Skip to main content

Pathway

Cyber Security Analyst

The content of this Pathway has been agreed by ODAG Consultants Ltd. This is the only Cyber Security Analyst Apprenticeship Pathway for the Digital Technology sector approved for use in Wales that is eligible for Medr funding.

Learning Programme Content

The Learning Programme provision shall comprise of three mandatory elements:

  • Qualifications,
  • Essential Skills
  • On/off the job training

The total minimum credit value required for the Level 3 Cyber Security Analyst is 77 credits.

The total minimum credit value required for the Level 4 Cyber Security Analyst is 95 credits.

Entry requirements

There are no specific entry requirements for this framework.

It is, however, recommended that to enter onto the Level 2 Apprenticeship the candidate has English and Maths GCSE’s grade G or above (or equivalent qualifications).

For the Level 3 Apprenticeship it is recommended that the candidate has English and Maths GCSE’s grade C or above (or equivalent qualifications).

For the Level 4 Apprenticeship it is recommended that the candidate has English and Maths at minimum GCSE’s grade C or above (or equivalent qualifications) together with relevant Level 3 qualifications. These would typically include two or more A levels, related diplomas (or NVQs) or an equivalent qualification. However, these recommendations are not essential.

Applicants may have prior experience or qualifications in digital technologies but this is not mandatory as training providers and employers will deliver programmes of training based on approved up to date qualifications tailored to meet individual needs, recognising prior qualifications and experience.

Apprenticeship pathway learning programme(s)

Level 3: Cyber Security Analyst

Level 3: Cyber Security Analyst Qualifications

Participants must achieve either the combined qualification or an appropriate selection of competence and knowledge qualifications listed below.

Agored Cymru Level 3 Diploma in Cyber Security Analyst
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Agored Cymru C00/4809/2 77 770 hours Combined English-Welsh
Pearson BTEC Level 3 Diploma in Professional Competence for IT and Cyber Security Analyst (Wales)
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/4762/1 72 706 hours Competence English-Welsh
Pearson BTEC Level 3 Certificate in ICT Systems and Principles
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/0259/2 501/1436/0 24 240 hours Knowledge English
Pearson Level 3 BTEC Diploma in ICT Systems and Principles
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/0259/3 501/1435/9 37 370 hours Knowledge English
Pearson Level 3 BTEC National Certificate in Information Technology
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/0775/7 601/7574/6 24 235 hours Knowledge English
Pearson Level 3 BTEC National Extended Certificate in Information Technology
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/0775/8 601/7575/8 48 475 hours Knowledge English
Pearson Level 3 BTEC National Diploma in Information Technology
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/1206/3 603/0455/8 94 935 hours Knowledge English
Pearson Level 3 BTEC National Extended Diploma in Information Technology
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/1206/2 603/0454/6 146 1455 hours Knowledge English
Pearson Level 3 BTEC National Certificate in Computing
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/1205/2 603/0446/7 24 235 hours Knowledge English
Pearson Level 3 BTEC National Extended Certificate in Computing
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/1142/2 601/7341/5 47 465 hours Knowledge English

Essential Skills Wales (ESW)

Level 3: Cyber Security Analyst Level Minimum Credit Value
Communication 2 6
Application of number 2 6

Essential Skills Wales qualifications assessment languages are English-Welsh

On/Off the Job training

Pathway Minimum On the Job Training Hours Minimum Off the Job Training Hours
Level 3: Cyber Security Analyst 275 278
On/Off the Job Qualification details (Minimum Credit & Hours)

Combined qualification – 77 credits, 319 GLH

Competence qualification - 72 credits, knowledge qualification 24 credits total minimum 941 training hours

On/Off the Job Essential Skills details (Minimum Credit & Hours)
  • 6 credits / 60 GLH Level 2 Essential Skills Wales Communication
  • 6 credits / 60 GLH Level 2 Essential Skills Wales Application of Number

Level 4: Cyber Security Analyst

Level 4: Cyber Security Analyst Qualifications

Participants must achieve either the combined qualification or an appropriate selection of competence and knowledge qualifications listed below.

