Cyber Security Specialist (Operations)

Summary

As a Cyber Security Specialist you will delivering an outcome-focused, professional and high-quality service.

Using your specialist knowledge, you will provide advice and support on cyber matters whilst being an escalation point to other members of the team.

You will lead on aspects of cyber work and assist with challenging cyber alerts and proactive tasks.

You will act as a mentor and may be required to coach more junior members of the team.

You will support and contribute to the overall strategic approach of the department.

Work Activity Components

Title Details
Auditable records (SCAD) (Level 3) For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of evidence required for internal and external audit, compliance or regulatory reporting, security accreditations, and business recovery plans — particularly in the data collection and compilation/production/distribution phases of the exercise.
Information review (THIN) (Level 3) Cleans and converts quantitative information into consistent formats that can be used for operational security activities.
Reporting (THIN) (Level 3) Transforms collected information into data that can be used for operational security activities.
Threat intelligence gathering (THIN) (Level 3) Performs routine threat intelligence gathering tasks. Interprets detected security threats to identify actionable insights.
Threat modelling (THIN) (Level 3) Conducts basic modelling of threats based on gathered intelligence.
Security advice (SCAD) (Level 3) Handles all enquiries relating to security administration with only infrequent reference to more senior staff for assistance
Violation and security breach (SCAD) (Level 3) Investigates minor security breaches in accordance with established procedures and security standards. Investigates and reconciles violation reports and logs generated by automated systems. Integrates findings from other investigators, and compiles reports and recommendations for management follow-up. Leads the continual monitoring and remediation processes following an incident.
Assessment documentation (VUAS) (Level 3) Documents vulnerability assessments. Evaluates and documents results, escalating and communicating issues where appropriate.
Communication and awareness (VUAS) (Level 3) Promotes security awareness and communicates information on known security risks and issues to business managers and others.
Critical information and technology assets(VUAS) (Level 3) Assigns asset information security requirements and catalogues identified critical information and technology assets for vulnerability assessment.
Risk assessment (VUAS) (Level 3) Assesses the likelihood of attack on critical information and technology asset vulnerabilities from a threat source. Assesses the business impact and determines a value to the potential loss should a vulnerability be breached.
Vulnerability assessment (VUAS) (Level 3) Conducts automated and manual vulnerability assessments under direction. Undertakes moderate-complexity vulnerability assessments using more sophisticated techniques and tools.
Vulnerability identification and analysis (VUAS) (Level 3) Determines the potential vulnerabilities that might breach a critical information asset.

Behavioural Skills

Title Details
Analytical Thinking Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated.
Attention to Detail Applying specific quality standards to all tasks undertaken to ensure that deliverables are accurate and complete.
Customer Focus Understanding the needs of the internal or external customer and keeping these in mind when taking actions or making decisions.
Holistic Thinking The ability to place problems in the context of the wider business landscape or area of interest. Understanding how different business functions work together to achieve shared goals.
Information Acquisition Identifying gaps in the available information required to understand a problem or situation and devising a means of resolving them.
Resilience Demonstrates resilience when working under pressure, displaying a calm and rational approach to the task at hand.
Teamwork Working collaboratively with others to achieve a common goal.
Verbal Expression Communicating effectively using the spoken word.
Written Expression Communicating effectively in writing, such as reports and via emails.

Technical Skills

Title Details Depth
Access Control Systems Any tool or system which provides security access control (i.e. prevents unauthorised access to systems). Familiar with
Analytical Tools Analytical, statistical and machine learning tools appropriate to the organisational environment. Able to apply these tools and techniques to meet the requirements of stakeholders. Familiar with
Application Systems Technical or functional understanding of Commercial Off-the-Shelf (COTS) applications and/or other bespoke software deployed within the organisation in order to provide system configuration, audit, technical, and/or functional support. Familiar with
Big Data The discipline associated with data sets so large and/or complex that traditional data processing applications are inadequate. The data files may include structured, unstructured and/or semi-structured data, such as unstructured text, audio, video, etc. Challenges include analysis, capture, curation, search, sharing, storage, transfer, manipulation, analysis, visualization and information privacy. Aware of
Business Environment The business environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners and competitors), in particular those aspects of the business that the specialism is to support (i.e. localised organisational awareness from a technical perspective). Familiar with
BYOD The policy of permitting employees to bring personally owned mobile devices (laptops, tablets, smart phones etc) to their workplace, and the implications of using those devices to access privileged company information and applications consistent with safeguarding corporate systems and data taking account of security and confidentiality requirements. Also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC). Aware of
Cloud/Virtualisation The principles and application of cloud/ virtualisation (including ownership, responsibilities and security implications). Use of tools and systems to manage virtualised environments. Aware of
Configuration Management The discipline that gives precise control over IT assets and components by recording and maintaining information about the 'configuration items', including hardware devices, computer programs, software licences, documentation, network devices, and data centre facilities (virtualised and static). Familiar with
Corporate, Industry and Professional Standards Applying relevant standards, practices, codes, and assessment and certification programmes to the specific organisation or business domain. Familiar with
Cyber Security Concepts The understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied. Familiar with
Infrastructure Configuration Knowledge and understanding of infrastructure configurations. Familiar with
Infrastructure/System Security The security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. Proficient in
IT Environment The IT environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners), in particular own organisation's technical platforms and those that interface to them through the specialism, including those in closely-related organisations. Familiar with
Middleware Software which forms part of the operating platform infrastructure. Familiar with
National/International Standards Current and emerging standards associated with IT practice nationally and internationally, published by authorities such as IEEE, IEC, BSI, ISO. Familiar with
Network Data Security Network security and threat mitigation, including physical, electronic, firewalling, encryption, access,  and authorisation; protecting data at rest and in transit; defending against viruses and malware; the impact of Big Data; and the integration of robust security controls into enterprise services and policies. Familiar with
Network Traffic Analysis Methods and techniques for the capture of traffic information (packet level) and the forensic analysis of this information into its constituent elements. Aware of
Networking and Communications The planning and management of the interaction between two or more networking systems, computers or other intelligent devices. Familiar with
Operating Systems System software that controls activities such as input, output, dynamic resource allocation, and error reporting, within the operation of a computer configuration. Familiar with
Operational/Service Architecture Knowledge of the IT/IS infrastructure and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. Familiar with
Own Organisation's IT Products and Services The IT products and/or services supplied to internal and external customers by own organisation. Familiar with
Security Software, Tools and Techniques Specialist tools and techniques used in the pursuit of vulnerability management, penetration testing , digital forensics and other security management disciplines for bug-hunting, abstract interpretation and program analysis, binary analysis and reverse-engineering, exploit development, source code analysis, and static and dynamic application security testing (SAST/DAST) etc. Familiar with
Third Party IT Products and Services The IT products and/or services supplied to own organisation by external suppliers. Familiar with

