Infrastructure Engineer (Security)
Role details
Job location
Tech stack
Job description
This is a hands-on technical role with cyber security as your primary focus. You will work closely with the Lead Infrastructure Engineer (Security) and wider Digital Services teams to design, implement, secure, and support our infrastructure across both on-premises and cloud environments.
You'll help strengthen GMCA's security posture through proactive engineering, operational security activities, and contribution to projects that modernise our technical landscape.
Your responsibilities will include:
- Implementing new infrastructure solutions to meet organisational requirements.
- Supporting and maintaining secure on-prem and cloud platforms.
- Responding to, owning, and configuring security alerts from multiple sources in line with risk and SLA.
- Supporting cyber incident response activities, including detection, containment, investigation, and recovery.
- Managing and improving endpoint security and detection capabilities, working alongside external MDR partners.
- Delivering effective vulnerability management and patching to reduce risk exposure and maintain compliance.
- Contributing to small, medium, and large infrastructure projects.
- Creating and maintaining technical documentation and knowledge base articles.
- Assisting with Disaster Recovery and Business Continuity testing.
- Liaising with suppliers, contractors, service providers, and partners to coordinate implementation and ongoing support.
While security is your primary responsibility, you'll also contribute more broadly to infrastructure projects and operational support as organisational needs dictate.
Requirements
You'll bring practical experience working in IT infrastructure, with a strong focus on cyber security. You're comfortable operating across both cloud and on-prem environments and enjoy working on a mix of operational security, engineering improvements, and project delivery.
You will have:
- Experience implementing, supporting, maintaining, and troubleshooting infrastructure with a security focus.
- Experience contributing to infrastructure projects (cloud and/or on-prem).
- A solid understanding of cyber security principles and best practices aligned to frameworks such as NCSC, NIST, and CAF.
- A general awareness of networking and firewall concepts.
You'll also have demonstrable experience with some of the following technologies:
- Microsoft Active Directory
- Microsoft Group Policy
- Microsoft Defender suite
- MDM (e.g. Microsoft Intune or similar)
- SIEM tools (e.g. Microsoft Sentinel or similar)
- Remote access solutions (e.g. Microsoft Bastion or similar)
- Microsoft Windows Update for Business
- Third-party patch management tools
- Vulnerability scanning tools (e.g. Tenable/Nessus or similar)
- Zero Trust endpoint protection
- Cyber security compliance and configuration assurance tooling
You'll be self-motivated, organised, and able to communicate technical concepts clearly to a wide range of stakeholders.
