Summary
As a Cyber Security Specialist you will delivering an outcome-focused, professional and high-quality service.
Using your specialist knowledge, you will provide advice and support on cyber matters whilst being an escalation point to other members of the team.
You will lead on aspects of cyber work and assist with challenging cyber alerts and proactive tasks.
You will act as a mentor and may be required to coach more junior members of the team.
You will support and contribute to the overall strategic approach of the department.
Work Activity Components
Title | Details |
---|---|
Auditable records (SCAD) (Level 3) | For all services and systems within identified remit, maintains auditable records and user documentation. Assists in the preparation and maintenance of evidence required for internal and external audit, compliance or regulatory reporting, security accreditations, and business recovery plans — particularly in the data collection and compilation/production/distribution phases of the exercise. |
Information review (THIN) (Level 3) | Cleans and converts quantitative information into consistent formats that can be used for operational security activities. |
Reporting (THIN) (Level 3) | Transforms collected information into data that can be used for operational security activities. |
Threat intelligence gathering (THIN) (Level 3) | Performs routine threat intelligence gathering tasks. Interprets detected security threats to identify actionable insights. |
Threat modelling (THIN) (Level 3) | Conducts basic modelling of threats based on gathered intelligence. |
Security advice (SCAD) (Level 3) | Handles all enquiries relating to security administration with only infrequent reference to more senior staff for assistance |
Violation and security breach (SCAD) (Level 3) | Investigates minor security breaches in accordance with established procedures and security standards. Investigates and reconciles violation reports and logs generated by automated systems. Integrates findings from other investigators, and compiles reports and recommendations for management follow-up. Leads the continual monitoring and remediation processes following an incident. |
Assessment documentation (VUAS) (Level 3) | Documents vulnerability assessments. Evaluates and documents results, escalating and communicating issues where appropriate. |
Communication and awareness (VUAS) (Level 3) | Promotes security awareness and communicates information on known security risks and issues to business managers and others. |
Critical information and technology assets(VUAS) (Level 3) | Assigns asset information security requirements and catalogues identified critical information and technology assets for vulnerability assessment. |
Risk assessment (VUAS) (Level 3) | Assesses the likelihood of attack on critical information and technology asset vulnerabilities from a threat source. Assesses the business impact and determines a value to the potential loss should a vulnerability be breached. |
Vulnerability assessment (VUAS) (Level 3) | Conducts automated and manual vulnerability assessments under direction. Undertakes moderate-complexity vulnerability assessments using more sophisticated techniques and tools. |
Vulnerability identification and analysis (VUAS) (Level 3) | Determines the potential vulnerabilities that might breach a critical information asset. |
Behavioural Skills
Title | Details |
---|---|
Analytical Thinking | Acquiring a proper understanding of a problem or situation by breaking it down systematically into its component parts and identifying the relationships between these parts. Selecting the appropriate method/tool to resolve the problem and reflecting critically on the result, so that what is learnt is identified and assimilated. |
Attention to Detail | Applying specific quality standards to all tasks undertaken to ensure that deliverables are accurate and complete. |
Customer Focus | Understanding the needs of the internal or external customer and keeping these in mind when taking actions or making decisions. |
Holistic Thinking | The ability to place problems in the context of the wider business landscape or area of interest. Understanding how different business functions work together to achieve shared goals. |
Information Acquisition | Identifying gaps in the available information required to understand a problem or situation and devising a means of resolving them. |
Resilience | Demonstrates resilience when working under pressure, displaying a calm and rational approach to the task at hand. |
Teamwork | Working collaboratively with others to achieve a common goal. |
Verbal Expression | Communicating effectively using the spoken word. |
Written Expression | Communicating effectively in writing, such as reports and via emails. |
Technical Skills
Title | Details | Depth |
---|---|---|
Access Control Systems | Any tool or system which provides security access control (i.e. prevents unauthorised access to systems). | Familiar with |
Analytical Tools | Analytical, statistical and machine learning tools appropriate to the organisational environment. Able to apply these tools and techniques to meet the requirements of stakeholders. | Familiar with |
