Job Summary
GCHQ is an intelligence, cyber and security agency with a mission to keep the UK safe. We use cutting-edge technology, ingenuity and partnerships to identify, analyse and disrupt threats. Working with our intelligence partners MI5 and MI6, we protect the UK from terrorism, cyber-attacks and espionage. At GCHQ you'll do varied and fascinating work in a supportive and inclusive environment that puts the emphasis on teamwork.
The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government's lead authority on cyber security. The organisation is at the heart of the Government's cyber security strategy and has the aim of making the UK the safest place to live and work online.
NCSC's Technical Assurance Group (TAG) assures products used to protect the nation's most sensitive data. We use a range of approaches to build confidence in products, to understand the risks of using them and the threats they face. We then trace, verify and improve the products' security by influencing their design, implementation, testing and manufacture so that they can withstand the highest levels of threat from our most capable adversaries.
Job Description
What will the successful candidate be doing?
As an NCSC Cyber Assurance Consultant, you'll carry out technical analysis of components of products, or of entire products and across the whole development lifecycle, from requirements to implementation on one or two products at a time. You will work with and communicate your findings to a Senior Cyber Assurance Consultant, and you will also aid them in technical exchanges with our Industry partners.
As a NCSC Senior Cyber Assurance Consultant, you will lead and coordinate the assurance of 1 product to start off with, building up to 2-3 products at a time, using your own skills and bringing in expertise from around the team and wider NCSC. You will nurture our relationships with our industry partners that build the products, regularly connecting with them and sharing knowledge, clearly explaining our standards and requirements, and justifying any feedback we give them. You will help our Industry colleagues evolve their approach to product design and assurance, and demonstrate leadership qualities, supporting others to upskill and build their career in an inclusive environment.
Both roles will involve developing your skills to ensure we can support evolving technologies and approaches and adapting your way of doing assurance as we improve our practice and increase our capabilities as a team. You can influence our evolution by bringing your own skills, experience and ideas to the effort and help identify and explore areas to improve.
Training for your first year is at your own pace and on the job, with friendly, supportive and experienced team members to support your learning and development. We encourage fresh ideas to improve how we work.
Both roles will work together on the assurance of several products. You will need sound analytical and communication skills to do the technical work and communicate your findings.
Our areas of expertise include:
1. Threat and Risk
2. Product Engineering Practice
3. Software Technologies and Implementation
4. Hardware Technologies and Implementation
5. Cryptography
6. Testing and Verification
7. Supply Chain and Manufacturing Security
Person Specification
The successful applicant will need to have:
For the NCSC Cyber Assurance Consultant role, the set of technologies we already use is varied and constantly growing. As such, we don't expect you to have had detailed experience or be a technical specialist. However, we are looking for people with some experience in any of:
1. Secure programming
2. Mathematics
3. Cryptography
4. Electronics
5. VHDL
6. FPGAs
7. PCBs
8. Cybersecurity more generally
Your experience may stem from research or analysis on personal projects, degree related study, an online course, academic assignments, or work within a related industry.
We want to see your interest in technology, a willingness to learn, and your innate curiosity. You're the type of person that relishes solving problems. You're comfortable working with others as well as independently, and able to communicate technical concepts to a range of audiences.
For the NCSC Senior Cyber Assurance Consultant role, we welcome applications from experienced candidates who have significant experience in a related field, regardless of educational background.
We'll expect you to have prior experience in some of our key areas:
1. Software, Cryptography and/or
2. Microelectronics, VHDL, FPGAs, PCBs, cybersecurity.
You'll have formal or informal experience:
1. leading a small team and
2. collaborating with senior leaders and technical specialists alike.
You will also know how to coach and improve the personal and technical development of the team and be able to demonstrate this.
GCHQ Competencies
The NCSC will assess you against competencies used by the UK Intelligence Community. These competencies are based closely on the Civil Service Behaviours.
The competencies for the Cyber Assurance Consultant role (at Competence Level 2) and the competencies for the Senior Cyber Assurance Consultant role (at Competence Level 3) you'll be assessed against are:
1. Continuously Developing (Civil Service Behaviour Equivalent: Developing Self and Others)
2. Communicating and Influencing (Civil Service Behaviour Equivalent: Communicating and Influencing)
3. Working Collaboratively (Civil Service Behaviour Equivalent: Working Together)
4. Making Effective Decisions (Civil Service Behaviour Equivalent: Making Effective Decisions)
5. Delivering Outcomes (Civil Service Behaviour Equivalent: Delivering at Pace)
Benefits and Rewards
At NCSC and GCHQ, we are proud of our inclusive and supportive working environment that's designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we are committed to helping you fulfil your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we will enable you to flourish in your role and perform to the very best of your abilities.
