At a Glance
- Tasks: Protect the UK's digital landscape by embedding security in system design and tackling complex challenges.
- Company: Join MI5, the UK's intelligence agency, dedicated to national security.
- Benefits: Enjoy flexible working, competitive salary, generous leave, and professional development opportunities.
- Other info: Diverse and inclusive workplace with excellent career growth and mentoring opportunities.
- Why this job: Make a real impact on national security while developing your cyber security expertise.
- Qualifications: Experience in cyber security roles and strong understanding of security principles required.
The predicted salary is between 64005 - 66332 £ per year.
Salary £64,005 for Manchester and £66,332 for London. Opportunities may qualify for additional allowances and a skills‑related payment under the Government Digital and Data Profession Capability Framework (GDDPCF), formerly the Digital, Data and Technology Capability Framework.
Flexible working: We support full time, part time, compressed hours, and other flexible working patterns. We recognise the importance of achieving a positive work‑home balance and will work with colleagues to consider flexible working arrangements where possible, taking individual circumstances and business needs into account. Some home‑working opportunities may be available; however, this role is primarily office‑based due to the sensitive nature of the work, and home working is not guaranteed.
About us: MI5 keeps the country safe from serious threats like terrorism and attempts by states to harm the UK, its people and way of life. We carry out investigations by obtaining, analysing, and assessing intelligence, and then work with a range of partners including MI6 and GCHQ to disrupt these threats. Through our protective security arm, we provide advice and guidance to government, businesses and other organisations about how to keep themselves safe. A role in MI5 means you’ll do unique and challenging work in a supportive and encouraging environment, making a real difference to UK national security.
The role: As a Senior Cyber Security Engineer, you’ll play a central role in protecting the organisation’s digital products, embedding security into how systems are designed and built. The role combines engineering and security expertise, applying practical skills to identify weaknesses, validate controls and help teams deliver secure, resilient systems from the outset.
Working within a highly collaborative environment, you’ll contribute to organisation‑wide security capability, tackling complex challenges across a diverse and evolving technology landscape. Early engagement in the development lifecycle is vital, shaping design decisions, influencing architecture and ensuring security is integrated into modern engineering practices.
Threat modelling, vulnerability assessment and security testing form a core part of the work, applying an adversarial mindset to uncover risks. Just as important is working directly with engineers, architects and stakeholders to resolve those risks, improve practices and raise the organisation’s overall security maturity.
You’ll take a “purple team” approach, combining elements of red team testing and defensive security – identifying vulnerabilities and working with teams to fix them, building better, more secure systems. The role also extends to the wider direction of security engineering: supporting less experienced colleagues, influencing technical decisions and helping stakeholders understand risk, trade‑offs and priorities. With a high degree of autonomy, you’ll take ownership of complex problems and play a key role in how security is delivered across the organisation.
About you: You bring practical experience in a security‑focused role, such as cyber security engineering, penetration testing, or a closely related technical discipline. This could be supported by a STEM degree with relevant experience, or a technical role with a strong security focus. Experience with real‑world systems is essential, identifying and solving security issues, alongside a solid understanding of core security principles such as Secure by Design. You have applied techniques such as threat modelling, vulnerability assessment or security testing, and you are confident thinking critically about how systems can be exploited and secured.
You communicate clearly with both technical and non‑technical stakeholders and are comfortable working collaboratively to resolve issues. Curious and pragmatic, you’re motivated to keep learning and apply your expertise to complex, high‑impact challenges.
Qualifications and Eligibility:
- Practised experience in a security‑focused role (e.g., cyber security engineering, penetration testing).
- Solid understanding and application of threat modelling, vulnerability assessment or security testing.
- Experience with real‑world systems and Secure by Design principles.
- Strong written and verbal communication, and ability to collaborate across technical and non‑technical teams.
- British citizen or holds dual British nationality.
- High security clearance – Developed Vetting (DV).
Training and development: From the moment you join, you’ll be supported to develop your expertise in cyber security through a blend of hands‑on experience and structured learning. You’ll work closely with experienced colleagues across a range of security challenges, gaining exposure to different systems, tools and approaches. A wide range of development opportunities is available, including on‑demand learning platforms, virtual cyber ranges and formal training aligned to your role. There is also support to achieve industry‑recognised certifications such as SANS, GIAC, CISSP or Offensive Security qualifications, alongside opportunities to attend UK‑based and international security conferences. As you grow, you’ll take on increasingly detailed work, building technical depth and influence, with the support of your team, mentoring opportunities and exposure to real‑world threat intelligence.
Rewards and benefits: 25 days annual leave, automatically rising to 30 days after 5 years of service, plus an additional 10.5 days public and privilege holidays. Opportunities to be recognised through our employee performance scheme. Dedicated development budget. Interest‑free season ticket loan. Excellent pension scheme. Cycle to work scheme. Facilities such as a gym, restaurant, and on‑site coffee bars (certain locations). Paid parental and adoption leave.
Equal opportunities: At MI5 diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under‑represented in our workforce such as women, ethnic minority background, people with disabilities and those from low socio‑economic backgrounds.
We’re Disability Confident: MI5 is proud to have achieved Leader status within the Department for Work and Pensions Disability Confident scheme. We aim to offer a fair and proportionate number of person‑to‑person interviews to any candidate who self‑identifies as disabled and meets the essential criteria for the role. This is our ‘Offer of Interview’ (OOI).
Reach the minimum pass mark for the online Situational Judgement Test (SJT). Demonstrate practical familiarity in a security‑focused role at application sift. Demonstrate the ability to identify and solve real‑world security issues including applying threat modelling, vulnerability assessment or security testing, and a solid understanding of Secure by Design principles at application sift.