What are the Security Clearance Levels for IT professionals in the UK?

4 mins

Have you come across a job advert where one of the requirements is to be Security Cleared or...

Have you come across a job advert where one of the requirements is to be Security Cleared or Security Clearable?  Often, if you are applying for a job within the Public Sector in areas such as UK Defence, Security and Government sectors where your role will involve access to sensitive government assets, information or personnel - Security Clearance is pre-requisite.  Do you understand the different levels, how to go about clearance and the time it takes?

There are a few different levels and processes involved, which can be somewhat perplexing.  When working within the Public or Defence sectors, before you step foot on the premises, you may already have to be security cleared.  Depending on which role you are taking on, the Government checks carried out to clarify that you pose no risk to national security.

What are the levels of security and what IT jobs require them? In total there are 4 different levels of security clearance.

Baseline Personal Security Standard (BPSS) and Enhanced Baseline Standard (EBS)

Generally, these checks will apply to jobs being sought after in the public sector and Armed Forces.  They can also be required within the private sector dependant on what you will be working on and what you have access to such as confidential government assets.

This entry-level of security is designed to give assurance of trustworthiness, integrity, and reliability of a future employee. The Police National Computer (PNC) is used in this instance and checks to make sure the candidate has no current criminal convictions.  Identity documents and references are also used.

The EBS enhanced level is for a higher level of clearance and involves more in-depth checks. With this clearance in place, it means that you can gain supervised access to top secret material.  As well as the above-mentioned checks via the PNC, documents and references, interviews and references are also required from individual who can verify the candidate’s character in home and office environments.

Counter-Terrorism Check (CTC)

This check will apply for those working for the Police, within Legal and Government agencies.  You will need to have been a UK resident for a minimum of 3 years and can take up to 6 months and is valid for 3 years.   The process can also involve an interview with a DfT Security Officer, all the information is assessed and then either approval or refusal of CTC clearance is made.

The check will ascertain any connection to terrorist groups and determine if a person could be vulnerable to being pressurised by terrorist groups therefore potentially putting sensitive information at risk.

Security Check (SC)

This is the most commonly undertaken level of clearance and will be required for IT professionals who have access to top-secret assets and is transferable covering a wide range of Public Sectors including IT, Health, Government, Defence MoD as well as jobs in the Private Sector.

To be eligible for SC clearance, you must be a UK resident for 5 years. Expect the vetting to take up to 12 weeks and is reviewed every 5 years for Contractors and 10 years for permanent employees.   The stages of the SC vetting process are as follows:

  • Baseline Personnel Security Standard
  • Departmental/Company Records Check
  • Security Questionnaire
  • Criminal Record Check and
  • Security Service Check
Developed Vetting (DV)

This is the highest, most comprehensive and expensive level of security clearance for those in the Public Sector. Generally, this will only be a requirement when working with highly sensitive appointments and work tasks.   Once you have this level of clearance, you will have unsupervised access to top-secret assets and will be able to work within the Government Intelligence or security agencies, Defence, MoD and Aerospace. Not as many of these types of clearances are granted and will require reviewing and are re-investigated after a period of 5 years and every 7 years if there is a continuing need, depending on the specific circumstances.

Rather than being a general blanket of tests, DV vetting is much more specific and is tailored to the job or organisation.  To be eligible for DV clearance, you will have to be UK resident for 10 years, and the various stages include:

  • Baseline Personnel Security Standard
  • Criminal Record Check
  • Departmental/Company Records Check
  • Completion of a (DV) questionnaire
  • Credit Reference Check and review of personal finances
  • Security Service Check
  • Check of medical and psychological information provided
  • Further enquiries, which will include:
    • interviews with character referees and current and previous supervisors’ references (social, employment, education) in writing, by telephone or by interview from personal friends, tutors and employers as required.

The overall process can take a minimum of 6 months due to the in-depth nature of the vetting. You will be kept up to date with the officer looking after your application, so it is good advice to not hand in your resignation until you have the approval.

Even then, on completion, they will carry out on-going monitoring for risk-assessment purposes, which is known as ‘aftercare’.

What happens if I am refused Security Clearance?

During each process of whatever Security Clearance you are going for, all the information is assessed, and a decision is made, which could be a refusal. There are several reasons why something could be flagged and result in you being refused clearance:

  • Employment history showing gaps that have no explanation behind them.
  • Previous employment records indicating you have an untrustworthy nature, or that you are a security risk can lead to refusal.
  • Financial issues – CCJ’s or debt of a high amount may show that you could potentially be targeted for bribery, giving away confidential information for a cost.

If security service records show that you, or anyone of your family members and links and associations to radical groups, terrorists, or espionage, this is a straight refusal.

There are other forms of Security clearance, but for IT Professionals, those discussed will be the ones that you will come across.  Now you understand what the different levels are and what you can expect when undergoing Security clearance.