A secure execution of offloaded tasks in the 5G-driven mobile edge computing (MEC) deployment is critical for all societal sectors. To realize it, mobile network operators have to intelligently orchestrate virtual resources in multiple cloud layers to satisfy 5G security requirements. In this article, we formulate a secure virtual machine management (VMM) mechanism using the semi-Markov decision process framework that seeks to jointly minimize the service rejection and the security risk, while meeting the location awareness requirements of latency-sensitive applications in a decentralized fashion. A new metric called mean security risk is proposed to quantify the perceived risk of an offloaded application considering the number of virtual machines (VMs) that is used to execute and to protect it. We also propose a new cost structure that allows for an efficient assessment of the long-term impact of providing additional VMs to foster security services. A comparison with an optimal security-unaware VMM mechanism shows that our model provides a less risky operation at the cost of an increase in service rejection, which is caused by the use of additional VMs to shield the computation task. Finally, we show that the cost of providing security services can be significantly reduced by fine-tuning the economic gains of it.