NCSC Cyber Assurance Consultant Ref. 3436

Cheltenham, Manchester

Job Description

Job Summary

GCHQ, is an intelligence, cyber and security agency with a mission to keep the UK safe. We use cutting-edge technology, ingenuity and partnerships to identify, analyse and disrupt threats. Working with our intelligence partners MI5 and MI6, we protect the UK from terrorism, cyber-attacks and espionage. At GCHQ you'll do varied and fascinating work in a supportive and inclusive environment that puts the emphasis on teamwork.

The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government's lead authority on cyber security. The organisation is at the heart of the Government's cyber security strategy and has the aim of making the UK the safest place to live and work online.

NCSC's Technical Assurance Group (TAG) assures products used to protect the nation's most sensitive data. We use a range of approaches to build confidence in products, to understand the risks of using them and the threats they face. We then trace, verify and improve the products' security by influencing their design, implementation, testing and manufacture so that they can withstand the highest levels of threat from our most capable adversaries.

What will the successful candidate be doing?

As an NCSC Cyber Assurance Consultant, you'll carry out technical analysis of components of products, or of entire products and across the whole development lifecycle, from requirements to implementation on one or two products at a time. You will work with and communicate your findings to a Senior Cyber Assurance Consultant, and you will also aid them in technical exchanges with our Industry partners.

As a NCSC Senior Cyber Assurance Consultant, you will lead and coordinate the assurance of 1 product to start off with, building up to 2-3 products at a time, using your own skills and bringing in expertise from around the team and wider NCSC. You will nurture our relationships with our industry partners that build the products, regularly connecting with them and sharing knowledge, clearly explaining our standards and requirements, and justifying any feedback we give them. You will help our Industry colleagues evolve their approach to product design and assurance, and demonstrate leadership qualities, supporting others to upskill and build their career in an inclusive environment.

Both roles will involve developing your skills to ensure we can support evolving technologies and approaches and adapting your way of doing assurance as we improve our practice and increase our capabilities as a team. You can influence our evolution by bringing your own skills, experience and ideas to the effort and help identify and explore areas to improve.

Training for your first year is at your own pace and on the job, with friendly, supportive and experienced team members to support your learning and development. We encourage fresh ideas to improve how we work.

Both roles will work together on the assurance of several products. You will need sound analytical and communication skills to do the technical work and communicate your findings.

Our areas of expertise include:

1. Threat and Risk
2. Product Engineering Practice
3. Software Technologies and Implementation
4. Hardware Technologies and Implementation
5. Cryptography
6. Testing and Verification
7. Supply Chain and Manufacturing Security

Person Specification

The successful applicant will need to have:

For the NCSC Cyber Assurance Consultant role, we are looking for people with some experience in any of:

1. Secure programming
2. Mathematics
3. Cryptography
4. Electronics
5. VHDL
6. FPGAs
7. PCBs
8. Cybersecurity more generally

Your experience may stem from research or analysis on personal projects, degree related study, an online course, academic assignments, or work within a related industry.

For the NCSC Senior Cyber Assurance Consultant role, we welcome applications from experienced candidates who have significant experience in a related field, regardless of educational background.

We'll expect you to have prior experience in some of our key areas:

1. Software, Cryptography and/or
2. Microelectronics, VHDL, FPGAs, PCBs, cybersecurity.

You'll have formal or informal experience:

1. leading a small team and
2. collaborating with senior leaders and technical specialists alike.

GCHQ Competencies

The NCSC will assess you against competencies used by the UK Intelligence Community. These competencies are based closely on the Civil Service Behaviours.

The competencies for the Cyber Assurance Consultant role (at Competence Level 2) and the competencies for the Senior Cyber Assurance Consultant role (at Competence Level 3) you'll be assessed against are:

1. Continuously Developing
2. Communicating and Influencing
3. Working Collaboratively
4. Making Effective Decisions
5. Delivering Outcomes

Benefits and Rewards

At NCSC and GCHQ, we are proud of our inclusive and supportive working environment that's designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we are committed to helping you fulfil your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we will enable you to flourish in your role and perform to the very best of your abilities.

For the NCSC Cyber Assurance Consultant role, you'll receive a starting salary of £36,408.

In addition, during your first year there is the expectation to qualify for Skill Level 1 (Information Assurance) that will bring a skills payment of £4,420 (per annum).

For the NCSC Senior Cyber Assurance Consultant role, you'll receive a starting salary of £44,044. In addition, during your first year there is the expectation to qualify for Skill Level 2 (Information Assurance) that will bring a skills payment of £8,840 (per annum).

Other benefits:

1. 25 Days Annual Leave automatically rising to 30 days after 5 years' service, and an additional 10.5 days public and privilege holidays
2. An environment with flexible working options
3. Opportunities to be recognised through our employee performance scheme.
4. Interest-free season ticket loan
5. Cycle to work scheme
6. Facilities such as a gym, restaurant and on-site coffee bars (at some locations)
7. Paid parental and adoption leave.
8. Excellent pension scheme - Civil Service pension

Equal Opportunities

At GCHQ diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce such as women, those from an ethnic minority background, people with disabilities and those from low socio-economic backgrounds.

There is a wide range of extra support available throughout the recruitment process to enable you to do your best.

Selection Process

What to Expect

Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order:

1. Online Application
2. Application sift - looking at your motivation for the role and the organisation
3. Virtual Interview
4. If successful, you'll receive a conditional offer of employment.

Please note, you must successfully pass each stage of the process to progress to the next. Your application may take around 6 - 9 months to process including vetting, so we advise you to continue any current employment until you have received your final job offer.

Before You Apply

To work at GCHQ, you need to be a British citizen or hold dual British nationality.

This role requires the highest security clearance, known as Developed Vetting (DV). It's something everyone in the UK Intelligence Community undertakes.

Please note we have a strict drugs policy, so once you start your application, you can't take any recreational drugs and you'll need to declare your previous drug usage at the relevant stage.

The role is based in Cheltenham or Manchester, so you'll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application, as we do not offer relocation costs.

Please note, you should only launch your application from within the UK.

The closing date for this role is: 07/04/2025 at 23:55.

Right to Withdraw Statement:

Please be aware that we withhold the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. Please be mindful of this and submit your application at your earliest convenience to avoid disappointment.