Apprentice

The Apprentice supports Keltbray's cybersecurity operations by providing first‑line defence against threats, helping to ensure secure and uninterrupted business activities. You will promote cybersecurity awareness throughout Keltbray by leading awareness campaigns and engaging staff in best practices to strengthen the overall security culture. This role is responsible for monitoring, detecting, and responding to potential security incidents, maintaining cyber hygiene across all systems, and assisting with compliance to recognised standards such as Cyber Essentials Plus (CE+).

• Assist in monitoring, analysing, and responding to alerts from security tools such as firewalls, SIEM, EDR, and SWG systems under supervision.
• Identify, triage, and escalates potential security incidents in line with defined procedures, seeking guidance when necessary.
• Support the investigation and remediation of security alerts and vulnerabilities alongside senior team members.
• Help operate and maintain the organisation's vulnerability management platform (Qualys) to detect and remediate system vulnerabilities, under direction.
• Assist with automated and manual patch deployment cycles, ensuring timely remediation of identified risks.
• Contribute to regular reports summarising vulnerability trends, patch compliance, and remediation progress.
• Support the administration of endpoint protection, detection and response solutions to safeguard against malware, ransomware and unauthorised access.
• Assist with the configuration and management of encryption, device control and endpoint policy enforcement.
• Help ensure devices remain compliant with baseline configurations and endpoint protection policies.
• Support monitoring and management of the organisation's SWG platform to enforce safe and secure internet usage.
• Apply web access policies and content filtering aligned with organisational security posture, under supervision.
• Assist in investigating and reporting on web‑based security events, ensuring appropriate remediation steps are taken.
• Support the ITSD in maintaining ongoing Cyber Essentials Plus readiness through vulnerability testing, evidence gathering and compliance validation.
• Assist with annual CE+ assessment preparation and help ensure all technical controls meet required standards.
• Work collaboratively across IT functions to remediate non‑compliance issues and improve audit readiness.

• Understanding of best practice in relation to cyber security.
• Assist in the secure onboarding and off‑boarding of users, ensuring access rights are correctly provisioned and removed.
• Assist in post‑incident reviews and help document lessons learned for continuous improvement.
• Help carry out periodic checks to ensure systems and processes comply with internal and external standards.
• Provide basic end‑user support/training of hardware and software.
• Maintain a good level of working IT knowledge and practices.
• Engage effectively with any ICT supplier and third parties regarding support of software, hardware and systems.
• Keep working area, cupboards and storage area clean, tidy, safe and equipment/spares organised.
• Follow information security procedures and maintain information security controls.
• Develop and monitor the effectiveness of information security training and awareness resources.
• Handle and assess the validity of security requests from a range of internal and external stakeholders.
• Follow technical procedures to install and maintain technical security controls.
• Monitor and report information security events, recognising when and how to escalat e them in accordance with relevant procedures and standards.
• Review and modify access rights to digital information systems, services, devices or data.
• Maintain an inventory of digital information systems, services, devices and data storage.
• Scope cyber security vulnerability assessments and evaluate the results.
• Perform routine threat intelligence gathering tasks through external sources.
• Undertake digital information risk assessments.
• Identify and categorise threats, vulnerabilities and risks in preparation for response or escalation.
• Document cyber security event information while preserving evidence.
• Draft information management reports using standard formats appropriate to the recipients.
• Review and comment upon cyber security policies, procedures, standards and guidelines.
• Perform cyber security compliance checks.
• Translate audit requirements and collate relevant information from log files, incident reports and other data sources.
• Communicate effectively as part of a multi‑functional, multi‑disciplinary team using a range of technical and non‑technical language to provide an effective interface between internal or external users and suppliers.
• Keep up‑to‑date with legislation and industry standards related to the implementation of cyber security in an organisation.

• IT, Computer Science or a related subject (Grade Pass, A–C or 4–9). Share any other relevant qualifications and industry experience – the apprenticeship can be tailored to reflect what you already know.
• A demonstrable interest in IT or cyber security.
• A‑levels, BTEC or equivalent in IT, Computer Science or a related subject.
• Basic principles of cyber security, including confidentiality, integrity and availability.
• Knowledge of cyber security threats and vulnerabilities such as malware, phishing, ransomware and social engineering.
• Understanding of key cyber security policies and standards (acceptable use, incident management, patching, anti‑virus, access control).
• Familiarity with identity and access management principles.
• Basic technical troubleshooting and problem‑solving skills.
• Strong written and verbal communication skills, including the ability to explain technical issues to non‑technical users.
• Ability to document incidents, actions and findings clearly and concisely.
• Teamwork and the ability to collaborate with other departments.
• Strong organisational skills, attention to detail and good time‑management.
• Willingness to learn new technologies and security practices.
• Ability to prioritise tasks and work effectively within a fast‑paced environment.
• Understanding of data protection principles and the ability to handle confidential information responsibly and ethically.

Keltbray is a UK‑leading specialist engineering contractor, offering engineering, construction, demolition, decommissioning, remediation, environmental services and reinforced concrete frame solutions. We are a key player in developing and maintaining Britain's built environment and major civil engineering infrastructure. Operating in highly regulated climates, we transform sites across the UK. Our purpose is to redefine the way sustainable development is delivered. Working in partnership with our stakeholders, we contribute to economic growth, social advancement and environmental protection. We champion diversity and inclusion, fostering an environment where people can bring their true selves to work every day.