Rodeo
ResourcesPartnersSign in

GCHQ

Cyber Security Analyst Ref. 3780

Cheltenham
£37.9k/yr
Posted 2 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Cyber Security Analyst Ref. 3780

Cyber Security Analyst | Ref. 3780

Location: Cheltenham, Manchester │ Closing Date: 23:00 on Tuesday 21st July 2026


Salaries & Benefits

  • Starting salary: £37,892 per annum, including a £2,758 concessionary payment.
  • After 6–13 months, eligible for a non-pensionable skills payment of either £7,247 or £15,757 (subject to assessment and reviewed every three years).

Key Details

Flexible Working

  • Supports flexible arrangements, including part-time, compressed hours, and flexible start/finish times.
  • Most work is on-site, with some homeworking opportunities available but not guaranteed due to operational needs.

About GCHQ

At GCHQ, we uphold national security by protecting the UK from threats including:

  • Organised crime
  • Terrorism
  • Cyber-attacks

We collaborate with MI5, MI6, and British Intelligence partners to safeguard citizens and critical infrastructure in a fast-evolving digital landscape.


The Role: Cyber Security Analyst (CSIRT)

As a Cyber Security Analyst in GCHQ’s Cyber Security Incident Response Team (CSIRT), you will:

Core Responsibilities

  • Monitor and investigate cyber threats (malware, insider threats, DoS attacks, phishing) to protect critical systems.

  • Interpret network logs, traffic, and endpoint data using tools like Splunk.

  • Prioritise incidents based on severity in a 24/7 operational environment.

  • Provide daily updates on findings to drive team protections.

  • Develop automations to enhance Security Operations Centre (SOC) efficiency.

  • Create new detection content leveraging threat intelligence.

  • Assist in forensic investigations and linking digital forensic evidence to HR cases.

  • Collaborate with IT, security, and operational teams to mitigate risks.

  • Scope to work on individual projects, allowing opportunities for specialisation.


Who You Are

  • A problem-solver with a curiosity for cybersecurity and a passion for continuous skill development.
  • Minimum requirement: Experience in one core discipline, such as:
    • Malware analysis
    • Intrusion detection
    • Security monitoring
    • Incident response (ideally in a Security Operations Centre (SOC) environment)
  • Strong, hands-on knowledge of:
    • Windows/Linux internals
    • Cloud technologies (e.g., AWS, Azure)
  • Desirable: Broader IT experience, certifications, or projects in threat analysis.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.


Training & Development

Support at GCHQ

  • Comprehensive training schemes, including:
    • Organisational induction + buddy support
    • Access to internal/external training programs
    • Potential to earn security certifications (e.g., CISSP, OSCP)
  • No mandatory overseas travel, though occasional UK/UK-based conferences may arise.

Rewards & Benefits

  • Annual leave: 25 days (30 days after 5 years), plus 10.5 days holiday per year.
  • Recognition & pay bonuses under the employee performance scheme.
  • Interest-free season ticket loan.
  • Cycle-to-work scheme.
  • On-site facilities: gym, restaurant, coffee bars (availability varies).
  • Paid parental leave (adoption included).
  • Excellent pension scheme.

Diversity & Inclusion

GCHQ values a diverse workforce, aiming to mirror the society it protects. We welcome applicants from underrepresented groups, including:

  • Women
  • Ethnic minorities
  • Disabled individuals
  • Neurodivergent and differently able candidates
  • Individuals from lower socio-economic backgrounds

Equal opportunities are encompassed in our recruitment policies, including:

  • Offer of an Interview (OOI) program for disabled candidates meeting essential criteria.
  • Supportive adjustments throughout the application process.

Essential Criteria for Interview Consideration

To progress beyond the CV sift, candidates must:

  1. Meet the minimum standard for the Online Situational Judgment Test (SJT).
  2. Demonstrate experience as a Cyber Security/SOC Analyst, with evidence of:
    • Malware analysis
    • Intrusion detection
    • Security monitoring
    • Incident response

Support during recruitment:

  • A range of assistance is available to maintain equal accessibility (contact GCHQ’s inclusivity team for details).

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Recruitment Process

Our recruitment is fair, transparent, and multi-stage:

  1. Online application (pre-screening questions).
  2. Situational Judgment Test (SJT) – assesses workplace suitability.
  3. Motivation application (explains your interest in GCHQ and the role).
  4. Online scenario test – evaluates your responses to simulated challenges.
  5. Assessment Centre (role-plays, group tasks, formal interview).
  6. Final interview (conditional offer).

Duration: 6–9 months (includes vetting clearance). Instruction: Applicants retain current employment pending job offer.


Critical Requirements Before Applying

  • Eligibility for security clearance:

    • Must be a British citizen or dual-British national (check visa requirements).
    • Must successfully undergo the Developed Vetting (DV) process.
  • Strict workplace policy:

    • Zero tolerance for recreational drugs from the application stage onwards.
    • Full declaration required on drug usage at respective vetting stages.
  • Email security measure:

    • Use a new, non-personal email address (e.g., avoid identifying features such as first names or dates of birth).
    • Spare email accounts help maintain secure communications and isolate professional matters from personal data.
  • Costs for relocation: None provided.

    • Candidates must live in a commutable distance of Cheltenham or Manchester.
    • Tree lighting costs during the application/vetting process: UK-only travel reimbursement (limited to the most economical tariffs) via receipt submission.

Application Instructions

  1. Launch applications only from within the UK (applications from overseas may prevent processing progress).
  2. Avoid discussing the application with anyone other than close contacts (partner/family).
  3. Submissions are closed forever if not submitted by the deadline.

URI: Apply now [Application Portal].


Locations: 📍 Cheltenham 📍 Manchester

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Cyber Security
Malware Analysis
Intrusion Detection
Security Monitoring
Incident Response
Windows Internals
Linux Internals
Cloud Technologies
Threat Intelligence
Digital Forensics
Automation
Splunk

Location

Cheltenham, England, United Kingdom

Sign up to applySee more jobs like this