business that the specialism is to support (i.e. localised organisational awareness from a technical perspective). | Familiar with |
| BYOD | The policy of permitting employees to bring personally owned mobile devices (laptops, tablets, smart phones etc) to their workplace, and the implications of using those devices to access privileged company information and applications consistent with safeguarding corporate systems and data taking account of security and confidentiality requirements. Also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC). | Familiar with |
| Cloud/Virtualisation | The principles and application of cloud/ virtualisation (including ownership, responsibilities and security implications). Use of tools and systems to manage virtualised environments. | Familiar with |
| Corporate, Industry and Professional Standards | Applying relevant standards, practices, codes, and assessment and certification programmes to the specific organisation or business domain. | Familiar with |
| Cyber Security Concepts | The understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied. | Proficient in |
| Disaster Recovery Planning | Methods and techniques for planning for, and mitigating against, serious disruption of IT services. Techniques may include data replication, log shipping, HA, resilience, fallback location/services, offsite back-up, recovery time objectives (RTO), recovery point objectives (RPO), maximum tolerable downtime window, cloud computing, diversity, etc. | Aware of |
| Information Architecture | Methods, techniques and technologies for ingesting, securing, processing and using data and information within and beyond an organisation. | Familiar with |
| Infrastructure/System Security | The security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. | Proficient in |
| IT Audit | Principles, practices, tools and techniques of IT auditing. | Familiar with |
| IT Environment | The IT environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners), in particular own organisation's technical platforms and those that interface to them through the specialism, including those in closely-related organisations. | Familiar with |
| National/International Standards | Current and emerging standards associated with IT practice nationally and internationally, published by authorities such as IEEE, IEC, BSI, ISO. | Familiar with |
| Network Data Security | Network security and threat mitigation, including physical, electronic, firewalling, encryption, access, and authorisation; protecting data at rest and in transit; defending against viruses and malware; the impact of Big Data; and the integration of robust security controls into enterprise services and policies. | Proficient in |
| Network Traffic Analysis | Methods and techniques for the capture of traffic information (packet level) and the forensic analysis of this information into its constituent elements. | Familiar with |
| Networking and Communications | The planning and management of the interaction between two or more networking systems, computers or other intelligent devices. | Familiar with |
| Operating Systems | System software that controls activities such as input, output, dynamic resource allocation, and error reporting, within the operation of a computer configuration. | Familiar with |
| Operational/Service Architecture | Knowledge of the IT/IS infrastructure and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. | Familiar with |
| Own Organisation's IT Products and Services | The IT products and/or services supplied to internal and external customers by own organisation. | Familiar with |
| Security Software, Tools and Techniques | Specialist tools and techniques used in the pursuit of vulnerability management, penetration testing , digital forensics and other security management disciplines for bug-hunting, abstract interpretation and program analysis, binary analysis and reverse-engineering, exploit development, source code analysis, and static and dynamic application security testing (SAST/DAST) etc. | Familiar with |
| Third Party IT Products and Services | The IT products and/or services supplied to own organisation by external suppliers. | Familiar with |
Other Skills
| Title | Details | Depth |
|---|---|---|
| Coaching Techniques | Methods and techniques for coaching individuals or groups by a balanced combination of support and direction, which could include use of virtual learning environments plus add-ons to augment feedback specific to work items, workflow or career plans. | Aware of |
| Data Protection | Principles, practices, tools and techniques to ensure data protection. | Familiar with |
| Document Management Techniques | Methods and techniques for the organisation, storage and version control of information in both paper and electronic formats. | Familiar with |
| Enterprise Architecture | Understanding of Enterprise Architecture principles and practises, e.g. as defined within TOGAF, used to create a strategic framework to align the organisation's business strategy, processes, information, and technology to satisfy business goals. Enterprise architecture provides a holistic view of the organisation, enabling effective decision-making, optimisation of resources, and more efficient adaptation to change in the business environment. | Aware of |
| Information Assurance Methods and Tools | Information assurance methods, tools and techniques (including the Caldicott Principles) used to protect the integrity, availability, authenticity, non-repudiation and confidentiality of user data and manage the risks related to the use, processing, storage, and transmission of information. | Proficient in |