Application Systems | Technical or functional understanding of Commercial Off-the-Shelf (COTS) applications and/or other bespoke software deployed within the organisation in order to provide system configuration, audit, technical, and/or functional support. | Familiar with |
Big Data | The discipline associated with data sets so large and/or complex that traditional data processing applications are inadequate. The data files may include structured, unstructured and/or semi-structured data, such as unstructured text, audio, video, etc. Challenges include analysis, capture, curation, search, sharing, storage, transfer, manipulation, analysis, visualization and information privacy. | Aware of |
Business Environment | The business environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners and competitors), in particular those aspects of the business that the specialism is to support (i.e. localised organisational awareness from a technical perspective). | Familiar with |
BYOD | The policy of permitting employees to bring personally owned mobile devices (laptops, tablets, smart phones etc) to their workplace, and the implications of using those devices to access privileged company information and applications consistent with safeguarding corporate systems and data taking account of security and confidentiality requirements. Also called bring your own technology (BYOT), bring your own phone (BYOP), and bring your own PC (BYOPC). | Aware of |
Cloud/Virtualisation | The principles and application of cloud/ virtualisation (including ownership, responsibilities and security implications). Use of tools and systems to manage virtualised environments. | Aware of |
Configuration Management | The discipline that gives precise control over IT assets and components by recording and maintaining information about the 'configuration items', including hardware devices, computer programs, software licences, documentation, network devices, and data centre facilities (virtualised and static). | Familiar with |
Corporate, Industry and Professional Standards | Applying relevant standards, practices, codes, and assessment and certification programmes to the specific organisation or business domain. | Familiar with |
Cyber Security Concepts | The understanding of cyber security concepts and ability to effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders so that they are understood and applied. | Familiar with |
Infrastructure Configuration | Knowledge and understanding of infrastructure configurations. | Familiar with |
Infrastructure/System Security | The security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components, and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents affecting system hardware, software and other infrastructure components. | Proficient in |
IT Environment | The IT environment relating to own sphere of work (own organisation and/or closely associated organisations, such as customers, suppliers, partners), in particular own organisation's technical platforms and those that interface to them through the specialism, including those in closely-related organisations. | Familiar with |
Middleware | Software which forms part of the operating platform infrastructure. | Familiar with |
National/International Standards | Current and emerging standards associated with IT practice nationally and internationally, published by authorities such as IEEE, IEC, BSI, ISO. | Familiar with |
Network Data Security | Network security and threat mitigation, including physical, electronic, firewalling, encryption, access, and authorisation; protecting data at rest and in transit; defending against viruses and malware; the impact of Big Data; and the integration of robust security controls into enterprise services and policies. | Familiar with |
Network Traffic Analysis | Methods and techniques for the capture of traffic information (packet level) and the forensic analysis of this information into its constituent elements. | Aware of |
Networking and Communications | The planning and management of the interaction between two or more networking systems, computers or other intelligent devices. | Familiar with |
Operating Systems | System software that controls activities such as input, output, dynamic resource allocation, and error reporting, within the operation of a computer configuration. | Familiar with |
Operational/Service Architecture | Knowledge of the IT/IS infrastructure and the IT applications and service processes used within own organisation, including those associated with sustainability and efficiency. | Familiar with |
Own Organisation's IT Products and Services | The IT products and/or services supplied to internal and external customers by own organisation. | Familiar with |
Security Software, Tools and Techniques | Specialist tools and techniques used in the pursuit of vulnerability management, penetration testing , digital forensics and other security management disciplines for bug-hunting, abstract interpretation and program analysis, binary analysis and reverse-engineering, exploit development, source code analysis, and static and dynamic application security testing (SAST/DAST) etc. | Familiar with |
Third Party IT Products and Services | The IT products and/or services supplied to own organisation by external suppliers. | Familiar with |
