NCSC Government Community Lead Ref. 2842

Black History MonthMind Silver AwardThe Times Top 100Disability confident leaderThe Prince's Responsible BusinessStonewall Diversity Champion 2021The Guardian UK 300 logoSocial Mobility Foundation Award

Information Assurance and Specialists
Cheltenham, London, Manchester
You’ll receive a starting salary of £45,676 plus an annual National Security Payment of £2,428, subject to mandatory training. A London Allowance of £6,250 is applicable for London contracted employees.

At GCHQ, we unlock the complex world of data and communications to keep the UK and its citizens safe, both in the real world and online. Working closely with our British Intelligence partners in MI5 and MI6, we protect the UK from threats including serious organised crime, terrorism, and cyber-attacks. A role in GCHQ means you’ll have varied and fascinating work in a supportive and encouraging environment that puts the emphasis on teamwork.

The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government’s lead authority on cyber security. The organisation is at the heart of the Government’s cyber security strategy and has the aim of making the UK the safest place to live and work online.   

This is an exciting opportunity to play a leading role in building Defend As One communities across UK Government in support of the Government Cyber Security Strategy.

Based in NCSC’s Incident Management team, the role will work with new and existing communities around the UK to share incident management and cyber security operations knowledge to develop maturity and autonomy across government.

This role will deliver to the Defend As One ‘pillar’ of the Government Cyber Security Strategy. Defend As One aims to develop communities across government that are empowered to detect and respond to cyber incidents by facilitating the sharing of skills, experience, best practice and maturity.

Job Description

What will the successful candidate be doing?

The successful candidate will operate as an NCSC representative, performing an enabling role to bring communities together and to work with them to develop good practice by sharing skills and experience both laterally and outwardly from NCSC.

The successful candidate will act as a hinge into communities, both mature and developing, to pinpoint and develop opportunities for NCSC to foster capabilities within them to identify, analyse, prioritise and respond to incidents with increased autonomy and agility. They will guide Incident Management Response practices to build maturity, act as an interlocutor to join NCSC products and outputs with communities across government and identify and lead collaboration opportunities.

This post will manage a ‘community of communities’ and facilitate the development of skills and good practice within them, enable them to learn from each other, share laterally, and identify opportunities for NCSC to better support them to operate autonomously and at scale.

These opportunities will exploit NCSC’s unique position to add value in a scalable way. This will begin with tactical or pilot initiatives, but the lessons learned will see the role define NCSC strategies for contributing in a sustainable way. Skills, tradecraft, process, threat intelligence, Active Cyber Defence projects, sources of tips and NCSC wisdom are all in scope.

The successful candidate will deliver to NCSC’s Incident Management Strategy and the Government Cyber Security Strategy and will define and deliver a workstream of tactical and strategic initiatives to achieve scaled impact across government.

Person Specification

To apply for this role, you will already need to hold a valid DV clearance.

The ideal applicant should be able to demonstrate strong evidence of leadership within a cybersecurity community. Experience of  Cyber Security Operations Centre (SOC) operations and/or Incident Management/Response processes at large/multi organisation scale and best practice is essential for the role. They will be able to demonstrate a foundational knowledge of cyber security principals and an aptitude for identifying and applying relevant skills and knowledge to achieve impact.

This role requires strong representation skills, in particular the ability to work with customers to positively influence good cybersecurity practices. The successful candidate must be confident leading sessions with a wide range and size of audiences. Travel to meet with key communities will be encouraged.

Incident Management, or other Cybersecurity related technical skills would be valued, however they are not a prerequisite for the role. 

GCHQ Competency Requirements

•    Communication and Knowledge sharing - Higher
•    Corporate Vision and Efficiency - Intermediate
•    Change and Innovation - Intermediate
•    Analysis and Decision Making - Intermediate
•    Contribution to Delivery - Higher
•    Managing the Customer Relationship - Higher
•    Working with and Leading Others - Higher

You can familiarise yourself with the general competencies we use to assess the aptitude of candidates here - Recruitment Process

Benefits we offer

At NCSC and GCHQ, we are proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes.  As an organisation that values and nurtures talent, we are committed to helping you fulfil your potential.  With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we will enable you to flourish in your role and perform to the very best of your abilities.

