Cyber Security Analyst

Social network you want to login/join with:

Cyber Security Analyst

Location: Cheltenham

Salary: £36,408 (includes £2,658 non-concessionary payment)

Flexible working: We recognise the importance of a healthy work-life balance and offer full-time, part-time, and compressed hours. While hybrid working can be more restricted, due to the nature of the work, around 20% home working may be available depending on business needs.

GCHQ is an intelligence, cyber and security agency with a mission to keep the UK safe. We use cutting-edge technology, ingenuity and partnerships to identify, analyse and disrupt threats. Working with our intelligence partners MI5 and MI6, we protect the UK from terrorism, cyber-attacks and espionage. At GCHQ you’ll do varied and fascinating work in a supportive and inclusive environment that puts the emphasis on teamwork.

As a Cyber Security Analyst, you’ll work with a close-knit team to protect our organisation against a range of cyber threats. From malware outbreaks and insider activity to denial-of-service attacks and phishing, your role will be key in detecting, responding to, and mitigating risks. You’ll work closely with other technical teams, gaining deeper understanding of operational activities across various thematic areas. This will help you develop your skills and expertise in defensive strategies for operational infrastructure.

Typically, your day will start with a review of recent events, followed by a team meeting to coordinate ongoing investigations and set priorities. From there, you might analyse high-priority alerts, dig into logs, network traffic, or endpoint data using tools like Splunk, or develop new detection content to enhance our defences. You’ll also draw on threat intelligence to proactively strengthen our security posture. When incidents occur, you’ll take swift, decisive action to contain and resolve them.

You’ll also have the opportunity to dive into Digital Forensics to support security incidents. Whilst the role is akin to a cybersecurity role in the private sector, the scenarios you’ll face due to the unique nature of the work done by us will be anything but ordinary.

Along with a passion for IT and eagerness to grow in the cyber security space, you’ll bring experience with scripting, an understanding of both Windows and Linux operating systems, and familiarity with Python. You’ll be interested in developing your skills with Amazon Web Services (AWS) and Microsoft Azure.

You need to hold a cyber security certification or education at a foundation level (e.g., CompTIA A+, Network+, Security+, OffSec, SOC200, GSEC, GCIA, or GCIH), or have 6 months experience in a cyber security role.

Beyond your technical skills, you’ll be an effective team worker, communicator, and problem-solver. Collaborating is crucial to tackling complex threats and building effective solutions.

We’re committed to helping you develop your skills and reach your full potential through in-house and external training, including industry-recognised certifications with SANS Institute and OFFSEC. You’ll be paired with a mentor, gain hands-on experience, and have opportunities to attend conferences and stay current with cyber security innovations.

You’ll receive a starting salary of £36,408 plus benefits such as:

• 25 Days Annual Leave, rising to 30 days after 5 years, plus 10.5 public and privilege holidays
• Recognition through our employee performance scheme
• Interest-free season ticket loan
• Excellent pension scheme
• Cycle to work scheme
• Facilities like gym, restaurant, and coffee bars (at some locations)
• Paid parental and adoption leave

We value diversity and inclusion, encouraging applications from under-represented groups, including women, ethnic minorities, disabled individuals, and those from low socio-economic backgrounds. Learn more at our website.

GCHQ is a Leader in the DWP’s Disability Confident scheme, committed to fair recruitment and support for disabled applicants. Minimum criteria for interview include relevant certifications or 6 months experience in cyber security, assessed via CV sift.

The recruitment process includes application review, virtual interviews, and a conditional job offer. The process may take 6-9 months, including vetting. Continue current employment until final offer.

You must be a British citizen or hold dual British nationality. The role requires Developed Vetting (DV) clearance, and applicants should meet eligibility criteria, including residency and security policies. Consider practicalities like location and travel, as relocation costs are not covered.

We may close applications early once sufficient applications are received. Apply promptly to avoid missing out.