Security Infrastructure Engineer

As a Security Infrastructure Engineer at Elysium Healthcare, you will play a critical role in embedding infrastructure-level security controls across the organization. You will work closely with the IT Infrastructure and Cloud teams to ensure secure configuration, patching, and hardening of platforms including Windows, Linux, Active Directory, virtualization, and cloud environments.

The Security Infrastructure Engineer will be responsible for developing and maintaining secure configuration baselines, enforcing patch compliance, and embedding preventative controls into day-to-day operations. You will lead the organization's vulnerability assessment process, including the use of scanning tools, interpretation of technical findings, and coordination of remediation activities. Additionally, you will provide expert input on design proposals, technical change requests, and infrastructure uplift programmes to ensure they meet internal security policies and align with frameworks such as NIST CSF and the NHS DSPT.

Elysium Healthcare is an established, stable, and agile company with over 8,000 employees. They have a unique approach to the delivery of care, with a network of over 90 services across England and Wales covering Mental Health, Neurological, Learning Disabilities & Autism, and Children & Education. Elysium Healthcare is part of Ramsay Health Care, a global network that extends across 10 countries and employs over 86,000 people globally.

Do you have experience working in a platform security or infrastructure engineering role with security responsibilities? If so, join Elysium Healthcare as the Security Infrastructure Engineer.

You willplay a critical role in embedding infrastructure-level security controls across the organisation. Working in close partnership with the IT Infrastructure and Cloud teams, you will ensure secure configuration, patching, and hardening of platforms including Windows, Linux, Active Directory, virtualisation, and cloud environments.

Working 37.5 hours a week, you will be responsible for developing and maintaining secure configuration baselines (e.g. CIS Benchmarks), enforcing patch compliance, and embedding preventative controls into day-to-day operations. You have the opportunity to lead the Elysium’s vulnerability assessment process — including the use of scanning tools, interpretation of technical findings, and coordination of remediation activities with relevant teams. This will ensure timely resolution of risks and contributes to ongoing reporting on technical risk posture.

As the designated Information Security representative in the Technical Design Authority (TDA), you will review infrastructure and platform changes to ensure they meet internal security policies and align with frameworks such as NIST CSF and the NHS DSPT. This includes providing expert input on design proposals, technical change requests, and infrastructure uplift programmes.

In addition, this role supports internal projects (e.g. cloud security improvements, hardening programmes) and assists in the integration of security tooling into infrastructure platforms — ensuring consistent, resilient control coverage across the technology environment.

As a Security Infrastructure Engineer, you will be:

• Leading the development and maintenance of secure configuration standards
• Collaborating with Infrastructure on secure build and patch management
• Defining, monitoring, and reporting on configuration compliance across systems.
• Participating in TDA and change governance processes to assess security impact of technical proposals.
• Documenting security requirements for infrastructure projects or tooling deployments.
• Coordinating remediation of technical security risks (e.g. configuration drift, patch backlog).
• Working with operations teams to prioritise and resolve infrastructure issues.
• Supporting the integration of security tooling into infrastructure platforms (e.g. log agents, AV/EDR, config enforcement).
• Providing input into IT operational documentation (e.g. build guides, SOPs) from a security perspective.

To be successful in this role, you will have:

• Experience working in a platform security or infrastructure engineering role with security responsibilities.
• Hands-on experience with server hardening, patching regimes, and baseline enforcement.
• Experience supporting infrastructure change or design assessments from a security perspective.
• Experience managing or contributing to vulnerability assessment and remediation.
• Experience working within regulated environments (e.g. NHS DSPT, ISO 27001, CE+).
• Deep understanding of infrastructure security, including system hardening, patching, and baseline configuration.
• Familiarity with hardening standards (e.g. CIS Benchmarks) and technical risk mitigation strategies.
• Good knowledge of configuration compliance and enforcement tools
• Good knowledge of Windows Server, Active Directory, and virtualised platforms; Linux and cloud security (Azure)
• Understanding of infrastructure design patterns and ability to assess security implications.
• Familiarity with change governance and architecture review processes (e.g. TDA, CAB).
• Able to translate security requirements into practical implementation guidance.
• Competent in security documentation, technical design review, and risk articulation

What you will get:

• The equivalent of 33 days annual leave Pro Rata (inc Bank Holidays) – plus your birthday off!
• Free meals and parking
• Wellbeing support and activities to help you maintain a great work-life balance.
• 24 hour GP Service to ensure you are the best you can be
• Career development and trainingto help youachieve your career goals.
• Pension contribution to secure your future.
• Life Assurance for added peace of mind.
• Enhanced Maternity Packageso you can truly enjoy this special time.

There is also a range of other benefits including retail discounts, special offers and much more.

About your next employer:

You will be working for an established, stable and agile company with over 8,000 employees and a unique approach to the delivery of care. With a network of over 90 services across England and Wales covering Mental Health, Neurological, Learning Disabilities & Autism, Children & Education, there is opportunity for you to grow and move.

Elysium Healthcare is part of Ramsay Health Care with a global network that extends across 10 countries and employs over 86,000 people globally.

Elysium Healthcare follows safer recruitment of staff for all appointments and is a Disability Confident employer, committed to inclusive and accessible recruitment. It is a requirement that all staff understand it is each person’s individual responsibility to promote and safeguard the welfare of service users. All candidates will be subject to a DBS disclosure.

• You will have experience working in a platform security or infrastructure engineering role with security responsibilities, hands-on experience with server hardening, patching regimes, and baseline enforcement, and experience supporting infrastructure change or design assessments from a security perspective. You will also have a deep understanding of infrastructure security, familiarity with hardening standards and technical risk mitigation strategies, and good knowledge of Windows Server, Active Directory, virtualized platforms, Linux, and cloud security.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

Depending on experienceSalary expectations will be discussed at interview stage.