Job Description

Information Security Engineer

Location: Old Trafford Stadium

At Manchester United, we believe that excellence on the pitch starts with excellence off the pitch. Our team thrives in a high-performance environment, united by a shared passion for success. We aim to elevate the standard of performance through collaboration and continuous growth, creating a space where everyone can contribute their best to our common goals.



We work together at our iconic Manchester United offices, enabling connection and innovation as we look ahead to what we can achieve as a global football club. We are excited to bring in passionate people who share our vision and drive for success.

The Role:

We are looking for a highly skilled Information Security Engineer with deep technical expertise in security tooling across both on-premise and cloud environments. You will lead threat detection, incident response, and security architecture efforts within a hybrid environment. This is a highly technical engineering role, where you'll be hands-on developing and maintaining our security operations tooling.

Key Responsibilities:

Security Infrastructure & Engineering

Architect, implement, and manage security technologies including: + SIEM (Sentinel)
+ Microsoft Defender suite (Cloud, Endpoint and Identity), Microsoft Sentinel, Purview and Azure infrastructure (including RBAC, PIM, NSGs and identity protections).
+ Firewalls, IDS/IPS, WAF, VPN, and network segmentation solutions
+ Cloud-native security controls (Azure Defender CSPM, AWS Security Hub / GuardDuty)
Design and implement advanced monitoring, logging, and alerting pipelines. Design and enforce endpoint security baselines for Windows, macOS, Linux, and mobile devices. Configure and manage Microsoft Intune for: + Device compliance policies
+ Conditional Access enforcement
+ Application control and deployment
+ Mobile Device Management (MDM) and Mobile Application Management (MAM)
Build and maintain security automation (SOAR playbooks, custom scripts, integrations). Experience with DevSecOps, container security, and CI/CD pipeline integration. Implement hardening standards across OS, cloud, and applications (e.g. CIS benchmarks. Maintain secure on-premise network architectures including segmentation, access control, and perimeter defence.

Threat and Vulnerability Detection & Response

Lead security incident detection, investigation, and response activities alongside the SOC. Lead the implementation and tuning of Microsoft Sentinel: build KQL queries, implement custom rules, conduct threat hunting, workbooks, design and automate playbooks using Logic Apps. Perform root cause analysis and post-incident reviews to continuously improve our defences. Run vulnerability scans, prioritize based on risk, and drive remediation efforts. Research and test emerging threats, zero-days, and exploit mitigations.

Cloud & DevSecOps Security

Implement security controls in CI/CD pipelines (SAST, DAST, container scanning) Enforce security baselines in Azure and/or AWS (IAM, key management, encryption, logging) Threat Intelligence - analyse potential threats, identify vulnerabilities, and implement measures to mitigate risks

Other

Provide technical expertise to projects and advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected Collaborate with other teams to ensure compliance with internal security policies and external regulations (e.g., ISO 27001, PCI-DSS, NIST, GDPR)

Skills & Experiences:

Required Experience and Qualities

5+ years hands-on experience in cybersecurity roles (ideally with a background in Infrastructure) Strong experience with Microsoft Sentinel: rule creation, threat hunting, workbooks, and automation In-depth knowledge of network security, including principles such as zero trust and network security tooling such as Netskope In-depth knowledge of Microsoft Defender suite (for Endpoint, Identity, Cloud, etc) Ideally, knowledge of AWS security stack would be including GuardDuty, CloudWatch and SecurityHub Familiarity with industry frameworks: MITRE ATT&CK, NIST, CIS benchmark, PCI-DSS Excellent incident responder with a passion for problem-solving Strong sense of ownership, able to independently drive engineering projects Always learning, keeping up-to-date with latest tools, exploits, and defence strategies Able to advise on the delivery of new tooling or processes and ensure that new technologies are sufficiently secure and protected

Preferred Certifications

Microsoft Certified: Cybersecurity Architect Expert (SC-100) Microsoft Certified: Security Operations Analyst Associate (SC-200) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Cybersecurity certifications, such as CompTIA Security+, CISSP

What We Offer:

At Manchester United, we recognise that our people are at the heart of our success. That's why we offer a range of rewards designed to support your professional and personal well-being:

Annual incentive scheme

Wellness Support

with access to mental health resources, digital health checks, and & nutritionists through Aviva Digicare+ Workplace

Exclusive Discounts

through our United Rewards platform, giving you access to exclusive deals from the club and partners

Gym Facilities

in our onsite locations and opportunities for regular social events and team-building activities

Enhanced family Leave Benefits

and an opportunity to purchase additional holiday days

Enhanced Career Development

with access to professional learning platforms like LinkedIn Learning, and internal training programs

A Supportive Work Environment

that values diversity, equity and inclusion, and individual growth

Our Commitment to You:

At Manchester United, we believe that a diverse and inclusive environment makes us stronger. We are committed to building a team where everyone feels welcomed, valued, and empowered to contribute their unique perspectives. Diversity, equity and inclusion are at the core of our recruitment strategy, and we welcome applicants from all backgrounds.

Ready to Join Us?

If this sounds like the perfect role for you, please submit your application by Tuesday 23rd December. Please allow us slightly more time to respond during the Christmas period

Manchester United is committed to safeguarding children and vulnerable adults, and as part of this commitment, all candidates will undergo a Disclosure and Barring Service check and reference checks.

If you need any adjustments to help you perform at your best during the recruitment process, please feel free to contact us, and we will be happy to discuss them with you.

It is unlawful to employ a person in a UK-based job who does not have permission to live and work in the UK. You should make yourself aware of how immigration laws apply to you before applying for any of our roles.