Agored Cymru Level 4 Diploma in Cyber Security Analyst
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Agored Cymru C00/4809/3 95 950 hours Combined English-Welsh
Pearson BTEC Level 4 Diploma in Professional Competence for IT and Cyber Security Analyst (Wales)
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/4762/2 80 790 hours Competence English-Welsh
Level 4 Higher National Certificate in Computing
Awarding Body Qualification No. Credit Value Total Qualification Time Combined / Competence / Knowledge Qualification Assessment Lanaguage(s)
Pearson C00/4654/4 603/7595/4 120 1200 hours Knowledge English

Essential Skills Wales (ESW)

Level 4: Cyber Security Analyst Level Minimum Credit Value
Communication 3 6
Application of number 3 6

Essential Skills Wales qualifications assessment languages are English-Welsh

On/Off the Job training

Pathway Minimum On the Job Training Hours Minimum Off the Job Training Hours
Level 4: Cyber Security Analyst 355 556
On/Off the Job Qualification details (Minimum Credit & Hours)

Combined qualification – 95 credits, 398 GLH

Competence qualification - 80 credits, knowledge qualification 120 credits total minimum 1990 training hours

On/Off the Job Essential Skills details (Minimum Credit & Hours)
  • 6 credits / 60 GLH Level 3 Essential Skills Wales Communication
  • 6 credits / 60 GLH Level 3 Essential Skills Wales Application of Number

Job roles

As organisations in Wales undertake digital transformation, they have an increased susceptibility to vulnerabilities and threats to the digital information they use and store. There is an increasing need to identify the threats and vulnerabilities and implement and maintain security controls to mitigate them. These Cyber Security Analyst apprenticeship programmes provide a route to develop and embed cyber security skills through on-the-job vocational learning for all sectors across Wales.

These apprenticeships support Priority area 2 of the 2023 Cyber action plan for Wales to ‘Build a pipeline of cyber talent’. 

According to Careers Wales Approximately 4300 people are employed as Cyber Security Analysts in Wales (2022). The expected future demand for Digital Infrastructure Engineer and related jobs is medium compared to other jobs in Wales.

Level 3: Cyber Security Analyst

The Level 3 Cyber Security Analyst Apprenticeship has been designed with employers in Wales to equip employees with the primary cyber security skills that they need to be able to perform their role. This Apprenticeship programme is designed to provide a robust vocational route to fulfilling junior cyber security skills needs in the workplace.

Junior Cyber Security Analyst

Helping to ensure that organisational information and systems are protected from unauthorised access and compromise. Contributing to maintaining the processes which support security operations. This includes assisting with responding to cyber security alerts that arise from SIEM (Security information and event management) tools and other security systems. This also includes supporting incident response and escalating security incidents to security engineers where appropriate.

Level 4: Cyber Security Analyst

The Level 4 Cyber Security Analyst Apprenticeship has been designed with employers in Wales to equip employees with the primary cyber security skills that they need to be able to perform their role. This Apprenticeship programme is designed to provide a robust vocational route to fulfilling cyber security skills needs in the workplace.

Cyber Security Analyst

Monitoring and responding to cyber security threats/incidents, implementing and maintaining security tools, monitoring the threat landscape and supporting vulnerability assessments to identify appropriate controls. Configuration and management of network security products and access controls.

Progression

Progression routes into the Level 3 Apprenticeship:

Progression into the Level 3 Cyber Security Analyst Apprenticeship could be directly from school or college through achieving GCSEs /  AS levels (equivalent), or Welsh Baccalaureate Qualifications.

Other entrants may have relevant experience  and are seeking to become qualified by undertaking an apprenticeship programme.

Progression from the Level 3 Apprenticeship:

On completion of the Level 3 Cyber Security Analyst Apprenticeship, successful apprentices may progress on to the Level 4 Cyber Security Analyst Apprenticeship – or continue to work and undertake a range of professional job-specific qualifications and training.

Some apprentices may elect to continue their technical studies and embark upon job-specific professional/vendor qualifications.

Progression routes into the Level 4 Apprenticeship:

Progression into the Level 4 Cyber Security Analyst Apprenticeship could be directly from the Level 3 Cyber Security Analyst Apprenticeship or other related vocational qualifications or apprenticeships Alternatively direct entry from school could be from achieving GCSE A levels (equivalent), or Welsh Baccalaureate Qualifications.

Other entrants may have relevant experience  and are seeking to become qualified by undertaking an apprenticeship programme.

Progression from the Level 4 Apprenticeship:

On completion of the Level 4 Cyber Security Analyst Apprenticeship, successful apprentices may progress onto relevant digital technology degree apprenticeships – or continue to work and undertake a range of professional job-specific qualifications and training.

Some apprentices may elect to continue their technical studies and embark upon job-specific professional/vendor qualifications.

Equality and diversity

It is important that apprenticeship Pathways are inclusive and can demonstrate an active approach to identifying and removing barriers to entry and progression. Pathways should advance equality of opportunity between persons who share protected characteristics and those persons who do not as identified in the Equality Act 2010.

