Security & Infrastructure Engineer

Sterling Computers Corporation
Stretford, United Kingdom
4 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Remote
Stretford, United Kingdom

Tech stack

Kubernetes Security
Microsoft Active Directory
Amazon Web Services (AWS)
Azure
BASIC (Programming Language)
Border Gateway Protocol
Configuration Management
Elasticsearch
Identity and Access Management
Intrusion Detection and Prevention
Intrusion Detection Systems
Virtual Private Networks (VPN)
OSI Models
Information Systems Security Architecture Professional
Network Security
Microsoft Software
Windows Server
Routing
Network Segmentation
Network Virtualization
Open Shortest Path First
Remote Access Technology
Zero Trust Network Access
Security Information and Event Management
Systems Integration
VCloud
VMware Infrastructure
Virtualization Technology
Software Vulnerability Management
Data Logging
Google Cloud Platform
Computer Network Technologies
Cyber Threat Analysis
HybridCloud
Firewalls (Computer Science)
Cybercrime
Palo Alto Networks
CIS Benchmarks
Kibana
Devsecops
Cisco networks
Vulnerability Analysis
VMware

Job description

About the Role: We are looking for a motivated and hands-on Security & Infrastructure Engineer to join our team and help secure our critical platforms across both on-premise VMware environments and hybrid cloud infrastructure (VMware Cloud Foundation, AWS, Azure, and GCP).

This is a technical, execution-focused role where you will implement, configure, monitor, and maintain security controls while gaining valuable experience with advanced technologies such as VMware NSX, vDefend, Palo Alto Networks, and major public cloud platforms. You will work closely with senior engineers to support security hardening, compliance, logging, and incident response in a high-security, regulated environment.

This is an excellent opportunity for someone with solid foundational experience who wants to grow their skills across traditional on-premise security and modern hybrid cloud environments. This is a full-time fixed-term role requiring 5 days per week on-site (no remote or hybrid options). Occasional UK travel may be required. Security Clearance Required: Secret Clearance at a minimum. Willing to attain Developed Vetting.

Key Responsibilities

  • Implement and maintain security controls across on-premise VMware infrastructure, with a focus on network and workload segmentation.
  • Ability to lead the configuration and optimisation of VMware NSX (Distributed Firewall policies and micro-segmentation) and VMware vDefend to support zero-trust principles and reduce lateral movement risk.
  • Help manage and tune Palo Alto Networks next-generation firewalls (policy creation, App-ID/User-ID, threat prevention profiles, NAT, and VPN configuration).
  • Support the hardening of Windows Server environments and Microsoft technologies (Active Directory, Group Policy) in line with security best practices and CIS Benchmarks.
  • Contribute to security monitoring and visibility by working with the Elastic Stack (Elasticsearch, Kibana, Beats) and Elastic Security for log collection, dashboards, alerting, and basic threat detection.
  • Assist with security tasks across hybrid cloud environments, including:
  • Basic security configuration and monitoring in VMware Cloud Foundation (VCF).
  • Supporting security controls in AWS, Azure, and GCP (e.g. IAM policies, security groups, network ACLs, logging, and basic compliance checks).
  • Help maintain secure hybrid connectivity between on-prem and cloud environments.
  • Apply CIS Benchmarks, STIGs, and other hardening standards across systems and networks, and support remediation activities.
  • Drive security monitoring, incident response, and basic root cause analysis.
  • Embed security into operational processes and support DevSecOps practices by assisting with vulnerability scanning, configuration management, and automation where appropriate.
  • Collaborate with vendors, auditors, and internal teams to ensure compliance with regulatory and organisational requirements.
  • Maintain documentation and contribute to security reporting and compliance activities.

Requirements

Do you have experience in Virtualization?, * 3-6 years of hands-on experience in cybersecurity engineering, focused on on-premise enterprise environments.

  • Proven expertise in VMware NSX (micro-segmentation, DFW policies, integration) and VMware vDefend (Distributed Firewall, advanced threat prevention).
  • Strong experience designing and managing Palo Alto Networks firewalls (NGFW, Panorama, threat prevention, GlobalProtect).
  • Experience with Cisco security/networking technologies (secure routing/switching).
  • Extensive experience securing Windows environments (Server, Active Directory, Group Policy Objects, endpoint hardening).
  • Familiarity with CIS Benchmarks and their practical application to harden systems and networks.
  • Good understanding of zero-trust principles, network segmentation, firewall policy optimisation, identity and access management (IAM), and encryption.
  • Experience with vulnerability management, SIEM integration, logging, and incident response in on-prem setups.
  • Familiarity with TCP/IP networking fundamentals, the OSI model, routing protocols (BGP/OSPF), VPN technologies, and secure architecture design.
  • Practical experience implementing DevSecOps principles, including integrating security tools and controls into CI/CD pipelines, automating security checks, and collaborating across dev, sec, and ops teams.
  • Hands-on experience with the Elastic Stack (Elasticsearch, Kibana) and Elastic Security (SIEM, threat hunting, endpoint integration, dashboards/alerting) in on-premise deployments for log management, security analytics, and incident response.
  • Security Clearance: Must have UK government security clearance, minimum SC, with the requirement to go through DV.
  • Right to work in the UK and ability to pass background checks.

Desirable Skills & Certifications

  • Relevant certifications such as:
  • VMware Certified Professional - Network Virtualisation (VCP-NV) or Security
  • Palo Alto Networks Certified Network Security Engineer (PCNSE)
  • Cisco Certified Network Professional Security (CCNP Security) or CCIE Security
  • Certified Information Systems Security Professional (CISSP)
  • Microsoft Certified: Security, Compliance, and Identity Fundamentals (or equivalent)
  • Experience with endpoint detection and response (EDR), SIEM tools, IDS/IPS, or threat intelligence platforms.
  • Knowledge of Linux hardening, container security, or hybrid environments (though focus remains on-prem).
  • Experience in regulated sectors (e.g., government, finance, critical national infrastructure).

Apply for this position