Cyber Security Technician Level 3

A Cyber Security Technician Apprenticeship is an entry level programme where you work in a real job while training in cyber security. It’s designed to teach you how to protect organisations from cyber threats such as hacking, malware, and data breaches. Our next cohort starts 17th June 2026!

Find out more below & register your interest today.

Duration: 18 months + EPA Course Fee Information

Cyber Security Technician Level 3 Feature Image

Overview

A Cyber Security Technician Apprenticeship can lead to roles such as a cyber security technician, junior analyst, incident response technician, or access control administrator, all of which focus on monitoring systems, identifying threats, and helping protect an organisation’s data and infrastructure. These roles are needed across a wide range of sectors because almost every organisation relies on digital systems, including finance, healthcare such as the NHS, government and defence, retail, education, and technology companies.

Learners gain practical experience in protecting systems from cyber attacks and data breaches, while developing the ability to detect, analyse, and respond to real threats in a live working environment. They work with industry standard tools such as firewalls, intrusion detection systems, and monitoring software, and build a strong understanding of key concepts like risk, vulnerabilities, and threat management. The programme also develops incident response skills, teaching how to investigate and contain security breaches, as well as how to secure networks, devices, and user access within an organisation. Apprentices often gain exposure to Security Operations Centre environments, learning how to monitor threats in real time and apply security policies and best practices. Overall, it provides a solid foundation for progressing into more advanced roles such as cyber security analyst, penetration tester, or security engineer in a rapidly growing field.

Duration:	18 months + EPA
Standard and Level:	Cyber Security Technician Level 3 standard
Entry requirements:	The Apprenticeship is suitable for anyone looking to start a career in IT or cyber security, preferably having an interest in technology, problem solving, and data security. Learners aged 18 who do not have exemptions will still be required to achieve Level 2 Functional Skills. Learners over 19 will have the option to either opt in or out of Functional Skills training and examinations. For those who choose to opt out, Fareport remains committed to supporting all learners in developing their literacy and numeracy skills by embedding these essential topics within the curriculum and assessments of the apprenticeship. To be eligible for an Apprenticeship you (or the apprentice) must: Be living and working in England Be 16 years old or above Have the legal right to work in the UK Have maintained UK residency for the last 3 years Be employed in a real job; they may be an existing employee or a new hire Work towards achieving an approved apprenticeship standard or framework Work at least 30 hours a week Be able to commit to the apprenticeship and its requirements Not hold a prior qualification at the same or higher level in the same subject area Not undertake or benefit from DfE funding during their apprenticeship programme, including Student Loans. Have apprenticeship training and employment that lasts at least 12 months.
Cost:	Fully funded through the Apprenticeship Levy or 95% government-funded for eligible employers, with minimal contribution required.

Knowledge

Knowledge (K) – The theoretical understanding an apprentice needs to perform their role effectively. This includes industry-specific principles, regulations, and best practices.

