Infrastructure Engineer (Security)

This is a hands-on technical role with cyber security as your primary focus. You will work closely with the Lead Infrastructure Engineer (Security) and wider Digital Services teams to design, implement, secure, and support our infrastructure across both on-premises and cloud environments.

You ll help strengthen GMCA s security posture through proactive engineering, operational security activities, and contribution to projects that modernise our technical landscape.

Your responsibilities will include:

• Implementing new infrastructure solutions to meet organisational requirements.
• Supporting and maintaining secure on-prem and cloud platforms.
• Responding to, owning, and configuring security alerts from multiple sources in line with risk and SLA.
• Supporting cyber incident response activities, including detection, containment, investigation, and recovery.
• Managing and improving endpoint security and detection capabilities, working alongside external MDR partners.
• Delivering effective vulnerability management and patching to reduce risk exposure and maintain compliance.
• Contributing to small, medium, and large infrastructure projects.
• Creating and maintaining technical documentation and knowledge base articles.
• Assisting with Disaster Recovery and Business Continuity testing.
• Liaising with suppliers, contractors, service providers, and partners to coordinate implementation and ongoing support.

While security is your primary responsibility, you ll also contribute more broadly to infrastructure projects and operational support as organisational needs dictate., The Digital Services team manages and supports Greater Manchester Combined Authority s ICT architecture.

We:

• Lead the Digital, Data and Technology function and strategy for GMCA
• Set and enforce standards for digital services, including data security
• Help the organisation choose the right technologies and solutions
• Provide guidance to ensure consistent, high-quality digital services
• Support North West Fire Control, which provides services to GMFRS, Cheshire, Lancashire, and Cumbria

We employ around 65 staff, working remotely and from GMFRS Headquarters in Swinton. We also support GMCA HQ at Churchgate House in Manchester, along with fire stations, training centres, and data centres across Greater Manchester.

GMCA offers flexible working arrangements, and GMFRS Headquarters includes an on-site gym., We embrace AI to enhance our operations and to innovate our services. However, we value human talent and are looking for passionate individuals to join our organisation. Please ensure you personally complete your application and read all the instructions carefully to maximise your chances of success., This role is part of GMCA s hybrid working scheme. As part of our commitment to Build Back Fairer in Greater Manchester following the Covid-19 pandemic, we have evolved our management methods by trusting and empowering staff to deliver their work in the best way that suits the business and their individual needs, and supports health and wellbeing. Our hybrid working policy sets out a flexible approach, combining attendance at our [Manchester city centre office / Fire and Rescue service HQ in Swinton / other location] with remote working, typically from home; the location of work is primarily dictated by the needs of the business: Do what is right for you and the business on that day . If appointed to the role you will work with your manager to agree and regularly review the best working pattern for you, your team and your work.

You ll bring practical experience working in IT infrastructure, with a strong focus on cyber security. You re comfortable operating across both cloud and on-prem environments and enjoy working on a mix of operational security, engineering improvements, and project delivery.

You will have:

• Experience implementing, supporting, maintaining, and troubleshooting infrastructure with a security focus.
• Experience contributing to infrastructure projects (cloud and/or on-prem).
• A solid understanding of cyber security principles and best practices aligned to frameworks such as NCSC, NIST, and CAF.
• A general awareness of networking and firewall concepts.

You ll also have demonstrable experience with some of the following technologies:

• Microsoft Active Directory
• Microsoft Group Policy
• Microsoft Defender suite
• MDM (e.g. Microsoft Intune or similar)
• SIEM tools (e.g. Microsoft Sentinel or similar)
• Remote access solutions (e.g. Microsoft Bastion or similar)
• Microsoft Windows Update for Business
• Third-party patch management tools
• Vulnerability scanning tools (e.g. Tenable/Nessus or similar)
• Zero Trust endpoint protection
• Cyber security compliance and configuration assurance tooling

You ll be self-motivated, organised, and able to communicate technical concepts clearly to a wide range of stakeholders.