The programme is made up as follows:
- Core Modules – which are taken by apprentices on all routes
- Cyber Security Technical Professional Honours Project
- Cyber Security Technical Professional End Point Assessment
Modules
Level 4
- Computer Architecture and Operating Systems Design
You will consolidate your understanding of computing hardware components and operating systems and will be able to commission a digital system considering several typical operating systems including Windows and Unix derivative OS as used within your chosen field. You will consider others from the ever-increasing alternatives to the traditional x86 computing operating systems too. A key focus will be commissioning a system to meet the required security policy.
- Cyber Security Fundamentals
As the first module of the Cyber Security Technical Professional Degree Apprenticeship this module introduces the fundamental topics that make up a typical Cyber Security role including researching, analysing, modelling, assessing and planning the management of cyber security risks. As well as developing your academic research skills and producing an individual analysis of a security incident, you will also work with a team of CSTP apprentices to undertake research and develop and present your findings relating to the risk assessment and mitigations to a cyber-attack.
- Programming Concepts and Algorithms
You'll gain a solid foundation in key programming concepts such as variables, data types, control structures, data structures, input/output, and functions, as well as the mathematical concepts supporting computing topics. The main focus though is developing your problem-solving skills and programming practices, including testing and debugging. You will develop solutions to problems considering and selecting suitable problem-solving approaches and algorithms for tasks like sorting, searching, tree traversal. You’ll evaluate algorithm complexity using Big-O notation, use structured design methods like pseudocode, and formally document your solutions. Throughout, you'll learn to design and assess different coding approaches, balancing simplicity and complexity to meet specific problem requirements.
Computer Networks are collections of linked computing devices, this module considers the technologies that join them together, correct configuration of networked devices adds significantly to the security of IT systems. Starting with considering the basic building blocks of computer technology you will learn about the technologies and protocols of the Internet including the OSI/TCP suite, TCP and UDP communications, IP addressing, Ethernet, wireless networks, switching, routing, network design, documentation, management, and troubleshooting. Upon successful completion of the module, you should be a skilled user who is able to design a basic network efficiently, can begin to configure network devices e.g. switches, routers etc.
- Fundamentals of Secure Programming
This module builds on your knowledge of programming concepts and algorithms exploring further programming approaches as well as methodologies such as waterfall and agile. You'll develop your programming skills by working with classes, objects, inheritance, polymorphism, and designing applications using UML. You’ll access and handle external data through REST APIs delivering JSON, and build user interfaces using web standards, HTML, CSS, and event-driven programming. The module also covers testing, debugging, and deploying applications, while introducing you to clean code principles and environmentally conscious green computing practices.
- Data and Secure Distributed Systems
Central to many IT systems is the data behind the application and of course the security of it. This module will cover how to design, develop and manage databases and will consider issues relating to the management and control of replicated and distributed databases. You will consider both theoretical and practical angles with assessment requiring you to work on two case studies to explore problems and identify solutions.
Level 5
Gain an understanding of the ethical and legal issues in cyber security. Explore vulnerability identification, threat analysis, and security assessment methodologies. Learn the business rationale behind penetration testing and examine its technical foundations. Topics include foot printing, scanning, system hacking, and enumeration. Evaluate automated security assessment tools and develop skills in writing test reports and planning post-test actions. Additional relevant topics may be introduced where appropriate. Examples from Linux and other modern operating systems will be used to support and illustrate the concepts taught throughout the course, providing practical insights into real-world cyber security practices and procedures.
- Secure Application Development
You will examine how security can be compromised throughout the software development process—from insecure code to vulnerable development environments. You’ll learn how to design and build secure applications by identifying and addressing common vulnerabilities, including legacy or weak code. Topics include secure development practices, risk assessment, threat modelling, cryptography, secure coding patterns, managing secrets, input validation, failure handling, and web security. You’ll also explore the secure software supply chain, development environments, and methods for testing and maintaining data confidentiality, integrity, and availability.