The protected characteristics identified in the Equality Act are age, disability, gender re-assignment, race, religion or belief, sex, sexual orientation, pregnancy and maternity. Marriage and civil partnership is also included although only in respect of the requirement to eliminate discrimination in employment.

Training providers and employers MUST also comply with the other duty under the Equality Act 2010 to ensure that applicants are not discriminated against in terms of entry to the industry based upon those nine protected characteristics.

Employment responsibilities and rights

Employment Responsibilities and Rights (ERR) is no longer compulsory.  But it is recommended that all apprentices (especially the 16 years -18-year group) receive a company induction programme.

Responsibilities

It is the responsibility of the Training Provider and Employer to ensure that the requirements of this pathway are delivered in accordance with the Welsh Government/Medr Apprenticeships Guidance.

Further information may be obtained from: Medr

Annex 1 - Level 3: Cyber Security Analyst Qualification Units

This apprenticeship requires either the combined qualification or combination of competence and knowledge qualifications as set out below.

Combined Qualification

Agored Cymru Level 3 Diploma in Cyber Security Analyst

This combined qualification requires a minimum total of 77 credits. It comprises 50 credits from mandatory units A together with a minimum of 15 credits from optional units B and 12 credits from optional units C.

Mandatory and optional units

Unit Title

Level

Credits

Mandatory units A: Minimum credits required: 50

 

 

IT & Telecom System Security 2

Three

8

Health and Safety in IT

Two

3

Principles of Information Governance and Assurance

Three

15

Carrying out Information Security Risk Assessment

Three

9

Carrying out Information Security Incident Management Activities

Three

9

Professional Practice in an IT Context

Three

6

 

Optional units B: Minimum credits required: 15

 

 

Testing the Security of Information Systems

Four

15

Testing the Security of Information Systems

Three

12

Carrying out Information Security Risk Assessment

Three

9

Carrying out Information Security Risk Assessment

Four

12

Investigating Information Security Incidents

Three

9

Investigating Information Security Incidents

Four

12

Carrying out Information Security Incident Management Activities

Three

9

Carrying out Information Security Incident Management Activities

Four

12

Carrying out Information Security Forensic Examinations

Three

6

Carrying out Information Security Forensic Examinations

Four

9

Carrying out Information Security Audits

Three

6

Carrying out Information Security Audits

Four

12

Threat Analysis

Three

12

Digital Vulnerability Assessment

Three

7

Optional units C: Minimum credits required: 12

 

 

Testing IT & Telecoms Systems

Four

15

IT System Operation 2

Four

14

IT System Operation

Three

12

User Profile Administration

Three

3

Remote Support for IT Products and Services

Three

9

IT System Management

Three

12

Investigating and Defining Customer Requirements for IT Systems

Three

12

Testing IT Systems

Three

12

IT Technical Advice and Guidance

Three

7

IT System Management

Four

15

IT System Security

Four

12

IT Technical Advice and Guidance

Four

12

Remote Support for IT Products and Services

Four

12

Managing Software Development

Three

15

Managing Software Development

Four

20

Investigating and Defining Customer Requirements for ICT Systems

Four

15

Computer Coding

Three

20

 

Competence and knowledge qualifications

Competence qualification

Pearson BTEC Level 3 Diploma in Professional Competence for IT and Cyber Security Analysts (Wales)

Knowledge qualification options

Pearson BTEC Level 3 Certificate in ICT Systems and Principles

Pearson Level 3 BTEC Diploma in ICT Systems and Principles

Pearson Level 3 BTEC Certificate in IT

Pearson Level 3 BTEC Diploma in IT

Pearson Level 3 BTEC Extended Diploma in IT

Pearson Level 3 Subsidiary Diploma in IT

Pearson Level 3 BTEC National Certificate in Information Technology

Pearson Level 3 BTEC National Extended Certificate in Information Technology

Pearson Level 3 BTEC National Diploma in Information Technology

Pearson Level 3 BTEC National Extended Diploma in Information Technology

Pearson Level 3 BTEC National Certificate in Computing

Pearson Level 3 BTEC National Extended Certificate in Computing

Pearson Level 3 BTEC National Diploma in Computing

Competence Qualification

The Pearson BTEC Level 3 Diploma in Professional Competence for IT and Cyber Security Analysts (Wales) requires a minimum total of 72 credits. There are 24 credits from mandatory units together with a minimum of 48 credits from optional units.

Mandatory and optional units

Unit Title

Level

Credits

Mandatory units: Minimum credits required: 24

 

 

Health and Safety in ICT

1

3

Develop Own Effectiveness and Professionalism

3

9

Security of ICT Systems

3

12

 

Optional units: Minimum credits required: 48

No more than one unit to be completed from each section.

