Senior Information Security Engineer
Location: In or Near Old Trafford Stadium
At Manchester United, we believe that excellence on the pitch starts with excellence off the pitch. Our team thrives in a high-performance environment, united by a shared passion for success. We aim to elevate the standard of performance through collaboration and continuous growth, creating a space where everyone can contribute their best to our common goals.
We work together at our iconic Manchester United offices, enabling connection and innovation as we look ahead to what we can achieve as a global football club. We are excited to bring in passionate people who share our vision and drive for success.
The Role:
We are looking for a highly skilled Senior Information Security Engineer with deep technical expertise in security tooling across both on-premise and cloud environments. You will lead threat detection, incident response, and security architecture efforts within a hybrid environment. This is a highly technical engineering role, where you’ll be hands-on developing and maintaining our security operations tooling.
Key Responsibilities:
Security Infrastructure & Engineering
1. Architect, implement, and manage security technologies including:SIEM (Sentinel)Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections). Firewalls, IDS/IPS, WAF, VPN, and network segmentation solutionsCloud-native security controls (Azure Defender CSPM, AWS Security Hub / GuardDuty)
2. Design and implement advanced monitoring, logging, and alerting pipelines.
3. Design and enforce endpoint security baselines for Windows, macOS, Linux, and mobile devices.
4. Configure and manage Microsoft Intune for:Device compliance policiesConditional Access enforcementApplication control and deploymentMobile Device Management (MDM) and Mobile Application Management (MAM)
5. Build and maintain security automation (SOAR playbooks, custom scripts, integrations).
6. Experience with DevSecOps, container security, and CI/CD pipeline integration.
7. Implement hardening standards across OS, cloud, and applications (e.g. CIS benchmarks.
8. Maintain secure on-premise network architectures including segmentation, access control, and perimeter defence.
Threat and Vulnerability Detection & Response
9. Lead security incident detection, investigation, and response activities alongside the SOC.
10. Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and automate playbooks using Logic Apps.
11. Perform root cause analysis and post-incident reviews to continuously improve our defences.
12. Run vulnerability scans, prioritize based on risk, and drive remediation efforts.
13. Research and test emerging threats, zero-days, and exploit mitigations.
Cloud & DevSecOps Security
14. Implement security controls in CI/CD pipelines (SAST, DAST, container scanning)
15. Enforce security baselines in Azure and/or AWS (IAM, key management, encryption, logging)
16. Threat Intelligence - analyse potential threats, identify vulnerabilities, and implement measures to mitigate risks
Other
17. Provide technical expertise to projects and advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected
18. Collaborate with other teams to ensure compliance with internal security policies and external regulations (e.g., ISO 27001, PCI-DSS, NIST, GDPR)
Skills & Experiences:
Required Experience and Qualities
19. 5+ years hands-on experience in cybersecurity roles (ideally with a background in Infrastructure)
20. Strong experience with Microsoft Sentinel: rule creation, threat hunting, workbooks, and automation
21. In-depth knowledge of network security, including principles such as zero trust and network security tooling such as Netskope
22. In-depth knowledge of Microsoft Defender suite (for Endpoint, Identity, Cloud, etc)
23. Ideally, knowledge of AWS security stack would be including GuardDuty, CloudWatch and SecurityHub
24. Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS benchmark, PCI-DSS
25. Excellent incident responder with a passion for problem-solving
26. Strong sense of ownership, able to independently drive engineering projects
27. Always learning, keeping up-to-date with latest tools, exploits, and defence strategies
28. Able to advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected
Preferred Certifications
29. Microsoft Certified: Cybersecurity Architect Expert (SC-100)
30. Microsoft Certified: Security Operations Analyst Associate (SC-200)
31. Microsoft Certified: Azure Security Engineer Associate (AZ-500)
32. Cybersecurity certifications, such as CompTIA Security+, CISSP
What We Offer:
At Manchester United, we recognise that our people are at the heart of our success. That’s why we offer a range of rewards designed to support your professional and personal well-being:
33. Annual incentive scheme
34. Wellness Support with access to mental health resources, digital health checks, and & nutritionists through Aviva Digicare+ Workplace
35. Exclusive Discounts through our United Rewards platform, giving you access to exclusive deals from the club and partners
36. Gym Facilities in our onsite locations and opportunities for regular social events and team-building activities
37. Enhanced family Leave Benefits and an opportunity to purchase additional holiday days
38. Enhanced Career Development with access to professional learning platforms like LinkedIn Learning, and internal training programs
39. A Supportive Work Environment that values diversity, equity and inclusion, and individual growth