For the NCSC Cyber Assurance Consultant role, you'll receive a starting salary of £36,408.
In addition, during your first year there is the expectation to qualify for Skill Level 1 (Information Assurance) that will bring a skills payment of £4,420 (per annum).
For the NCSC Senior Cyber Assurance Consultant role, you'll receive a starting salary of £44,044.
In addition, during your first year there is the expectation to qualify for Skill Level 2 (Information Assurance) that will bring a skills payment of £8,840 (per annum).
Other benefits:
1. 25 Days Annual Leave automatically rising to 30 days after 5 years' service, and an additional 10.5 days public and privilege holidays
2. An environment with flexible working options
3. Opportunities to be recognised through our employee performance scheme.
4. Interest-free season ticket loan
5. Cycle to work scheme
6. Facilities such as a gym, restaurant and on-site coffee bars (at some locations)
7. Paid parental and adoption leave.
8. Excellent pension scheme - Civil Service pension
Equal Opportunities
At GCHQ diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce such as women, those from an ethnic minority background, people with disabilities and those from low socio-economic backgrounds.
Find out more about our culture, working environment and diversity on our website: Diversity & Inclusion | GCHQ Careers
There is a wide range of extra support available throughout the recruitment process to enable you to do your best, see our website How to Apply | GCHQ Careers for information on the reasonable adjustments we can offer.
Disability Confident
GCHQ are proud to have achieved Leader status within the DWP's Disability Confident scheme. This is aimed at encouraging employers to think differently about disability and take action to improve how they recruit, retain and develop disabled people. Being Disability Confident, we aim to offer a person-to-person interview to any candidate who self-identifies as disabled and meets the essential criteria for the role. This is our 'Offer of Interview' (OOI). To secure an interview for this vacancy, the essential criteria (in order of application process) are:
For the Cyber Assurance Consultant role:
1. Demonstrate proficient analytical ability - Assessed at CV sift.
2. Demonstrate proficient communication skills - Assessed at CV sift.
1. Demonstrate experience in one or more of the following - Assessed at CV sift:
1. Threat and Risk
2. Product Engineering Practice
3. Software technologies and Implementation
4. Hardware technologies and Implementation
5. Cryptography
6. Testing and Verification
7. Supply Chain and Manufacturing Security
For the Senior Cyber Assurance Consultant:
1. Demonstrate proficient analytical ability - Assessed at CV sift.
2. Demonstrate proficient communication skills - Assessed at CV sift.
2. Demonstrate deep experience in one or more of the following - Assessed at CV sift:
1. Threat and Risk
2. Product Engineering Practice
3. Software technologies and Implementation
4. Hardware technologies and Implementation
5. Cryptography
6. Testing and Verification
7. Supply Chain and Manufacturing Security
Selection Process
What to Expect
Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order:
1. Online Application
2. Application sift - looking at your motivation for the role and the organisation
3. Virtual Interview
4. If successful, you'll receive a conditional offer of employment.
Please note, you must successfully pass each stage of the process to progress to the next. Your application may take around 6 - 9 months to process including vetting, so we advise you to continue any current employment until you have received your final job offer.
Before You Apply
To work at GCHQ, you need to be a British citizen or hold dual British nationality. You can read our full eligibility criteria here.
This role requires the highest security clearance, known as Developed Vetting (DV). It's something everyone in the UK Intelligence Community undertakes. You can find out more about the vetting process here.
Please note we have a strict drugs policy, so once you start your application, you can't take any recreational drugs and you'll need to declare your previous drug usage at the relevant stage.
Before you apply, we advise you to consider setting up a separate email address for your contact with us, to ensure your personal and application correspondence remain separate. Try to avoid having identifying features in your email address, such as your first and/or surname and date of birth. This is good practice and will help you to manage your application with us more securely.
The role is based in Cheltenham or Manchester, so you'll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application, as we do not offer relocation costs.
Please be aware, if you are a successful candidate based in Manchester, you will need to complete a three-month familiarisation period in Cheltenham before starting the role at your home base. This will involve staying in Cheltenham for the duration of the working week. There is likely to be some travel required to Cheltenham and other partner sites throughout your time in the team. (Travel and accommodation cost are covered by the business.)
Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application. You should not discuss your application, other than with your partner or a close family member.
The closing date for this role is: 07/04/2025 at 23:55.
Right to Withdraw Statement:
Please be aware that we withhold the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. Please be mindful of this and submit your application at your earliest convenience to avoid disappointment. #J-18808-Ljbffr