GCHQ
Cyber Security Analyst Ref. 3780

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Cyber Security Analyst Ref. 3780
Cyber Security Analyst | Ref. 3780
Location: Cheltenham, Manchester │ Closing Date: 23:00 on Tuesday 21st July 2026
Salaries & Benefits
- Starting salary: £37,892 per annum, including a £2,758 concessionary payment.
- After 6–13 months, eligible for a non-pensionable skills payment of either £7,247 or £15,757 (subject to assessment and reviewed every three years).
Key Details
Flexible Working
- Supports flexible arrangements, including part-time, compressed hours, and flexible start/finish times.
- Most work is on-site, with some homeworking opportunities available but not guaranteed due to operational needs.
About GCHQ
At GCHQ, we uphold national security by protecting the UK from threats including:
- Organised crime
- Terrorism
- Cyber-attacks
We collaborate with MI5, MI6, and British Intelligence partners to safeguard citizens and critical infrastructure in a fast-evolving digital landscape.
The Role: Cyber Security Analyst (CSIRT)
As a Cyber Security Analyst in GCHQ’s Cyber Security Incident Response Team (CSIRT), you will:
Core Responsibilities
-
Monitor and investigate cyber threats (malware, insider threats, DoS attacks, phishing) to protect critical systems.
-
Interpret network logs, traffic, and endpoint data using tools like Splunk.
-
Prioritise incidents based on severity in a 24/7 operational environment.
-
Provide daily updates on findings to drive team protections.
-
Develop automations to enhance Security Operations Centre (SOC) efficiency.
-
Create new detection content leveraging threat intelligence.
-
Assist in forensic investigations and linking digital forensic evidence to HR cases.
-
Collaborate with IT, security, and operational teams to mitigate risks.
-
Scope to work on individual projects, allowing opportunities for specialisation.
Who You Are
- A problem-solver with a curiosity for cybersecurity and a passion for continuous skill development.
- Minimum requirement: Experience in one core discipline, such as:
- Malware analysis
- Intrusion detection
- Security monitoring
- Incident response (ideally in a Security Operations Centre (SOC) environment)
- Strong, hands-on knowledge of:
- Windows/Linux internals
- Cloud technologies (e.g., AWS, Azure)
- Desirable: Broader IT experience, certifications, or projects in threat analysis.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Training & Development
Support at GCHQ
- Comprehensive training schemes, including:
- Organisational induction + buddy support
- Access to internal/external training programs
- Potential to earn security certifications (e.g., CISSP, OSCP)
- No mandatory overseas travel, though occasional UK/UK-based conferences may arise.
Rewards & Benefits
- Annual leave: 25 days (30 days after 5 years), plus 10.5 days holiday per year.
- Recognition & pay bonuses under the employee performance scheme.
- Interest-free season ticket loan.
- Cycle-to-work scheme.
- On-site facilities: gym, restaurant, coffee bars (availability varies).
- Paid parental leave (adoption included).
- Excellent pension scheme.
Diversity & Inclusion
GCHQ values a diverse workforce, aiming to mirror the society it protects. We welcome applicants from underrepresented groups, including:
- Women
- Ethnic minorities
- Disabled individuals
- Neurodivergent and differently able candidates
- Individuals from lower socio-economic backgrounds
Equal opportunities are encompassed in our recruitment policies, including:
- Offer of an Interview (OOI) program for disabled candidates meeting essential criteria.
- Supportive adjustments throughout the application process.
Essential Criteria for Interview Consideration
To progress beyond the CV sift, candidates must:
- Meet the minimum standard for the Online Situational Judgment Test (SJT).
- Demonstrate experience as a Cyber Security/SOC Analyst, with evidence of:
- Malware analysis
- Intrusion detection
- Security monitoring
- Incident response
Support during recruitment:
- A range of assistance is available to maintain equal accessibility (contact GCHQ’s inclusivity team for details).


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Recruitment Process
Our recruitment is fair, transparent, and multi-stage:
- Online application (pre-screening questions).
- Situational Judgment Test (SJT) – assesses workplace suitability.
- Motivation application (explains your interest in GCHQ and the role).
- Online scenario test – evaluates your responses to simulated challenges.
- Assessment Centre (role-plays, group tasks, formal interview).
- Final interview (conditional offer).
Duration: 6–9 months (includes vetting clearance). Instruction: Applicants retain current employment pending job offer.
Critical Requirements Before Applying
-
Eligibility for security clearance:
- Must be a British citizen or dual-British national (check visa requirements).
- Must successfully undergo the Developed Vetting (DV) process.
-
Strict workplace policy:
- Zero tolerance for recreational drugs from the application stage onwards.
- Full declaration required on drug usage at respective vetting stages.
-
Email security measure:
- Use a new, non-personal email address (e.g., avoid identifying features such as first names or dates of birth).
- Spare email accounts help maintain secure communications and isolate professional matters from personal data.
-
Costs for relocation: None provided.
- Candidates must live in a commutable distance of Cheltenham or Manchester.
- Tree lighting costs during the application/vetting process: UK-only travel reimbursement (limited to the most economical tariffs) via receipt submission.
Application Instructions
- Launch applications only from within the UK (applications from overseas may prevent processing progress).
- Avoid discussing the application with anyone other than close contacts (partner/family).
- Submissions are closed forever if not submitted by the deadline.
URI: Apply now [Application Portal].
Locations: 📍 Cheltenham 📍 Manchester
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills