Information Security Engineer in Manchester

Location: Old Trafford Stadium

At Manchester United, we believe that excellence on the pitch starts with excellence off the pitch. Our team thrives in a high-performance environment, united by a shared passion for success. We aim to elevate the standard of performance through collaboration and continuous growth, creating a space where everyone can contribute their best to our common goals.

Role

We are looking for a highly skilled Information Security Engineer with deep technical expertise in security tooling across both on-premise and cloud environments. You will lead threat detection, incident response, and security architecture efforts within a hybrid environment. This is a highly technical engineering role, where you’ll be hands-on developing and maintaining our security operations tooling.

Key Responsibilities

• Security Infrastructure & Engineering
  • Architect, implement, and manage security technologies including: SIEM (Sentinel), Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections).
  • Firewalls, IDS/IPS, WAF, VPN, and network segmentation solutions.
  • Cloud-native security controls (Azure Defender CSPM, AWS Security Hub / GuardDuty).
  • Design and implement advanced monitoring, logging, and alerting pipelines.
  • Design and enforce endpoint security baselines for Windows, macOS, Linux, and mobile devices.
  • Configure and manage Microsoft Intune for: Device compliance policies, Conditional Access enforcement, Application control and deployment, Mobile Device Management (MDM) and Mobile Application Management (MAM).
  • Build and maintain security automation (SOAR playbooks, custom scripts, integrations).
  • Experience with DevSecOps, container security, and CI/CD pipeline integration.
  • Implement hardening standards across OS, cloud, and applications (e.g. CIS benchmarks).
  • Maintain secure on-premise network architectures including segmentation, access control, and perimeter defence.
• Threat and Vulnerability Detection & Response
  • Lead security incident detection, investigation, and response activities alongside the SOC.
  • Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and automate playbooks using Logic Apps.
  • Perform root cause analysis and post-incident reviews to continuously improve our defences.
  • Run vulnerability scans, prioritise based on risk, and drive remediation efforts.
  • Research and test emerging threats, zero-days, and exploit mitigations.
• Cloud & DevSecOps Security
  • Implement security controls in CI/CD pipelines (SAST, DAST, container scanning).
  • Enforce security baselines in Azure and/or AWS (IAM, key management, encryption, logging).
  • Threat Intelligence – analyse potential threats, identify vulnerabilities, and implement measures to mitigate risks.
• Other
  • Provide technical expertise to projects and advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected.
  • Collaborate with other teams to ensure compliance with internal security policies and external regulations (e.g., ISO 27001, PCI-DSS, NIST, GDPR).

Skills & Experiences Required

• 5+ years hands-on experience in cybersecurity roles (ideally with a background in Infrastructure).
• Strong experience with Microsoft Sentinel: rule creation, threat hunting, workbooks, and automation.
• In-depth knowledge of network security, including principles such as zero trust and network security tooling such as Netskope.
• In-depth knowledge of Microsoft Defender suite (for Endpoint, Identity, Cloud, etc).
• Ideally knowledge of AWS security stack, including GuardDuty, CloudWatch and SecurityHub.
• Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS benchmark, PCI-DSS.
• Excellent incident responder with a passion for problem-solving.
• Strong sense of ownership, able to independently drive engineering projects.
• Always learning, keeping up-to-date with latest tools, exploits, and defence strategies.
• Able to advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected.

Preferred Certifications

• Microsoft Certified: Cybersecurity Architect Expert (SC-100).
• Microsoft Certified: Security Operations Analyst Associate (SC-200).
• Microsoft Certified: Azure Security Engineer Associate (AZ-500).
• Cybersecurity certifications, such as CompTIA Security+, CISSP.

What We Offer

• Annual incentive scheme.
• Wellness Support with access to mental health resources, digital health checks, and nutritionists through Aviva Digicare+.
• Workplace Exclusive Discounts through our United Rewards platform, giving you access to exclusive deals from the club and partners.
• Gym Facilities in our onsite locations and opportunities for regular social events and team-building activities.
• Enhanced family Leave Benefits and an opportunity to purchase additional holiday days.
• Enhanced Career Development with access to professional learning platforms like LinkedIn Learning, and internal training programs.
• A Supportive Work Environment that values diversity, equity and inclusion, and individual growth.

Our Commitment To You

At Manchester United, we believe that a diverse and inclusive environment makes us stronger. We are committed to building a team where everyone feels welcomed, valued, and empowered to contribute their unique perspectives. Diversity, equity and inclusion are at the core of our recruitment strategy, and we welcome applicants from all backgrounds.

Ready to Join Us?

If this sounds like the perfect role for you, please submit your application by Friday 13th February 2026. Manchester United is committed to safeguarding children and vulnerable adults, and as part of this commitment, all candidates will undergo a Disclosure and Barring Service check and reference checks. If you need any adjustments to help you perform at your best during the recruitment process, please feel free to contact us, and we will be happy to discuss them with you. It is unlawful to employ a person in a UK-based job who does not have permission to live and work in the UK. You should make yourself aware of how immigration laws apply to you before applying for any of our roles.