/*generated inline style */
Department
Technology Roles
/*generated inline style */
Location(s)
Central London
/*generated inline style */
Job description
Salary: £44,190 to £52,972, depending on skills and accreditation.
This role offers a specialist capability-based pay approach, designed to recognise and reward your cyber technical expertise. Following an assessment of your skills and experience at interview, you may be eligible for an additional skills payment, which could increase your salary to up to £52,972.
To maintain a higher salary within this range, you’ll be supported to demonstrate and accredit your skills against our Cyber Technical Framework within your first year. If you’re not able to evidence all the required skills straight away, we’ll provide support and time to help you close any gaps.
If the required level isn’t reached by the end of the first year, your salary may move to the lower end of the range. However, as your skills grow and are maintained, you’ll have ongoing opportunities to progress within the pay range at this grade. You can apply to have your developing skills levels recognised at regular intervals, in agreement with your line manager.
Flexible working: we support a range of flexible working arrangements including compressed hours, flexible start and finish times and part-time working where possible. Due to the sensitive nature of the role, this position is office-based and home or remote working is not possible.
About us
MI5 keeps the country safe from serious threats such as terrorism and attempts by states to harm the UK, its people and way of life. We carry out investigations by obtaining, analysing and assessing intelligence, and then work with a range of partners, including MI6 and GCHQ, to disrupt these threats. Through our protective security arm, we provide advice and guidance to government, businesses and other organisations on how to keep themselves safe. A role in MI5 means you'll do unique and challenging work in a supportive and encouraging environment, making a real difference to UK national security.
The role
As a Cyber Research Engineer based in MI5’s Cyber Collections team, the work is at the forefront of Cyber Security and contributes to the development of novel capabilities that directly support investigations. Your work focuses on gathering intelligence from computers, networks and devices used by hostile individuals, including terrorists, who pose serious threats to national security.
Working within a small, diverse team of security specialists, this role focuses on solving complex and often novel technical challenges. Day-to-day activities involve researching, developing, and testing innovative techniques and capabilities, as well as exploring and analysing systems to identify vulnerabilities and determine effective mitigations. The work spans open-source research and practical testing. Activities range from writing Python and decompiling Java, to conducting network penetration testing. You’ll also develop bespoke tooling to demonstrate findings, alongside building pipeline tools that improve efficiency, repeatability and scalability.
This is a project-based operational role with a strong cross-team ethos, focused on applying technical expertise to challenging problems and sharing techniques and approaches across teams. Clear documentation and presentation of findings are a key part of the work, supporting the development of innovative capabilities that are integral to protecting the country.
Close engagement with customers across the business is required to understand requirements, with success measured by tangible improvements in security outcomes. Knowledge sharing is a core expectation of the work, including teaching and mentoring colleagues, spreading new ideas, and enabling expertise and workloads to be shared effectively. The role involves writing both code and supporting documentation in equal measure. While there are opportunities to mentor others, this is not a line management position.
Collaboration with other UK agencies also forms part of the work. There is potential for infrequent national and overseas travel, including to partner organisations, conferences and workshops, though this is optional rather than mandatory.
About you
You have genuine interest in cyber security, developed through study, professional experience or personal projects, and a curiosity for solving complex problems and uncovering practical solutions. You’ll have some experience of programming in at least one higher-level application language for example Python or Java, and preferably some exposure to low-level systems programming languages such as C/C++ or Rust.
You’ll have awareness of, and interest in security research, reverse engineering, or operating system internals (including Windows, Linux, Android, iOS, and macOS), combined with a solid understanding of networking fundamentals such as TCP/IP. This understanding may have been gained through a relevant degree, training, or practical experience, and we welcome applications from candidates at different stages of their careers.
Effective collaboration skills are essential, as the work relies on teamwork and constructive engagement with others who may have different approaches or perspectives. A genuine motivation to build technically interesting solutions that deliver real value, alongside a willingness to share knowledge with others explaining concepts, contributing ideas or supporting colleagues in different ways, will be important for success in this role. You’ll help maintain professional standards while being considerate of different needs. Self-awareness, flexibility and openness to constructive feedback are important.
Training and development
When you join, you’ll get a comprehensive induction to the organisation, including an introduction to your immediate team and the wider Cyber Collections area. Induction is delivered primarily within the team, alongside the wider departmental familiarisation days that introduce you to different teams and functions across the office. From day one, you’ll be supported by a dedicated buddy and have access to mentoring, largely provided within the team itself.
We offer an inclusive and supportive working environment and are committed to supporting colleagues to develop both professionally and personally. Given the pace of change in security research and protective mitigations, continued learning is essential. You’ll be supported through structured training pathways and dedicated funding, aligned to different stages of development.