- Digital Forensics Fundamentals
This module introduces you to the scope and practice of digital forensics, covering the full investigation lifecycle in line with standards such as ISO 27037. You will examine file systems (particularly Windows), analyse system artefacts like NTFS and registries, and perform evidence acquisition using forensic tools like FTK Imager, Autopsy, and EnCase. Alongside the practical skills the module emphasizes documenting findings, structured reporting, and presenting evidence clearly to stakeholders. Legal and ethical considerations, including GDPR, the Data Protection Act, and admissibility of evidence, are explored throughout. You'll also develop skills in ethical analysis, intrusion detection, and the use of SIEM tools.
- Networked Infrastructure Security
This module focuses on advanced network infrastructure and its role in ensuring secure and efficient communication within and across networks. You will explore addressing schemes and route optimisation techniques to improve network performance and resilience. Key routing protocols such as EIGRP, OSPF, static routing, and Border Gateway Protocol (BGP) are examined in depth, alongside implementation of VLANs and multi-layer switching for segmenting and securing network traffic. The module also covers first-hop redundancy protocols and Spanning Tree Protocol (STP) to ensure high availability and prevent network loops. Emphasis is placed on securing these technologies and using monitoring software to detect, analyse, and respond to network threats. By the end of the module, you'll be able to design and maintain a robust, secure, and high-performance network infrastructure suitable for modern enterprise environments.
- Cyber Security Project and Professional Practice
Cyber Security Project and Professional Development gives you the opportunity at the end of your second year to consider how you are progressing against your apprenticeship requirements and career aspirations. You will undertake an assessment of your career goals and investigate how well you are placed to meet those goals, what actions you need to take to address any short falls at this stage of your development. One of your key actions will of course be to complete your apprenticeship, and to check on how you are progressing against this you will undertake a reflective audit of the evidence you already have in place from completed modules and work-based evidence, much of which will have been identified in your Tripartite Reviews. This will mean that you truly understand where you sit against the required Knowledge, Skills and Behaviours of the standard as you head into level 6 of the apprenticeship.
You will develop substantial further evidence by undertaking an individual work-based project which will require you to specify the work by developing a project proposal, and implementing the work with the underpinning academic requirements, all great preparation for your Honours Project and End Point Assessment to come in the future.
Level 6
- Malware Analysis and Reverse Engineering
The module will provide you with the ability to undertake assessments of software in various forms and will allow you to determine software from malware. You will be provided with an in-depth understanding of the various forms of malware, and how this is used to infect machines and hide from defenders.
You will study core cryptographic concepts, including symmetric and asymmetric encryption, encryption standards, security protocols, and quantum-resistant cryptography. Alongside this, you'll examine AI fundamentals and technologies such as statistical patterns, Bayesian methods, and natural language processing to understand how AI can enhance threat detection and automate security processes. The module also addresses how AI can compromise cryptographic systems and explores legal, ethical, and privacy considerations. Practical work includes applying AI tools to cryptographic challenges, offering insight into AI’s dual role in securing and attacking encrypted systems.
- IoT Systems Development and Security
The Internet of Things (IoT) is a network of physical devices embedded with sensors, software, and connectivity, enabling them to collect and exchange data. These devices range from everyday items like smart home appliances to complex industrial systems. IoT allows for automation, real-time monitoring, and improved efficiency across sectors such as healthcare, agriculture, manufacturing, and transportation. However, there is huge potential for issues relating to privacy and security. This module will not only develop your skills in designing and deploying and IoT solutions but will do so whilst considering the legal, ethical and importantly security context too.
- Cyber Security Technical Professional Honours Project
This is the capstone project to your Cyber Security Apprenticeship where you will undertake in-depth, critical research to inform the development of effective solutions to a cyber security scenario drawn from your workplace. You will apply established best practices, methodologies, and industry-recognised approaches to address complex security challenges. Emphasis is placed on the ability to critically evaluate the success and impact of your project work using suitable testing, validation, and evaluation techniques. You will also be expected to plan, execute, and present a well-structured and professionally managed project. This includes identifying and mitigating risks, while addressing the legal, ethical, and social considerations relevant to cyber security practice. Throughout the module, you will be required to adhere to appropriate academic standards and professional codes of conduct, demonstrating both technical competence and responsible practice. By the end, you will have developed a comprehensive understanding of cyber security project work from inception to evaluation, preparing you for professional practice in a complex and evolving threat landscape.