Cyber Security Engineer

6d6 days ago

abrdn

Edinburgh, GB · Full-time · £50,000 – £75,000

About this role

At abrdn, our ambition is to be the UK’s leading Wealth & Investments group. The Security, Resilience and Protection departments prioritise the security of customer assets and data in a changing digital world. An exciting opportunity exists for an experienced and ambitious Security Engineer.

This role contributes to the evolution of the cyber security engineering team, engaging teams across the enterprise to develop a best-in-class engineering function. It focuses on designing, implementing and maintaining next-generation detection and log management platforms at the intersection of SIEM engineering, cloud security, and advanced log pipeline management.

Reporting to the Cyber Security Engineering Manager, you will deliver improvements across Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Collaborate closely with the Cyber Security Operation Centre, wider security functions, specialist 3rd party suppliers and global IT and business teams.

Advance a team culture promoting learning, creativity and supportive collaboration. This environment encourages new approaches, innovative thinking and commitment to deliver high quality outputs using emerging technologies and innovative working practices.

Requirements

Experience with SIEM engineering and operations
Proficiency in developing advanced detection rules, correlation searches, and playbooks
Skills in log source onboarding, parsing, and data normalisation
Knowledge of designing, developing, configuring and maintaining SIEM alerts
Expertise in engineering log pipelines using Cribl for ingestion, filtering, routing and replay
Ability to perform intelligent log transformation, data enrichment and routing strategies
Familiarity with cloud security and advanced log pipeline management

Responsibilities

Design, implement and maintain next-generation detection and log management platforms
Develop advanced detection rules, correlation searches, and playbooks to improve threat detection and response
Perform log source onboarding, parsing, and data normalisation on various data types
Design, develop, configure and maintain SIEM alerts to support SOC Operations
Engineer and maintain log pipelines using Cribl to optimise ingestion, filtering, routing and replay
Implement intelligent log transformation, data enrichment and routing strategies
Deliver improvements across Security Data & Analytics, Security Automation, Incident Response and Threat Detection

Benefits

Contribute to evolving cyber security engineering team with emerging technologies
Engage with teams across the enterprise including SOC and global IT
Promote learning, creativity and supportive collaboration in team culture
Work on world-class detection fidelity, threat visibility and compliance