You’ll receive a bespoke training package tailored to your personal development needs and the requirements of the role. Training typically covers core computer and technology topics in a professional context, delivered largely through external courses. This may include working towards professional qualifications such as cloud certifications, systems administration, or network administration. You’ll also develop in more specialist areas such as forensics, reverse engineering, specific programming languages, or bespoke hardware. Training is delivered through a combination of external and internal courses.
You’ll have access to a dedicated development budget, funding for professional certifications based on business need and an allocation of development days to support learning and through formal training or independent research. There is also funding available for conferences, including both external industry events and internal conferences, providing opportunities for learning, networking and, where appropriate, presenting work to colleagues across the organisation.
As skills develop and are maintained, there is the opportunity to progress through additional pay points. You can apply for recognition that your skills have reached a higher level at regular intervals, when you and your line manager agree you are ready.
Rewards and benefits
You’ll receive a starting salary of £44,190 - £52,972 plus other benefits including:
25 days’ annual leave, rising automatically to 30 days after 5 years' service, plus an additional 10.5 days of public and privilege holidays
opportunities to be recognised through our employee performance scheme
an interest-free season ticket loan
a dedicated development budget
an excellent pension scheme
a cycle to work scheme
facilities such as a subsidised gym, restaurant, and on-site coffee bars (at some locations)
paid parental and adoption leave
Equal opportunities
At MI5, diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: people with different backgrounds, ages, ethnicities, gender identities, sexual orientations, ways of thinking, and those with disabilities or neurodivergent conditions. We therefore welcome and encourage applications from everyone, including those from groups that are underrepresented in our workforce, such as women, people from ethnic minority backgrounds, people with disabilities, and those from low socio-economic backgrounds.
Find out more about our culture, working environment and diversity on our website.
We’re Disability Confident
MI5 is proud to have achieved Leader status within the DWP’s Disability Confident scheme. This is aimed at encouraging employers to think differently about disability and take action to improve how they recruit, retain and develop disabled people. Being Disability Confident, we aim to offer a fair and proportionate number of person-to-person interviews to any candidate who self-identifies as disabled and meets the essential criteria for the role. This is our ‘Offer of Interview’ (OOI). To secure an interview for this vacancy, the essential criteria (in order of application process) are:
You'll be required to reach the minimum pass mark for the online Situational Judgement Test (SJT), which assesses criteria important for all roles in our organisation
Developed understanding of programming in high or low level languages – to be assessed at application sift
Demonstrate awareness of security research, reverse engineering or operation system internals and an understanding of network or internet protocols – to be assessed at application sift
There is a wide range of extra support available throughout the recruitment process to enable you to perform at your best. Please visit our application page for information on the reasonable adjustments we can offer.
What to expect
Our recruitment process is fair, transparent and based on merit. Here is a brief overview of each stage, in order:
An initial online application form including pre-screening questions to ensure you meet our eligibility criteria.
Online Situational Judgement Test (SJT) in which you rate the appropriateness of responses to a series of short scenarios.
Application sift, looking at your motivation for the role and the organisation.
If successful, you’ll be invited to an initial online interview where you’ll be asked questions relating to your motivation and our core competencies.
If successful, you’ll be invited to a face-to-face technical skills-based interview, in areas relevant to the role.
If successful, you’ll receive a conditional offer of employment, subject to vetting.
Please note, you must successfully pass each stage of the process to progress to the next. Your application may take around 6 to 9 months to process, including vetting, so we advise you continue any current employment until you have received your final job offer.
Before you apply
To work at MI5, you need to be a British citizen or hold dual British nationality. Read about our eligibility criteria.
This role requires the highest security clearance, known as Developed Vetting (DV). It’s something everyone in the UK Intelligence Community undertakes. Find out more about the vetting process.
Please note we have a strict drugs policy, so once you start your application, you must not take any recreational drugs, and you’ll need to declare your previous drug usage at the relevant stage.
Before you apply, we advise you to consider setting up a separate email address for your contact with us, to ensure your personal and application correspondence remain separate. Try to avoid having identifying features in your email address, such as your first and/or surname and date of birth. This is good practice and will help you manage your application with us more securely.
The role is based in Central London, so you’ll need to live within a commutable distance. Please consider any financial implications and practicalities before submitting an application. An interest-free loan is available to assist with relocating into privately rented accommodation to take up the offer of employment.
We offer reasonable reimbursement of travel costs for candidates attending in-person appointments during the recruitment and vetting process. Full details will be provided with your interview or assessment invitation.
Reimbursement is discretionary and will only be made in line with the candidate Expenses Policy, as amended from time to time. Candidates must book their own travel, using the most economical option, and provide original hardcopy receipts for reimbursement.
Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application. You should not discuss your application, with anyone other than your partner or a close family member.
Right to withdraw statement:
Please be aware that we reserve the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. To avoid disappointment, please submit your application at your earliest convenience.
/*generated inline style */