Back to Blogs

What Security Clearance do you need for a job in cyber security?

  • Publish Date: Posted over 4 years ago
  • Author: Rebekah Valero-Lee

Do you keep thinking ‘What Security Clearance do you need for a job in cybersecurity?’ keep reading…

If you want to pursue a career in cybersecurity, at some point you may need to apply for Security Clearance. Having Security Clearance demonstrates to both employers and government officials that you can be trusted to have access to sensitive information.

There are four main types of Security Clearance you may need to work in IT cybersecurity – Baseline, Counter-Terrorist, Security Check and Developed Vetting. Different types of clearance will be required for different roles, projects or organisations.

Baseline Security Clearance

There are two types of baseline security checks: Baseline Personnel Security Standard (BPSS) and Enhanced Baseline Standard (EBS). BPSS is an entry-level pre-employment check and takes one or two days to complete, using the Police National Computer to make sure you have no convictions. An EBS isn’t a formal clearance check but is required before applying for other levels of Security Clearance.

You’ll usually be required to complete a BPSS or EBS check if you want to work in a cybersecurity role in the public sector or armed forces, as well as in the private sector if you’re going to be working on government contracts.

Counter Terrorist Check


The idea behind the Counter-Terrorist Check (CTC) is to prevent anyone who may have connections with terrorist organisations or may be vulnerable to pressure from them, from accessing sensitive information. The CTC can take up to six months to complete and will be valid for three years.

Cyber security professionals will be asked to complete a CTC if their work is going to involve them having close proximity to public figures, or require them to have unrestricted access to information or establishments that are deemed vulnerable to terrorist attacks.

Security Check

Security Check (SC) is the most common type of vetting process for cybersecurity professionals and once complete is valid for five years for contractors and 10 years for permanent employees. You’ll need SC clearance if your role requires substantial access to secret or top secret assets and information.

You need to have been a UK resident for at least 5 years and need to have successfully completed all stages of the vetting process, including:

  • Baseline Personnel Security Standard

  • Departmental/Company Records Check

  • Security Questionnaire

  • Criminal Record Check

  • Credit Reference Check

  • Security Service Check

Developed Vetting

Developed Vetting (DV) is the most comprehensive form of security vetting in the UK, and also the most expensive. IT professionals will only be required to have DV clearance if they’re working in the intelligence or security agencies, or if their role involves having substantial unsupervised access to top-secret assets and information.

To complete Developed Vetting, professionals must go through the following stages:

  • Baseline Personnel Security Standard

  • Departmental / Company Records Check

  • DV Security Questionnaire

  • Criminal Record Check

  • Credit Reference Check and review of personal finances

  • Security Service Check

  • Check of medical and psychological information provided

  • Interview and further enquiries, including interviews with character referees and current and previous supervisors

Find out more about a career in cybersecurity or apply for a role today.