Cyber Security Analyst

Cyber Security Analyst

Cheltenham

£36,408 (includes £2,658 non-concessionary payment)

Flexible working: We recognise the importance of a healthy work-life balance and offer full-time, part-time, and compressed hours. While hybrid working can be more restricted, due to the nature of the work, around 20% home working may be available depending on business needs.

About Us

GCHQ is an intelligence, cyber and security agency with a mission to keep the UK safe. We use cutting-edge technology, ingenuity and partnerships to identify, analyse and disrupt threats. Working with our intelligence partners MI5 and MI6, we protect the UK from terrorism, cyber-attacks and espionage. At GCHQ you’ll do varied and fascinating work in a supportive and inclusive environment that puts the emphasis on teamwork.

The Role

As a Cyber Security Analyst, you’ll work with a close-knit team to protect our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be key in detecting, responding to, and mitigating risks. You’ll work closely with other technical teams, gaining deeper understanding of operational activities across various thematic areas. This will help you develop your skills and expertise in defensive strategies for operational infrastructure.

Typically, your day will start with a review of recent events, followed by a team meeting to coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to contain and resolve them.

You’ll also have the opportunity to dive into Digital Forensics to support security incidents. Whilst the role is akin to a cybersecurity role in the private sector, the scenarios you’ll face due to the unique nature of the work done by us will be anything but ordinary.

About You

Along with a passion for IT and eagerness to grow in the cyber security space, you’ll bring experience with scripting, along with an understanding of both Windows and Linux operating systems, and familiarity with Python. Along with this you’ll be interested in developing your skills with Amazon Web Services (AWS) and Microsoft Azure.

You’ll need to hold a cyber security certification or education at a foundation level (for example, CompTIA A+, CompTIA Network+, CompTIA Security+, OffSec, SOC200, GSEC, GCIA or GCIH certification). Alternatively, you will have 6 months experience in a cyber security role.

Beyond your technical skills, you’ll be an effective team worker, communicator and problem-solver. You know that collaborating is crucial to tackling complex threats and building effective solutions.

Training and Development

We’re committed to helping you develop your skills and reach your full potential. You’ll work with your line manager to identify areas for growth and development, and you’ll have access to formal in-house and on-the-job training as well as external training opportunities, including industry-recognised accreditations with SANS Institute (SysAdmin, Audit, Network and Security) and OFFSEC (Offensive Security).

From the moment you join us, you’ll be paired with a buddy to help you settle in and provide ongoing mentorship as you grow in your role. You’ll gain hands-on experience in cyber security, threat detection and incident response and gain a deeper understanding of operational and defensive strategies. This will support you with any opportunities for professional development and growth.

We’ll also offer opportunities to travel, attend conferences, and stay up to date with cyber security innovation. Any travel opportunities are not mandatory and will likely be infrequent.

Rewards and Benefits

You’ll receive a starting salary of £36,408 plus other benefits including:

• 25 Days Annual Leave automatically rising to 30 days after 5 years' service, and an additional 10.5 days public and privilege holidays
• Opportunities to be recognised through our employee performance scheme
• Interest-free season ticket loan
• Excellent pension scheme
• Cycle to work scheme
• Facilities such as a gym, restaurant, and on-site coffee bars (at some locations)
• Paid parental and adoption leave

Equal Opportunities

At GCHQ diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce such as women, those from an ethnic minority background, people with disabilities and those from low socio-economic backgrounds.

Find out more about our culture, working environment and diversity on our website.

What to Expect

Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order:

• Application sift, looking at your motivation for the role and the organisation and your essential skills
• Virtual competency and technical based interview
• If successful, you will receive a conditional offer of employment

Please note, you must successfully pass each stage of the process to progress to the next. Your application may take around 6 - 9 months to process including vetting, so we advise you continue any current employment until you have received your final job offer.

Before You Apply

To work at GCHQ, you need to be a British citizen or hold dual British nationality. This role requires the highest security clearance, known as Developed Vetting (DV). It’s something everyone in the UK Intelligence Community undertakes.

Please note we have a strict drugs policy, so once you start your application, you can’t take any recreational drugs and you’ll need to declare your previous drug usage at the relevant stage.

The role is based in Cheltenham so you’ll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application, as we do not offer relocation costs.

Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application.

Right To Withdraw Statement: Please be aware that we withhold the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. Please be mindful of this and submit your application at your earliest convenience to avoid disappointment.