CC - Customer Care

Customer Care in ICT

1

6

Customer Care in ICT

2

9

Customer Care in ICT

3

12

Customer Care for IT and Cyber Security Analysts

4

12

IW - Interpersonal and Written Communication Skills

Interpersonal and Written Communication

1

3

Interpersonal and Written Communication

2

9

Interpersonal and Written Communication

3

12

FD - Technical Fault Diagnosis

Technical Fault Diagnosis

2

9

Technical Fault Diagnosis

3

12

Technical Fault Diagnosis

4

15

HW - Working with ICT Hardware and Equipment

Working with ICT Hardware and Equipment

1

6

Working with ICT Hardware and Equipment

2

9

Working with ICT Hardware and Equipment

3

12

Working with ICT Hardware and Equipment

4

15

CA - Customer Apparatus and Lie Installation

Customer Apparatus and Line Installation

3

22

RS - Remote Support for Products an Services

Remote Support for Products or Services

1

6

Remote Support for Products or Services

2

9

Remote Support for Products or Services

3

12

Remote Support for Products or Services

4

15

SC - Security of ICT System

Security of ICT Systems

1

3

Security of ICT Systems

4

15

SI - Software Installation and Upgrade

Software Installation and Upgrade

1

6

Software Installation and Upgrade

2

9

Software Installation and Upgrade

3

12

SM - System Management

System Management

2

6

System Management

3

12

IT and Telecoms System Management

4

15

SO - System Operation

System Operation

1

6

ICT System Operation

2

9

System Operation

3

12

IT and Telecoms System Operation

4

15

TA - Technical Advice and Guidance

Technical Advice and Guidance

2

9

Technical Advice and Guidance

3

12

Technical Advice and Guidance

4

15

TE - Testing ICT System

Testing ICT Systems

1

6

Testing ICT Systems

2

9

Testing ICT Systems

3

12

Testing IT and Telecoms Systems

4

15

UP - User Profile Administration

User Profile Administration

2

6

User Profile Administration

3

9

CF – Copper and Fibre

Copper Cable Jointing and Closure Techniques

3

23

Introduction to Fibre Telecommunications

2

2

CI - Communicating in the IT industry

Communicating in the IT Industry

2

5

PI - Presenting Information Using ICT

Presenting Information Using ICT

2

10

Restricted Optional units - Learners may complete a maximum of 12 credits. No more than one unit to be completed from each section.

EM - Using Email

Using Email

1

2

Using Email

2

3

Using Email

3

3

NT - Using the Internet

Using the Internet

1

3

Using the Internet

2

4

Using the Internet

3

5

PS - Presentation Software

Presentation Software

1

3

Presentation Software

2

4

Presentation Software

3

6

WP - Word Processing Software

Word Processing Software

1

3

Word Processing Software

2

4

Word Processing Software

3

6

Annex 2 - Level 4: Cyber Security Analyst Qualification Units

This apprenticeship requires either the combined qualification or combination of competence and knowledge qualifications as set out below.

Combined Qualification

Agored Cymru Level 4 Diploma in Cyber Security Analyst

This combined qualification requires a minimum total of 95 credits. It comprises 68 credits from mandatory units A together with a minimum of 15 credits from optional units B and 12 credits from optional units C.

Mandatory and optional units

Unit Title

Level

Credits

Mandatory units A: Minimum credits required: 68

 

 

Professional Practice in an IT Context

Four

11

Health and Safety in IT

Two

3

Carrying out Information Security Risk Assessment

Four

12

Carrying out Information Security Incident Management Activities

Four

12

IT System Security

Four

12

Principles of Information Governance and Assurance

Four

18

 

Optional units B: Minimum credits required: 15

 

 

Testing the Security of Information Systems

Four

15

Principles of Secure System Development

Four

7

Principles of Information Security Testing

Four

10

Testing the Security of Information Systems

Three

12

Carrying out Information Security Risk Assessment

Three

9

Carrying out Information Security Risk Assessment

Four

12

Investigating Information Security Incidents

Three

9

Investigating Information Security Incidents

Four

12

Carrying out Information Security Incident Management Activities

Three

9

Carrying out Information Security Incident Management Activities

Four

12

Carrying out Information Security Forensic Examinations

Three

6

Carrying out Information Security Forensic Examinations

Four

9

Carrying out Information Security Audits

Three

6

Carrying out Information Security Audits

Four

12

Principles of Secure System Development

Three

6

Threat Analysis

Three

12

Digital Vulnerability Assessment

Three

7

Digital Vulnerability Assessment

Four

7

 

Optional units C: Minimum credits required: 12

 

 