| Legislation | Relevant national and international legislation. | Familiar with |
| Literature Search | Methods, techniques and tools for searching and obtaining relevant knowledge from published literature. | Familiar with |
| Network Data Gathering Techniques | The selection, implementation and application of network data gathering methods, tools and techniques that are appropriate to the information required and the sources available. | Familiar with |
| Presentation Techniques | Methods and techniques for delivering effective and accessible presentations, either face-to-face or online within various contexts and to a variety of audiences. | Familiar with |
| Process Documentation Techniques | Principles, methods and techniques for establishing, documenting and maintaining processes. | Aware of |
| Project Risk Management | The identification, assessment and management of project risks, that could result in time or cost over-runs, or failure to deliver products which are fit for purpose. | Aware of |
| Report Writing Techniques | Methods and techniques for writing clear, accessible and persuasive reports. | Aware of |
| Research Techniques | Methods, techniques and tools for the systematic discovery, analysis, and reporting of knowledge about all aspects of information systems. | Familiar with |
| Risk Management | Methods and techniques for the assessment and management of business risk. | Familiar with |
| Standards Writing Techniques | Principles, methods and techniques for establishing, documenting, and maintaining standards. | Aware of |
| Techniques for Effective Meetings | Methods and techniques for running effective meetings and for understanding and influencing the roles played by participants. | Aware of |
| Threat Landscape | Knowledge and understanding of the threat landscape, regulatory and legislative requirements and awareness of industry good practice relating to information governance, privacy and security. | Proficient in |
Training
| Title | Details |
|---|---|
| Coaching | Concepts, methods and techniques for providing coaching in subject specialisms to individuals or groups (e.g. GROW model). |
| Data Management | Data management concepts, methods, tools and techniques relating to the planning, development, implementation, administration and curation of data. |
| Local Area Networks | Features and characteristics of local area networks relevant to installation and support of hardware and software components. |
| Mentoring | Methods and techniques for providing mentoring support to less experienced individuals. |
| Network Infrastructure Architecture | The frameworks and principles on which networks, systems, equipment and resources are based. |
| Software Configuration | Installation, configuration and tuning of applications or systems software. |
| Wide Area Networks | Features and characteristics of networks configured over a wide area i.e. beyond the geographical boundaries of a single site. |
Professional Development Activity (PDA)
| Title | Details | PDA Group |
|---|---|---|
| Deputising | Standing in for supervisor or manager on a temporary basis during periods of absence. | Broadening Activities |
| Gaining Knowledge of Activities of Employing Organisation | Developing an understanding of the potentially diverse range of activities (service, governance, administrative, regulatory, commercial, charitable, industrial, etc.) undertaken by the employing organisation. | Increasing Knowledge |
| Gaining Knowledge of IT Concepts and Techniques | Undertaking study, learning and, where possible, practice in IT concepts and techniques external to own function. | Increasing Knowledge |
| Job Shadowing and Special Assignments | Undertaking temporary periods or secondments in other roles, particularly those that offer a new perspective on own function or exposure to other environments and cultures. | Broadening Activities |
| Negotiating and Influencing | Undertaking learning and practice of negotiating with and influencing others. | Developing Professional Skills |
| Participation in Professional Body Affairs | Taking an active part in professional body affairs at branch, specialist group, committee or board level. | Participation in Professional Activities |
| Research Assignments | Exploring a topic which is not part of own normal responsibilities and presenting findings to colleagues and/or management | Increasing Knowledge |
| Team Leadership | Undertaking learning and practice of the skills required to lead teams, including motivation, direction, coaching, delegation, appraisal, counselling and developing others. | Developing Professional Skills |
Qualification Components
| Title | Awarding Bodies |
|---|---|
| Associate Cyber Security Professional (ACSP) | The UK Cyber Security Council |
| BCS Certificate in Information Security Management Principles (CISMP) | BCS The Chartered Institute for IT |
| BCS Practitioner Certificate in Information Risk Management | BCS The Chartered Institute for IT |
| CISM Certified Information Security Manager | ISACA |
| CISSP Certified Information Systems Security Professional | (ISC)2 International Information Systems Security Certification Consortium |
| CRISC Certified in Risk and Information Systems Control | ISACA |
| FEDIP Senior Practitioner | The Federation for Informatics Professionals |
The Professional Body Responsible for this job family is BCS. This job role profile was created in collaboration with BCS, using Role Model Plus.