Cyber Security Engineer in Edinburgh

At Aberdeen, our ambition is to be the UK's leading Wealth & Investments group. Strengthening talent and culture is one of our strategic priorities. We strive to make Aberdeen a great place to work so that we can attract and retain the industry's best talent.

Our people put our stakeholders at the heart of everything they do by helping us to make a positive difference to the lives of our clients, customers, colleagues, shareholders, and society. We are focused on growing our direct and advised wealth platforms and repositioning our specialist asset management business to meet client demand. We are committed to providing excellent client service, supported by leading technology and talent.

Aberdeen comprises three businesses, interactive investor (ii), Investments, and Adviser, each of which focuses on meeting and adapting to our clients' evolving needs:

• Interactive investor, the UK's second largest direct-to-consumer investment platform, enables individuals in the UK to plan, save, and invest in the way that works for them.
• Our Adviser business provides financial planning solutions and technology for UK financial advisers, enabling them to create value for their customers.
• Our Investments business is a specialist asset manager that focuses on areas where we have both strength and scale to capitalise on the key themes shaping the market, through either public markets or alternative asset classes.

About the Department: At Aberdeen, the Security, Resilience and Protection departments, the security of our customer assets and data is of paramount importance, especially within our changing digital world. Within our department, an exciting and challenging opportunity has arisen for an experienced and ambitious Security Engineer.

About the Role: This role represents a unique opportunity to contribute to the evolution of the cyber security engineering team and engage with teams across the enterprise to develop a best-in-class engineering function using emerging technologies and innovative working practices. Advancing a team culture that promotes learning, creativity and supportive collaboration provides an environment where new approaches, innovative thinking and commitment will allow you to deliver high quality outputs.

Reporting to the Cyber Security Engineering Manager, you will be responsible for designing, implementing and maintaining our next-generation detection and log management platforms. This role sits at the intersection of SIEM engineering, cloud security, and advanced log pipeline management, ensuring that our enterprise maintains world-class detection fidelity, threat visibility and compliance across diverse environments.

You will help us deliver improvements across several of our cyber security domains including Security Data & Analytics, Security Automation, Incident Response and Threat Detection. Additionally, you will work closely with our Cyber Security Operation Centre, wider security functions, specialist 3rd party security suppliers and our global IT and business teams.

Key Responsibilities:

• SIEM engineering & Operations: Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response.
• Perform log source onboarding, parsing, and data normalisation on various data types.
• Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations.
• Log Management & Data Engineering: Engineer and maintain log pipelines using Cribl to optimise ingestion, filtering, routing and replay.
• Ability to work confidently on intelligent log transformation, data enrichment and routing strategies.
• Architect scalable solutions for log archival, data rehydration and compliance-driven retention.
• Cloud Security: Leverage Azure-native security services such as Microsoft Defender XDR, Defender for Cloud, Azure Monitor and Azure AD.
• Implement security monitoring, alerting and automation across Azure logging and IaaS/PaaS/SaaS workloads.
• Integrate Azure EventHubs, Log Analytics and a strong knowledge of Kusto Query Language (KQL) as well as Splunk Processing Language (SPL) to optimise data pipelines and detection engineering.

About the Candidate:

• Understanding of microservices architecture, Azure Logic Apps and DevSecOps.
• Contribute to security architecture reviews and risk assessments.
• Experience with ITSM tools such as Jira or ServiceNow for workflow, incident and change management.
• Implement CI/CD practices for security content deployment and configuration management.
• Knowledge of one or more scripting languages with experience in developing automation playbooks, scripts that interact with APIs and parsers for data engines.
• Industry recognised certifications such as SC-200, SC-100, AZ-500, Certified Splunk Admin/Architect, PCSAE, CISSP, CEH or equivalent.
• Experience of working with globally dispersed teams.

We are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to one of our UK roles under the Disability Confident Scheme, please notify us by completing the relevant section in our candidate questionnaire. One of our team will reach out to support you through your application process.

Our benefits: There's more to working life than coming home with a good salary. We have an environment where you can learn, get involved and be supported. When you join us, your reward will be one of the best around. This includes 40 days' annual leave, a 16% employer pension contribution, a discretionary performance-based bonus (where applicable), private healthcare and a range of flexible benefits - including gym discounts, season ticket loans and access to an employee discount portal.

An inclusive way of working: Whatever way you like to work, if you have the talent and commitment to join our team, we'd like to hear from you. At Aberdeen we've adopted a 'blended working' approach. This approach combines the benefits of face-to-face collaboration, coaching and connecting in our offices with the flexibility of working from home. It enables colleagues to find a balance that works for their roles, their teams, our clients and our business.

An inclusive culture, where diverse perspectives drive our actions, is at the core of who we are and what we do. If you need assistance with your application, or a reasonable adjustment to your interview arrangements - for example, because you are neurodivergent, or have a physical, sensory, cognitive, mental, visible or invisible disability - please let us know and we'll be happy to help.

We're committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment. We define diversity in its broadest sense - this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance. We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.

If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.