K1: Principles of organisational information security governance and the components of an organisation’s cyber security technical infrastructure including hardware, operating systems, networks, software and cloud
K2: Cyber security policies and standards based on an Information Security Management System (ISMS)
K3: Types of physical, procedural and technical controls
K4: Awareness of how current legislation relates to or impacts upon the occupation including Data Protection Act, Regulation of Investigatory Powers Act, Human Rights Act, Computer Misuse Act, Freedom of Information Act, Official Secrets Act, Payment Card Industry Data Security Standard (PCI-DSS), Wireless and Telegraphy Act, professional body codes of conduct, ethical use of information assets
K5: Cyber security awareness and components of an effective security culture, different organisational structures and cultures, the importance of maintaining privacy and confidentiality of an organisation’s information and the impact of a poor security culture
K6: Principles of cyber security compliance and compliance monitoring techniques
K7: Core terminology of cyber security – confidentiality, integrity, availability (the CIA triad), assurance, authenticity, identification, authentication, authorization, accountability, reliability, non-repudiation, access control
K8: Common security administrative operational tasks e.g. patching, software updates, access control, configuring a range of firewalls, security incident and event management tools (SIEM) and protection tools (Anti-virus, Anti-malware, Anti-spam)
K9: Cryptography, certificates and use of certificate management tools
K10: Processes for detecting, reporting, assessing, responding to, dealing with and learning from information security events
K11: Principles of identity and access management – authentication, authorisation and federation – and the inter-relationship between privacy and access rights and access control, and the types of access control, access control mechanisms and application control
K12: Types of digital information assets used in a controlled environment and the need to maintain an inventory of information assets used in a controlled environment and the need for and practice of secure information asset disposal
K13: Disaster prevention and recovery methods and the need for continuity of service planning and how an organisation might implement basic disaster prevention and recovery practices using conventional and incremental secure backup and recovery techniques and tools both onsite and offsite including geographic considerations
K14: Categories of cyber security vulnerabilities and common vulnerability exposures –software misconfiguration, sensitive data exposure, injection vulnerabilities, using components with known vulnerabilities, insufficient logging and monitoring, broken access control and authentication, security misconfiguration, incorrect cross-site validation
K15: Components of a vulnerability assessment scope and techniques to evaluate the results of a vulnerability assessment and provide recommendations based upon the evidence provided by the vulnerability assessment tools. The impact that vulnerabilities might have on an organisation and common vulnerability assessment tools and their strengths and weaknesses
K16: Threat sources and threat identification and network reconnaissance techniques and the impact that threats might have on an organisation
K17: Types of information security events – brute force attack, malware activity, suspicious user behaviour, suspicious device behaviour, unauthorized system changes
K18: Computer forensic principles – the importance of ensuring that evidence is not contaminated and maintaining the continuity of evidence without compromising it
K19: Standard information security event incident, exception and management reporting requirements and how to document incident and event information as part of a chain or evidence
K20: Common information security policies – acceptable use, incident management, patching, anti-virus, BYOD, access control, social media, password, data handling and data classification, IT asset disposal
K21: Cyber security audit requirements, procedures and plans, need to obtain and document evidence in an appropriate form for an internal or external auditor to review
K22: The significance of customer issues, problems, business value, brand awareness, cultural awareness/ diversity, accessibility, internal/ external audience, level of technical knowledge and profile in a business context
K23: Evolving cyber security issues in the digital world including the application to critical national infrastructure, communications technologies, the need for information assurance and governance, control systems and internet of things (IoT) devices
K24: Different learning techniques and the breadth and sources of knowledge and sources of verified information and data
K25: Importance of maintaining privacy and confidentiality of an organisations information and the impact of a poor security culture
K26: Concepts of service desk delivery and how to respond to requests for assistance received by a service desk and be able to describe different methods of escalation, when to escalate to a higher level where necessary and the need to communicate accurately and appropriately during an escalation
K27: Risk assessment, risk management and business impact analysis principles
K28: How their occupation fits into the wider digital landscape and any current or future regulatory requirements
K29: How to use data ethically and the implications for wider society, with respect to the use of data
K30: Roles within a multidisciplinary team and the interfaces with other areas of an organisation

You can view the standard here.

Skills

Skills (S) – The practical abilities developed through training and hands-on experience. These are the technical and transferable skills required for the job.

S1: Follow information security procedures
S2: Maintain information security controls
S3: Develop information security training and awareness resources
S4: Monitor the effectiveness of information security training and awareness
S5: Handle and assess the validity of security requests from a range of internal and external stakeholders
S6: Follow technical procedures to install and maintain technical security controls
S7: Monitor and report information security events
S8: Recognise when and how to escalate information security events in accordance with relevant procedures and standards
S9: Review and modify access rights to digital information systems, services, devices or data
S10: Maintain an inventory of digital information systems, services, devices and data storage
S11: Scopes cyber security vulnerability assessments
S12: Evaluate the results of a cyber security vulnerability assessment
S13: Perform routine threat intelligence gathering tasks through consulting external sources
S14: Undertake digital information risk assessments
S15: Identify and categorise threats, vulnerabilities and risks in preparation for response or escalation
S16: Document cyber security event information whilst preserving evidence
S17: Draft information management reports using standard formats appropriate to the recipients
S18: Review and comment upon cyber security policies, procedures, standards and guidelines
S19: Perform cyber security compliance checks
S20: Translate audit requirements and collate relevant information from log files, incident reports and other data sources
S21: Communication skills to co-operate as part of a multi-functional, multi-disciplinary team using a range of technical and non-technical language to provide an effective interface between internal or external users and suppliers
S22: Keep up-to-date with legislation and industry standards related to the implementation of cyber security in an organisation

Behaviours

Behaviours (B) – The professional attitudes and values expected in the workplace. These include teamwork, adaptability, problem-solving, and ethical responsibility.

