Intrusion Analyst

GCHQ is offering you an exciting opportunity to join the National Cyber Security Centre (NCSC) as an Intrusion Analyst. Defending the nation against cyber attacks, you’ll be at the very hub of our workforce to protect UK assets from compromise. 


As one of Britain’s intelligence agencies, we unlock the complex world of communications to keep our nation safe. We work closely with our partners in the intelligence community to safeguard Britain’s people, interests and businesses from various threats. Think cyber-attacks, espionage, terrorism, and organised crime. It’s challenging, varied and meaningful work that you simply won’t find anywhere else. 


The NCSC works closely with law enforcement agencies as well as the intelligence community and industry, to help prevent, disrupt and investigate cybercrime and other cyber related threats. Cyber attacks can be initiated from anywhere across the globe, so as an Intrusion Analyst you’ll use available datasets to understand and respond to both malicious cyber actor capabilities, and their intent, including the vulnerabilities that an attacker seeks to exploit. Sometimes working collaboratively in a team and other times independently, you’ll interact with a variety of customers to tackle a variety of challenging problems. These problems will sometimes involve a high degree of uncertainty, but will reward you with enormous satisfaction, knowing that you’re contributing to your country’s National Security.

While the role is challenging, our flexible working policy ensures a healthy work-life balance. Wherever possible, we look to accommodate reduced hours or job share options balanced against business needs. 


We’re looking for people from all backgrounds who enjoy a challenge. Along with some cyber security knowledge, you’re comfortable with technology. A relevant certification or degree in Science, Technology, Engineering, Maths (STEM) or Physics, is desirable. Alternatively, career experience combined with a strong aptitude for cyber security (programming, scripting, networking, intrusion analysis, malware, vulnerability research, pen testing, reverse engineering, etc.) is acceptable. In this role, you could have the opportunity to work at different sites across the UK. 


At GCHQ we’re proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we’re committed to helping you fulfil your potential. Although you’ll be expected to have a certain level of technical knowledge, an intensive development programme will be available, as well as having an established learning path to enable you to operate at the highest possible standard. With various training and development opportunities, tailored to your personal needs and the requirements of your work, we’ll enable you to flourish in your role and perform to the very best of your abilities. 


Starting salary of £26,091 - £29,694, with the potential to earn skills and retention payments where applicable.


Cheltenham, with opportunities in London, Bude and Scarborough, North Yorkshire, focused on the cyber defence of UK Critical National Infrastructure (CNI) and Industrial Control Systems (ICS).


To apply for this position, you must meet our nationality, residency and security requirements. You’ll find more details here.

Be prepared to dedicate 60-90 minutes to completing your application. We’re conscious this might be more time than you expected, so our system will allow you to save your application at any time and come back to it later. But remember to submit your full application before the closing date. 

Once we’ve established that you meet our eligibility criteria, the next steps of this selection process are:

- Face to Face interview*

- Drugs test 

*Interviews will be held in Gloucester.                                          

If you successfully complete these stages, you’ll receive a job offer, conditional upon you completing our developed vetting (DV) process which enables you to obtain the level of security clearance required to perform this vital role.