Cyber Security Engineer

Location: City of Edinburgh

View our cookie policy .
**** Job Description
**** At Aberdeen, our ambition is to be the UK’s leading Wealth & Investments group.

Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry’s best talent.

Our people put our stakeholders at the heart of everything they do by helping us to make a positive difference to the lives of our clients, customers, colleagues, shareholders, and society.

We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand. We are committed to providing excellent client service, supported by leading technology and talent.

Aberdeen comprises three businesses, interactive investor (ii), Investments, and Adviser, each of which focuses on meeting and adapting to our clients’ evolving needs:
* interactive investor, the UK’s second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save, and invest in the way that works for them.
* Our Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.
* Our Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on the key themes shaping the market, through either public markets or alternative asset classes.
** About the Department
** At Aberdeen the Security, Resilience and Protection departments the security of our customer assets and data is of paramount importance, especially within our changing digital world. Within our department, an exciting and challenging opportunity has arisen for an experienced and ambitious Security Engineer.
** About the Role
** This role represents a unique opportunity to contribute to the evolution of the cyber security engineering team and engage with teams across the enterprise to develop a best-in-class engineering function using emerging technologies and innovative working practices.  Advancing a team culture that promotes learning, creativity and supportive collaboration provides an environment where new approaches, innovative thinking and commitment will allow you to deliver high quality outputs.

Reporting to the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.

You will help us deliver improvements across several of our cyber security domains including Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams.
*
* Key Responsibilities:

**** SIEM engineering & Operations:
*** Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response
* Perform log source onboarding, parsing, and data normalisation on various data types
* Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations
** Log Management & Data Engineering:
*** Engineer and maintain log pipelines using Cribl to optimise ingestion, filtering, routing and replay
* Ability to work confidently on intelligent log transformation, data enrichment and routing strategies
* Architect scalable solutions for log archival, data rehydration and compliance-driven retention
** Cloud Security:
*** Leverage Azure-native security services such as Microsoft Defender XDR, Defender for Cloud, Azure Monitor and Azure AD
* Implement security monitoring, alerting and automation across Azure logging and IaaS/PaaS/SaaS workloads
* Integrate Azure Event Hubs, Log Analytics and a strong knowledge of Kusto Query Language (KQL) as well as…