B1: Manage own time to meet deadlines and manage stakeholder expectations
B2: Work independently and take responsibility for own actions within the occupation
B3: Use own initiative
B4: A structured approach to the prioritisation of tasks
B5: Treat colleagues and external stakeholders fairly and with respect without bias or discrimination
B6: Act in accordance with occupation specific laws, regulations and professional standards and not accept instruction that is incompatible with any of these
B7: Review own development needs in order to keep up to date with evolution in technologies, trends and innovation using a range of sources

Once an apprentice has completed their apprenticeship, they will be ‘signed off’ by their employer/ provider as ready for end-point assessment of their knowledge and practical capabilities. In most cases, the assessment will be graded and must show the apprentice is fully competent and productive in the occupation.

Thomas Curwen

Trainer

With a strong background in cybersecurity and project management, Thomas is a passionate and knowledgeable tutor dedicated to helping learners build real-world technical skills. Drawing on his experience in both public and private sector roles, he specialises in cyber risk management, application security, and threat intelligence, with a talent for making complex topics easy to understand.

Key personal skills include a calm and engaging teaching style, excellent communication, and a genuine passion for helping others grow. Thomas is known for his learner-centred approach, practical mindset, and commitment to industry best practices. With recognised certifications including CompTIA Security+ and PMI’s CAPM, he brings both depth and clarity to the virtual classroom. He looks forward to supporting you on your journey into cybersecurity.

Q. What funding is available if I am in the Devolved Nations” (Scotland, Wales, NI)

Q. What are the responsibilities of an employer?

Q. What are the benefits of apprenticeships?

Q. How much does an apprenticeship cost?

Q. What is the salary of an apprentice?

Q. What is an apprenticeship?

Q. Can I train locally?

Q. Why choose Fareport as your Training Provider?

Q. What is End-point Assessment?

Q. What are the employer responsibilities of an apprentice?

Q. Who are Apprentices for?

Q. What is Off-the-Job Training?

Why choose to learn with Fareport Training?

Fareport Training was established in 1981 in order to offer young people a route into work through work based training. In 2014 the business was purchased with support from entrepreneur Theo Paphitis by Natalie Cahill and Marinos Paphitis. Since then we have been building on Fareport’s excellent reputation for high quality training and delivering training and apprenticeships across England. We are proud to offer:

Expert-Led Instruction: Gain insights from industry leaders and seasoned professionals.
Cutting-Edge Curriculum: Stay ahead with the latest trends, tools, and techniques.
Flexible Learning Options: Balance your education with your professional and personal life.

Enquire Today!

Please send us your details by completing this short form below and our Business Development team will be in touch to answer any questions and advise you of the next steps.

Customer Testimonials

Real experiences, real success—hear from our learners and employers about how our training programmes have made a difference.

Procurement & Supply Level 3

The best part was the support in preparing for exams and KSBs. Richard’s communication was ideal, boosting my confidence. I always felt supported and could easily access help whenever needed throughout my apprenticeship.

Bertie Watson

Isle of Wight Council

Buying & Merchandising Assistant Level 4

The most enjoyable part was completing practical tasks related to my job. It helped with EPA prep and reflection on my learning at ALDI. The training layout was clear, and the Principles of Buying applied well to my role.

Imogen Banton

Aldi

Warehousing & Storage Level 2

The apprenticeship helped me grow more than expected. My trainer Shirley was supportive, understanding my personal and health issues, and boosting my confidence in math. The course has prepared me well for advancing in my career and future education.

Jeffrey Packham

Kayospruce

Business Administration

After leaving college, I discovered apprenticeships and loved the idea of being treated as a colleague while still learning. I gained valuable office experience, responsibility, and confidence, all while earning and progressing in my career.

Leah Beck

No Limits

Business Administrator Level 4

I have already recommended the service. It was well-organised, and Sarah encouraged us to think outside the box. It strengthened my skills for the future and I believe it can help other students reach their career milestones.