Careers at MI5, MI6 and GCHQ
Senior Cyber Security Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Senior Cyber Security Engineer
Location: London or Greater Manchester
Salary: £64,005 for Manchester and £66,332 for London
In addition, there will be opportunities to qualify for additional allowances and a skills-related payment under the Government Digital and Data Profession Capability Framework (GDDPCF), formerly the (DDaT) Digital, Data and Technology Capability Framework.
Flexible working
We support full-time, part-time, compressed hours, and other flexible working patterns. We recognise the importance of achieving a positive work-home balance and will work with colleagues to consider flexible working arrangements where possible, taking individual circumstances and business needs into account. Some homeworking opportunities may be available; however, this role is primarily office-based due to the sensitive nature of the work, and home working is not guaranteed.
About us
MI5 keeps the country safe from serious threats like terrorism and attempts by states to harm the UK, its people and way of life. We carry out investigations by obtaining, analysing, and assessing intelligence, and then work with a range of partners including MI6 and GCHQ to disrupt these threats. Through our protective security arm, we provide advice and guidance to government, businesses and other organisations about how to keep themselves safe. A role in MI5 means you'll do unique and challenging work in a supportive and encouraging environment, making a real difference to UK national security.
The role
As a Senior Cyber Security Engineer, you'll play a central role in protecting the organisation's digital products, embedding security into how systems are designed and built. The role combines engineering and security expertise, applying practical skills to identify weaknesses, validate controls and help teams deliver secure, resilient systems from the outset.
Working within a highly collaborative environment, you’ll contribute to organisation-wide security capability, tackling complex challenges across a diverse and evolving technology landscape. Early engagement in the development lifecycle is vital, shaping design decisions, influencing architecture and ensuring security is integrated into modern engineering practices.
This role combines technical depth with real influence. Threat modelling, vulnerability assessment and security testing form a core part of the work, applying an adversarial mindset to uncover risks. Just as important is working directly with engineers, architects and stakeholders to resolve those risks, improve practices and raise the organisation's overall security maturity.
You’ll take a "purple team" approach, combining elements of red team testing and defensive security – identifying vulnerabilities and working with teams to fix them, building better, more secure systems.
The role also extends to the wider direction of security engineering: supporting less experienced colleagues, influencing technical decisions and helping stakeholders understand risk, trade-offs and priorities. With a high degree of autonomy, you'll take ownership of complex problems and play a key role in how security is delivered across the organisation.
About you
You’ll bring practical experience in a security-focused role, such as cyber security engineering, penetration testing or a closely related technical discipline. This could be supported by a STEM degree with relevant experience, or a technical role with a strong security focus.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Experience with real-world systems is essential, identifying and solving security issues, alongside a solid understanding of core security principles such as Secure by Design. You'll have applied techniques such as threat modelling, vulnerability assessment or security testing, and be confident thinking critically about how systems can be exploited and secured.
You communicate clearly with both technical and non-technical stakeholders and are comfortable working collaboratively to resolve issues. Curious and pragmatic, you’re motivated to keep learning and apply your expertise to complex, high-impact challenges.
Training and development
From the moment you join, you’ll be supported to develop your expertise in cyber security through a blend of hands-on experience and structured learning. You’ll work closely with experienced colleagues across a range of security challenges, gaining exposure to different systems, tools and approaches.
A wide range of development opportunities is available, including on-demand learning platforms, virtual cyber ranges and formal training aligned to your role. There is also support available to achieve industry-recognised certifications, such as SANS (The Sans Institute), GIAC (Global Information Assurance Certification), CISSP (Certified Information Systems Security Professional Qualification) or Offensive Security qualifications, alongside opportunities to attend UK-based and international security conferences.
As you grow in the role, you’ll take on increasingly detailed work, building both technical depth and influence, with the support of your team, mentoring opportunities and exposure to real-world threat intelligence.
Rewards and benefits
You’ll receive a starting salary from £64,005 to £66,332, depending on location, plus other benefits including:
- 25 Days Annual Leave automatically rising to 30 days after 5 years' service, and an additional 10.5 days public and privilege holidays
- opportunities to be recognised through our employee performance scheme
- dedicated development budget
- interest-free season ticket loan
- excellent pension scheme
- cycle to work scheme
- facilities such as a gym, restaurant, and on-site coffee bars (at some locations)
- paid parental and adoption leave
Equal opportunities
At MI5 diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce such as women, those from an ethnic minority background, people with disabilities and those from low socio-economic backgrounds.
Find out more about our culture, working environment and diversity on our website.
We’re Disability Confident
MI5 is proud to have achieved Leader status within the Department for Work and Pensions Disability Confident scheme. This is aimed at encouraging employers to think differently about disability and take action to improve how they recruit, retain, and develop disabled people. Being Disability Confident, we aim to offer a fair and proportionate number of person-to-person interviews to any candidate who self-identifies as disabled and meets the essential criteria for the role. This is our ‘Offer of Interview’ (OOI). To secure an interview for this vacancy, the essential criteria (in order of application process) are:


Get help with your application
Your very own career expert that helps elevate your application to the next level.
- You'll be required to reach the minimum pass mark for the online Situational Judgement Test (SJT), which assesses criteria important for all roles in our organisation
- Demonstrate practical familiarity in a security-focused role – to be assessed at application sift
- Demonstrate the ability to identify and solve real-world security issues including applying threat modelling, vulnerability assessment, or security testing, and a solid understanding of Secure by Design principles – to be assessed at application sift
There is a wide range of extra support available throughout the recruitment process to enable you to do your best, see our website for information on reasonable adjustments we can offer.
Before you apply
To work at MI5, you need to be a British citizen or hold dual British nationality. Read about our eligibility criteria. (Penna link to appropriate website Eligibility sections)
This role requires the highest security clearance, known as Developed Vetting (DV). It’s something everyone in the UK Intelligence Community undertakes. Find out more about the vetting process. (PENNA link to org website vetting page).
Please note we have a strict drugs policy, so once you start your application, you can’t take any recreational drugs and you’ll need to declare your previous drug usage at the relevant stage.
Before you apply, we advise you to consider setting up a separate email address for your contact with us, to ensure your personal and application correspondence remain separate. Try to avoid having identifying features in your email address, such as your first and/or surname and date of birth. This is good practice and will help you manage your application with us more discretely.
The role is based in London or Greater Manchester so you’ll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application, as we do not offer relocation costs.
We offer reasonable reimbursement of travel costs for candidates attending in-person appointments during the recruitment and vetting process. Full details will be provided with your interview or assessment invitation.
Reimbursement is discretionary and will only be made in line with the Candidate Expenses Policy, as amended from time to time. Candidates must book their own travel, using the most economical option, and provide original hardcopy receipts for reimbursement.
Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application. You should not discuss your application, other than with your partner or a close family member.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location