Other Skills
Title | Details | Depth |
---|---|---|
Coaching Techniques | Methods and techniques for coaching individuals or groups by a balanced combination of support and direction, which could include use of virtual learning environments plus add-ons to augment feedback specific to work items, workflow or career plans. | Aware of |
Document Management Techniques | Methods and techniques for the organisation, storage and version control of information in both paper and electronic formats. | Familiar with |
Legislation | Relevant national and international legislation. | Familiar with |
Literature Search | Methods, techniques and tools for searching and obtaining relevant knowledge from published literature. | Familiar with |
Network Data Gathering Techniques | The selection, implementation and application of network data gathering methods, tools and techniques that are appropriate to the information required and the sources available. | Familiar with |
Presentation Techniques | Methods and techniques for delivering effective and accessible presentations, either face-to-face or online within various contexts and to a variety of audiences. | Aware of |
Report Writing Techniques | Methods and techniques for writing clear, accessible and persuasive reports. | Aware of |
Research Techniques | Methods, techniques and tools for the systematic discovery, analysis, and reporting of knowledge about all aspects of information systems. | Familiar with |
Risk Management | Methods and techniques for the assessment and management of business risk. | Familiar with |
Threat Landscape | Knowledge and understanding of the threat landscape, regulatory and legislative requirements and awareness of industry good practice relating to information governance, privacy and security. | Familiar with |
Training
Title | Details |
---|---|
Coaching | Concepts, methods and techniques for providing coaching in subject specialisms to individuals or groups (e.g. GROW model). |
Data Protection and GDPR | Data protection legislation, regulatory framework and compliance, including GDPR (General Data Protection Act). |
Local Area Networks | Features and characteristics of local area networks relevant to installation and support of hardware and software components. |
Mentoring | Methods and techniques for providing mentoring support to less experienced individuals. |
Protocol Analysis | Communication protocol analysis techniques and interpretation of results. |
Security Software | Understanding the security threats and vulnerabilities that impact and/or emanate from system hardware, software and other infrastructure components and relevant strategies, controls and activities to prevent, mitigate, detect and resolve security incidents. For example access control software like Active Directory (AD). |
Service Delivery | The service delivery processes: the systems, products, services, hardware and software environment. |
Software Configuration | Installation, configuration and tuning of applications or systems software. |
Wide Area Networks | Features and characteristics of networks configured over a wide area i.e. beyond the geographical boundaries of a single site. |
Professional Development Activity (PDA)
Title | Details | PDA Group |
---|---|---|
Deputising | Standing in for supervisor or manager on a temporary basis during periods of absence. | Broadening Activities |
Gaining Knowledge of Employing Organisation | Gaining basic knowledge of the employing organisation, its business, structure, culture, policies, products/services, operations and terminology. | Increasing Knowledge |
Gaining Knowledge of the Technical Environment | Gaining knowledge of IT activities in the employing organisation. | Increasing Knowledge |
Involvement in Professional Body Activities | Attending meetings, seminars and workshops organised by professional body and reading published material, such as journals and web content. | Participation in Professional Activities |
Job Shadowing and Special Assignments | Undertaking temporary periods or secondments in other roles, particularly those that offer a new perspective on own function or exposure to other environments and cultures. | Broadening Activities |
Research Assignments | Exploring a topic which is not part of own normal responsibilities and presenting findings to colleagues and/or management | Increasing Knowledge |
Team Leadership | Undertaking learning and practice of the skills required to lead teams, including motivation, direction, coaching, delegation, appraisal, counselling and developing others. | Developing Professional Skills |
Qualification Components
Title | Awarding Bodies |
---|---|
Associate Cyber Security Professional (ACSP) | The UK Cyber Security Council |
BCS Certificate in Information Security Management Principles (CISMP) | BCS The Chartered Institute for IT |
FEDIP Senior Practitioner | The Federation for Informatics Professionals |
SSCP Systems Security Certified Practitioner | (ISC)2 International Information Systems Security Certification Consortium |
Vulnerability Assessment and Penetration Testing (VAPT) | EC-Council |
The Professional Body Responsible for this job family is BCS. This job role profile was created in collaboration with BCS, using Role Model Plus.