Testing IT & Telecoms Systems

Four

15

Advanced Data Representation and Manipulation for IT

Three

7

IT & Telecom System Security 2

Three

8

IT System Operation 2

Four

14

Networking Principles

Three

10

IT System Operation

Three

12

User Profile Administration

Three

3

Data Modelling

Three

6

Remote Support for IT Products and Services

Three

9

IT System Management

Three

12

Investigating and Defining Customer Requirements for IT Systems

Three

12

Testing IT Systems

Three

12

IT Technical Advice and Guidance

Three

7

IT System Management

Four

15

IT Technical Advice and Guidance

Four

12

Remote Support for IT Products and Services

Four

12

Managing Software Development

Three

15

Managing Software Development

Four

20

Systems Architecture

Three

8

Systems Architecture

Four

8

Web Development

Three

12

Web Development

Four

15

Investigating and Defining Customer Requirements for ICT Systems

Four

15

Computer Coding

Three

20

Software Development

Four

10

 

Competence and knowledge qualifications

Competence qualification                                                                    

Pearson BTEC Level 4 Diploma in Professional Competence for IT and Cyber Security Analysts (Wales)

Knowledge qualification

Pearson Level 4 Higher National Certificate in Computing

Competency Qualification

The Pearson BTEC Level 4 Diploma in Professional Competence for IT and Cyber Security Analysts (Wales) requires a minimum total of 80 credits. There are 30 credits from mandatory units together with a minimum of 50 credits from optional units.

 

Unit Title

Level

Credits

Mandatory units: Minimum credits required: 30

 

 

Health and Safety in ICT

1

3

Develop Own Effectiveness and Professionalism

4

12

Security of ICT Systems

4

15

 

Optional units: Minimum credits required: 50

No more than one unit to be completed from each section.

CC - Customer Care

Customer Care in ICT

1

6

Customer Care in ICT

2

9

Customer Care in ICT

3

12

Customer Care for IT and Cyber Security Analysts

4

12

IW - Interpersonal and Written Communication Skills

Interpersonal and Written Communication

1

3

Interpersonal and Written Communication

2

9

Interpersonal and Written Communication

3

12

FD - Technical Fault Diagnosis

Technical Fault Diagnosis

2

9

Technical Fault Diagnosis

3

12

Technical Fault Diagnosis

4

15

HW - Working with ICT Hardware and Equipment

Working with ICT Hardware and Equipment

1

6

Working with ICT Hardware and Equipment

2

9

Working with ICT Hardware and Equipment

3

12

Working with ICT Hardware and Equipment

4

15

CA - Customer Apparatus and Lie Installation

Customer Apparatus and Line Installation

3

22

RS - Remote Support for Products an Services

Remote Support for Products or Services

1

6

Remote Support for Products or Services

2

9

Remote Support for Products or Services

3

12

Remote Support for Products or Services

4

15

SC - Security of ICT System

Security of ICT Systems

1

3

Security of ICT Systems

3

12

SI - Software Installation and Upgrade

Software Installation and Upgrade

1

6

Software Installation and Upgrade

2

9

Software Installation and Upgrade

3

12

SM - System Management

System Management

2

6

System Management

3

12

IT and Telecoms System Management

4

15

SO - System Operation

System Operation

1

6

ICT System Operation

2

9

System Operation

3

12

IT and Telecoms System Operation

4

15

TA - Technical Advice and Guidance

Technical Advice and Guidance

2

9

Technical Advice and Guidance

3

12

Technical Advice and Guidance

4

15

TE - Testing ICT System

Testing ICT Systems

1

6

Testing ICT Systems

2

9

Testing ICT Systems

3

12

Testing IT and Telecoms Systems

4

15

UP - User Profile Administration

User Profile Administration

2

6

User Profile Administration

3

9

CF – Copper and Fibre

Copper Cable Jointing and Closure Techniques

3

23

Introduction to Fibre Telecommunications

2

2

CI - Communicating in the IT industry

Communicating in the IT Industry

2

5

PI - Presenting Information Using ICT

Presenting Information Using ICT

2

10

Restricted Optional units - Learners may complete a maximum of 12 credits. No more than one unit to be completed from each section.

EM - Using Email

Using Email

1

2

Using Email

2

3

Using Email

3

3

NT - Using the Internet

Using the Internet

1

3

Using the Internet

2

4

Using the Internet

3

5

PS - Presentation Software

Presentation Software

1

3

Presentation Software

2

4

Presentation Software

3

6

WP - Word Processing Software

Word Processing Software

1

3

Word Processing Software

2

4

Word Processing Software

3

6


Document revisions

20 February 2024