You’ll receive a starting salary of £45,676 plus an annual National Security Payment of £2,428, subject to mandatory training.  A London Allowance of £6,250 is applicable for London contracted employees. 

Other benefits:

•    25 Days Annual Leave automatically rising to 30 days after 5 years' service, and an additional 10.5 days public and privilege holidays
•    An environment with flexible working options
•    Opportunities to be recognised through our employee performance scheme.
•    Interest-free season ticket loan
•    Cycle to work scheme
•    Facilities such as a gym, restaurant and on-site coffee bars (at some locations)
•    Paid parental and adoption leave.
•    A Civil Service pension with an average employer contribution of 27%

Selection Process

Before You Apply

To work at GCHQ, you need to be a British citizen or hold dual British nationality. You can read our full eligibility criteria here

This role requires the highest security clearance, known as Developed Vetting (DV). It’s something everyone in the UK Intelligence Community undertakes. You can find out more about the vetting process here. To apply for this role you will already need to hold a valid DV clearance.

Please note we have a strict drugs policy, so once you start your application, you can’t take any recreational drugs and you’ll need to declare your previous drug usage at the relevant stage.

The role is based in London, Cheltenham or Manchester so you’ll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application, as we do not offer relocation costs.

Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application. You should not discuss your application, other than with your partner or a close family member.

What to Expect

Our recruitment process is fair, transparent, and based on merit. Here is a brief overview of each stage, in order:

•    Application, you'll be asked to provide a personal statement, please explain why you are suitable for the role and the skills and experience you will bring (up to 250 words). You'll also be asked to supply evidence against the below  GCHQ Competencies:

- Managing the Customer Relationship (up to 300 words)

- Communications and Knowledge Sharing (up to 300 words)

•    Interview

•    If successful, you will receive a conditional offer of employment subject to vetting.

Please note, you must successfully pass each stage of the process to progress to the next. Your application may take around 6 months to process including vetting, so we advise you to continue any current employment until you have received your final job offer.

We’re Disability Confident

GCHQ are proud to have achieved Leader status within the DWP’s Disability Confident scheme.  This is aimed at encouraging employers to think differently about disability and take action to improve how they recruit, retain and develop disabled people.  Being Disability Confident, we aim to offer a person-to-person interview to any candidate who self-identifies as disabled and meets the essential criteria for the role.  This is our ‘Offer of Interview’ (OOI). To secure an interview for this vacancy, the essential criteria (in order of application process) are:

•    Applicants must have a valid DV clearance.
•    Applicants must demonstrate on their application strong experience within a relevant Cyber Security oriented role, and experience with SOC operations and/or Incident Response processes at large/multi organisation scale, as well as meet the competency requirements for the role.

Equal Opportunities

At GCHQ diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce such as women, those from an ethnic minority background, people with disabilities and those from low socio-economic backgrounds.

Find out more about our culture, working environment and diversity on our website:

Our Vetting

To work in this role, you will need the highest security clearance, known as Developed Vetting (DV). It’s something everyone in the UK Intelligence Community must go through and it can take some time. As part of the DV process you will be asked to fill in a detailed questionnaire and attend an interview with a vetting officer. In your interview the vetting officer will have a thorough, compassionate, and honest discussion with you about you as a person and your life experiences, to ensure holding a DV clearance is right for you. You don’t need to do any preparation for your vetting interview, just be honest and be yourself. All applicants for DV are treated impartially and consistently, irrespective of gender, race, disability, religion, age, sexual orientation, and other protected characteristics.

The closing date for this role is: 11:55pm 13th April 2023

Right to Withdraw Statement: 

Please be aware that we withhold the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. Please be mindful of this and submit your application at your earliest convenience to avoid disappointment.

This Program / Vacancy is closed to applications.