Job description
Salary: £44,404, including a concessionary payment of £2,658. You may also qualify for a skills payment ranging from £4,513 to £9,812 and a recruitment bonus of £3,500, both dependent on technical ability and successful assessment during the interview process.
Flexible working: This role is based on full-time hours (37 hours per week) with flexibility around start and finish times within core working hours. While our preference is for full-time working, in exceptional circumstances we may consider part‑time arrangements, subject to business needs. We also offer hybrid working, which includes some remote working, typically one day per week from home with the remainder in the office. This arrangement may vary depending on operational requirements.
You can find out more about our work‑life balance page.
About us
GCHQ is an intelligence cyber and security agency with a mission to keep the UK safe. We use cutting‑edge technology, ingenuity and partnerships to identify, analyse and disrupt threats. Working with our intelligence partners, MI5 and MI6, we protect the UK from terrorism, cyber‑attacks, and espionage. At GCHQ you’ll do varied and fascinating work in a supportive and inclusive environment that emphasises teamwork.
The role
As an Infrastructure Engineer within Identity and Access Management, you’ll join a technically specialised capability that underpins secure access across the UK’s security services. Working across a wide range of systems and environments, the position ensures identity and access services remain stable, secure, and compliant. This work supports both national and international partners, safeguarding the integrity of mission‑critical systems.
In this technical role, you will be part of one or more product teams delivering and running identity services, supporting large and complex strategic programmes across the intelligence community. Responsibilities include acting as a product Subject Matter Expert (SME) working with stakeholders with a focus on maintaining existing capabilities and working with your peers to develop new ones for future initiatives. Depending on team alignment, you may also deepen your technical expertise or support colleague development.
Day‑to‑day work covers identity operations, incident resolution, and dealing with service requests across multiple platforms and technologies. Active participation in product development and roadmap planning ensures alignment with key initiatives and platform improvements. Collaboration is essential, requiring close engagement with internal and external stakeholders to strengthen access management and maintain compliance and reliability. Knowledge sharing is equally important, including mentoring and training to promote secure access practices and technical excellence. Occasional travel to Cheltenham and London will be required, with some limited opportunities for international travel.
About you
You’ll bring technical knowledge and practical experience in identity and access management, supported by a solid infrastructure background in either Windows or Linux environments. The role requires confidence in working with core identity technologies and security components, such as directory services, public key infrastructure, identity providers, authentication mechanisms, and privileged access solutions, ensuring robust and secure access across complex environments.
Comfort with solving complex problems and communicating technical concepts to a wide range of stakeholders, including senior leaders and non‑specialist users, is essential. Experience working across geographically dispersed teams is also important, as the role demands balancing operational support with strategic delivery. Most importantly, initiative, knowledge sharing, and a positive contribution to team culture are key in a high‑trust, mission critical environment.
Learning and development
From day one, you’ll be supported by a structured induction and a tailored development plan designed to help you grow into the role. Bringing your experience in identity and access management, you’ll enhance your skills through advanced training, formal learning, and opportunities to share knowledge with peers.
Building on your experience, we’ll provide advanced development opportunities across technical delivery, professional growth, and collaboration:
* Technical delivery: gaining practical experience and guidance from experienced mentors
* Professional development: pursuing certifications from Microsoft, Linux, CyberArk and more
* Collaboration: engaging with colleagues across teams and participating in cross‑organisational initiatives
* Continuous learning: accessing workshops, reading groups, internal conferences, and recognition schemes
As your expertise grows, there are opportunities to take on more responsibility, whether through technical leadership, mentoring or wider engagement across the organisation. Our culture champions autonomy, collaboration, and continuous learning.
Some of our benefits
You will enjoy 25 days annual leave, rising to 30 days after 5 years' service, alongside 8 bank holidays and 2.5 additional leave days (set dates through the year). We also offer a competitive pension, with employer contributions of at least 28.97%, an interest‑free season ticket loan, and much more. Discover more about our full range of benefits.
Equal opportunities
To protect the UK, we need a truly diverse workforce that reflects the society we serve. We welcome and encourage applications from all individuals, particularly those who are currently under‑represented in our workforce, such as:
* Women
* People from ethnic minority backgrounds
* Individuals with disabilities or neurodivergent conditions
* Those from low socio‑economic backgrounds
This is part of our commitment to building a culture that is welcoming and inclusive of people with different identities, lived experiences, and perspectives, where everyone has the confidence to bring their whole self to work. Find out more about our commitment to diversity and inclusion.
Offer of Interview
We’re also proud to have achieved Leader status within the Department of Work and Pensions’ Disability Confident scheme, we aim to ensure that a fair and proportionate number of disabled applicants who best meet the minimum essential criteria for this position are offered an interview where practicable; this is known as the ‘Offer of Interview.’
For this role, the minimum criteria (in order of application process) are:
* Meet the eligibility criteria by completing the initial application form and pre‑screening questions.
* Achieve the minimum pass mark in all three application questions.
As part of your application, you can declare if you have a disability or long‑term health condition and would like to be considered for an ‘Offer of Interview’. If you opt into the Disability Confident scheme and successfully complete these stages, you’ll be offered an interview; this is our “Offer of Interview”. Please note that in situations where we receive a high volume of applications, we may not be able to interview all candidates, including those with disabilities, who meet the minimum criteria.
If you have a disability, are neurodivergent, have a long‑term health condition or require reasonable adjustments for any other reason, please let us know so we can support you. To learn more about how we can help, read our reasonable adjustments brochure, or visit our how to apply page.
Application process
Our selection process is fair, transparent, and based on merit. You must pass each stage to progress. The Infrastructure Engineer recruitment process consists of:
* An initial online application form, including pre‑screening questions to ensure you meet our eligibility criteria.
* Combined interview stage, which includes a technical interview and a skills assessment, followed by a competency‑based interview. This stage may be delivered virtually or in person.
* The entire process can take 9 to 12 months, so if you are currently employed, we recommend staying in your existing role until you receive a final offer.
Before you apply
Due to the sensitive nature of our work, you must meet certain eligibility criteria (and we have some recommendations to help your application):
* Be a British citizen or hold dual British nationality. Read more on our eligibility criteria.
* Complete vetting and comply with our no drugs policy. Read more on our vetting process.
* Familiarise yourself with our guidance on the use of AI in applications, on our how to apply page.
* Complete your application from within the UK.
We’d recommend using a different email address (with no identifying features e.g., first and/or surnames and date of birth) for your contact with us. This helps keep your personal and application correspondence separate and more secure.
Note: Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside the UK will impact on our ability to progress your application. You should not discuss your application, other than with your partner or a close family member.
Right to withdraw statement: Please be aware that we reserve the right to close applications once a certain number have been received. Please submit your application as soon as possible to avoid missing out.
#J-18808-Ljbffr