This occupation is found in all sectors where information is held digitally and where that information is an asset that needs to be protected including but not limited to finance, retail, telecoms, health, media, manufacturing and local authorities.
The broad purpose of the occupation is to provide first line cyber security support. This requires individuals to monitor and detect potential security threats and escalate as necessary and to support secure and uninterrupted business operations of an organisation through the implementation of cyber security mechanisms and the application of cyber security procedures and controls. To contribute to the delivery of a security culture across an organisation, understanding vulnerabilities and threats and supporting the development of an organisation’s cyber security maturity. To apply procedures and controls to maintain security and control of an organisation, and process security requests ensuring confidentiality, integrity and availability of information stored digitally.
In their daily work, an employee in this occupation interacts with a wide range of stakeholders including colleagues, managers, customers and internal and external suppliers. They would typically work as a member of a team; this may be office based or virtual. The employee will interact with, and influence colleagues and will have working level contact with customers, suppliers and partners in their capacity as an individual contributor.
An employee in this occupation will be responsible for supporting a cyber security function (frequently a Security Operations Centre or Network Operations Centre) working under supervision. The employee will be conducting specific cyber security tasks to defined procedures and standards. Specific cyber security mechanisms and controls that an individual would be required to implement would include: patching software, installing software updates, implementing access control, configuring firewalls, security incident and event management tools (SIEM) tools and protection tools (Anti-virus, Anti-malware, Anti-spam). They will be responsible for their own activities with other resources made available to them as required. As directed, the employee will engage with specific cyber security events. The employee will be expected to work with internal and external stakeholders under general direction. They will use discretion in identifying and responding to complex issues and assignments and will usually receive specific instructions and will have work reviewed at frequent milestones. They will be expected to determine when issues should be escalated to a higher level.