Cyber Security Engineer

Cyber Security Engineer.

Location: #Edinburgh.
Salary: Competitive.
Employer: abrdn plc.

Responsibilities:
• Development of advanced detection rules, correlation searches, and playbooks to improve threat detection and response;
• Perform log source onboarding, parsing, and data normalisation on various data types;
• Experience with design, development, configuration and maintenance of SIEM alerts to support our SOC Operations;
• Engineer and maintain log pipelines using Cribl to optimise ingestion, filtering, routing and replay;
• Ability to work confidently on intelligent log transformation, data enrichment and routing strategies;
• Architect scalable solutions for log archival, data rehydration and compliance-driven retention;
• Leverage Azure-native security services such as Microsoft Defender XDR, Defender for Cloud, Azure Monitor and Azure AD;
• Implement security monitoring, alerting and automation across Azure logging and IaaS/PaaS/SaaS workloads;
• Integrate Azure EventHubs, Log Analytics and a strong knowledge of Kusto Query Language (KQL) as well as Splunk Processing Language (SPL) to optimise data pipelines and detection engineering.

Requirements:
• Understanding of microservices architecture, Azure Logic Apps and DevSecOps;
• Contribute to security architecture reviews and risk assessments;
• Experience with ITSM tools such as Jira or ServiceNow for workflow, incident and change management;
• Implement CI/CD practices for security content deployment and configuration management;
• Knowledge of one or more scripting languages with experience in developing automation playbooks, scripts that interact with APIs and parsers for data engines;
• Industry recognised certifications such as SC-200, SC-100, AZ-500, Certified Splunk Admin/Architect, PCSAE, CISSP, CEH or equivalent;
• Experience of working with globally dispersed teams.

⚡ Показать контакты

#Офис #ИБ