Other Skills

Title Details Depth
Coaching Techniques Methods and techniques for coaching individuals or groups by a balanced combination of support and direction, which could include use of virtual learning environments plus add-ons to augment feedback specific to work items, workflow or career plans. Aware of
Document Management Techniques Methods and techniques for the organisation, storage and version control of information in both paper and electronic formats. Familiar with
Legislation Relevant national and international legislation. Familiar with
Literature Search Methods, techniques and tools for searching and obtaining relevant knowledge from published literature. Familiar with
Network Data Gathering Techniques The selection, implementation and application of network data gathering methods, tools and techniques that are appropriate to the information required and the sources available. Familiar with
Presentation Techniques Methods and techniques for delivering effective and accessible presentations, either face-to-face or online within various contexts and to a variety of audiences. Aware of
Report Writing Techniques Methods and techniques for writing clear, accessible and persuasive reports. Aware of
Research Techniques Methods, techniques and tools for the systematic discovery, analysis, and reporting of knowledge about all aspects of information systems. Familiar with
Risk Management Methods and techniques for the assessment and management of business risk. Familiar with
Threat Landscape Knowledge and understanding of the threat landscape, regulatory and legislative requirements and awareness of industry good practice relating to information governance, privacy and security. Familiar with

Training

Title Details
Coaching Concepts, methods and techniques for providing coaching in subject specialisms to individuals or groups (e.g. GROW model).
Data Protection and GDPR Data protection legislation, regulatory framework and compliance, including GDPR (General Data Protection Act).
Local Area Networks Features and characteristics of local area networks relevant to installation and support of hardware and software components.
Mentoring Methods and techniques for providing mentoring support to less experienced individuals.
Protocol Analysis Communication protocol analysis techniques and interpretation of results.
Security Software Understanding the security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents. For example access control software like Active Directory (AD).
Service Delivery The service delivery processes: the systems, products, services, hardware and software environment.
Software Configuration Installation, configuration and tuning of applications or systems software.
Wide Area Networks Features and characteristics of networks configured over a wide area i.e. beyond the geographical boundaries of a single site.

Professional Development Activity (PDA)

Title Details PDA Group
Deputising Standing in for supervisor or manager on a temporary basis during periods of absence. Broadening Activities
Gaining Knowledge of Employing Organisation Gaining basic knowledge of the employing organisation, its business, structure, culture, policies, products/services, operations and terminology. Increasing Knowledge
Gaining Knowledge of the Technical Environment Gaining knowledge of IT activities in the employing organisation. Increasing Knowledge
Involvement in Professional Body Activities Attending meetings, seminars and workshops organised by professional body and reading published material, such as journals and web content. Participation in Professional Activities
Job Shadowing and Special Assignments Undertaking temporary periods or secondments in other roles, particularly those that offer a new perspective on own function or exposure to other environments and cultures. Broadening Activities
Research Assignments Exploring a topic which is not part of own normal responsibilities and presenting findings to colleagues and/or management Increasing Knowledge
Team Leadership Undertaking learning and practice of the skills required to lead teams, including motivation, direction, coaching, delegation, appraisal, counselling and developing others. Developing Professional Skills

Qualification Components

Title Awarding Bodies
Associate Cyber Security Professional (ACSP) The UK Cyber Security Council
BCS Certificate in Information Security Management Principles (CISMP) BCS The Chartered Institute for IT
FEDIP Senior Practitioner The Federation for Informatics Professionals
SSCP Systems Security Certified Practitioner (ISC)2 International Information Systems Security Certification Consortium
Vulnerability Assessment and Penetration Testing (VAPT) EC-Council

The Professional Body Responsible for this job family is BCS. This job role profile was created in collaboration with BCS, using Role Model Plus.

Give Feedback

The Occupational Architecture Project is interactive and dynamic


If you would like to provide feedback on this job role, or the job families, please click the button below.

Give Feedback