Security & Infrastructure Engineer in Manchester

Security & Infrastructure Engineer in Manchester

Manchester Full-Time No working from home possible
Sterling Computers Corporation

Job Title: Security & Infrastructure Engineer (On-Premise Focus)

Reports To: Head of Engineering

Location: Manchester, UK


About the Role: We are looking for a motivated and hands-on Security & Infrastructure Engineer to join our team and help secure our critical platforms across both on-premise VMware environments and hybrid cloud infrastructure (VMware Cloud Foundation, AWS, Azure, and GCP).

This is a technical, execution-focused role where you will implement, configure, monitor, and maintain security controls while gaining valuable experience with advanced technologies such as VMware NSX, vDefend, Palo Alto Networks, and major public cloud platforms. You will work closely with senior engineers to support security hardening, compliance, logging, and incident response in a high-security, regulated environment.

This is an excellent opportunity for someone with solid foundational experience who wants to grow their skills across traditional on-premise security and modern hybrid cloud environments. This is a full-time fixed-term role requiring 5 days per week on-site (no remote or hybrid options). Occasional UK travel may be required.

Security Clearance Required: Secret Clearance at a minimum. Willing to attain Developed Vetting.


Key Responsibilities

  • Implement and maintain security controls across on-premise VMware infrastructure, with a focus on network and workload segmentation.
  • Ability to lead the configuration and optimisation of VMware NSX (Distributed Firewall policies and micro-segmentation) and VMware vDefend to support zero-trust principles and reduce lateral movement risk.
  • Help manage and tune Palo Alto Networks next-generation firewalls (policy creation, App-ID/User-ID, threat prevention profiles, NAT, and VPN configuration).
  • Support the hardening of Windows Server environments and Microsoft technologies (Active Directory, Group Policy) in line with security best practices and CIS Benchmarks.
  • Contribute to security monitoring and visibility by working with the Elastic Stack (Elasticsearch, Kibana, Beats) and Elastic Security for log collection, dashboards, alerting, and basic threat detection.
  • Assist with security tasks across hybrid cloud environments, including:
    • Basic security configuration and monitoring in VMware Cloud Foundation (VCF).
    • Supporting security controls in AWS, Azure, and GCP (e.g. IAM policies, security groups, network ACLs, logging, and basic compliance checks).
    • Help maintain secure hybrid connectivity between on-prem and cloud environments.
  • Apply CIS Benchmarks, STIGs, and other hardening standards across systems and networks, and support remediation activities.
  • Drive security monitoring, incident response, and basic root cause analysis.
  • Embed security into operational processes and support DevSecOps practices by assisting with vulnerability scanning, configuration management, and automation where appropriate.
  • Collaborate with vendors, auditors, and internal teams to ensure compliance with regulatory and organisational requirements.
  • Maintain documentation and contribute to security reporting and compliance activities.

Required Qualifications & Experience

  • 3-6 years of hands-on experience in cybersecurity engineering, focused on on-premise enterprise environments.
  • Proven expertise in VMware NSX (micro-segmentation, DFW policies, integration) and VMware vDefend (Distributed Firewall, advanced threat prevention).
  • Strong experience designing and managing Palo Alto Networks firewalls (NGFW, Panorama, threat prevention, GlobalProtect).
  • Experience with Cisco security/networking technologies (secure routing/switching).
  • Extensive experience securing Windows environments (Server, Active Directory, Group Policy Objects, endpoint hardening).
  • Familiarity with CIS Benchmarks and their practical application to harden systems and networks.
  • Good understanding of zero-trust principles, network segmentation, firewall policy optimisation, identity and access management (IAM), and encryption.
  • Experience with vulnerability management, SIEM integration, logging, and incident response in on-prem setups.
  • Familiarity with TCP/IP networking fundamentals, the OSI model, routing protocols (BGP/OSPF), VPN technologies, and secure architecture design.
  • Practical experience implementing DevSecOps principles, including integrating security tools and controls into CI/CD pipelines, automating security checks, and collaborating across dev, sec, and ops teams.
  • Hands-on experience with the Elastic Stack (Elasticsearch, Kibana) and Elastic Security (SIEM, threat hunting, endpoint integration, dashboards/alerting) in on-premise deployments for log management, security analytics, and incident response.
  • Security Clearance: Must have UK government security clearance, minimum SC, with the requirement to go through DV.
  • Right to work in the UK and ability to pass background checks.

Desirable Skills & Certifications

  • Relevant certifications such as:
    • VMware Certified Professional – Network Virtualisation (VCP-NV) or Security
    • Palo Alto Networks Certified Network Security Engineer (PCNSE)
    • Cisco Certified Network Professional Security (CCNP Security) or CCIE Security
    • Certified Information Systems Security Professional (CISSP)
    • Microsoft Certified: Security, Compliance, and Identity Fundamentals (or equivalent)
  • Experience with endpoint detection and response (EDR), SIEM tools, IDS/IPS, or threat intelligence platforms.
  • Knowledge of Linux hardening, container security, or hybrid environments (though focus remains on-prem).
  • Experience in regulated sectors (e.g., government, finance, critical national infrastructure).


Sterling Computers Corporation (“Sterling”) is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to age, race, color, creed, religion, disability, medical condition, economic status or status with regard to public assistance, citizenship status, national or social or ethnic origin, past or present membership in the uniformed services, protected veteran status, sex, pregnancy, marital or civil union or domestic partnership status, family or parental status, sexual orientation, gender expression or identity, family medical history or genetic information, HIV status, political belief, or any other status or characteristic protected by applicable law.

Sterling Computers Corporation

Contact Details:

Sterling Computers Corporation Recruitment Team