Cyber Security Engineer

Posted 1 day 4 hours ago by Limelight Health

Permanent
Full Time
Other
Midlothian, Edinburgh, United Kingdom, EH120
Job Description
Job Description

Role Title: Cyber Security Engineer

Role Type: Permanent

Location: Edinburgh (with blended home working)

Responsibilities
  • Design, deploy and manage the next-generation detection and log management platforms including SIEM, log ingestion pipelines and cloud security monitoring tools.
  • Develop advanced detection rules, correlation searches and playbooks to improve threat detection and response.
  • Onboard and normalize log sources, perform data parsing and maintain SIEM alerting to support SOC operations.
  • Engineer and maintain log pipelines using Cribl for optimal ingestion, filtering, routing and replay.
  • Architect scalable solutions for log archival, rehydration and compliance-driven retention.
  • Implement security monitoring, alerting and automation across Azure workloads using Microsoft Defender XDR, Defender for Cloud, Azure Monitor, Azure AD, Azure EventHubs, Log Analytics and Kusto Query Language.
  • Build security automation playbooks and integrations for SOAR tools.
  • Govern SOC architecture, develop interface definitions, security guidelines and collaborate with the Cyber Security Operation Centre and other security functions.
  • Participate in incident response, contributing to the Cyber Security Incident Response Team for cyber incidents.
Qualifications & Experience
  • Demonstrable experience in cyber security engineering, SIEM engineering, or related roles.
  • Deep understanding of SIEM, log ingestion, SOAR, AV, CSPM, EDR/XDR, and cloud security technologies.
  • Experience developing and maintaining SIEM alerts, detection rules, log pipeline architecture, and log pipelines.
  • Strong knowledge of Azure-native security services and Azure monitoring stack (Defender, Monitor, AD, EventHubs, Log Analytics, KQL).
  • Proficiency in writing queries in Kusto Query Language (KQL) or Splunk Processing Language (SPL).
Preferred (Not Required)
  • Understanding of microservices architecture, Azure Logic Apps and DevSecOps practices.
  • Experience with security architecture reviews and risk assessments.
  • Experience with ITSM tools such as Jira or ServiceNow.
  • Experience with CI/CD for security content deployment and configuration management.
  • Knowledge of scripting languages for automation and API integration.
  • Industry recognised certifications (SC-200, SC-100, AZ-500, Splunk, PCSAE, CISSP, CEH).
  • Experience working with globally dispersed teams.
Benefits
  • 40 days annual leave.
  • 16% employer pension contribution.
  • Discretionary performance based bonus where applicable.
  • Private healthcare.
  • Flexible benefits including gym discounts, season ticket loans and employee discount portal access.
Equal Opportunities

Aberdeen is a Disability Confident Committed employer. All applicants, including those with a disability, are encouraged to apply. The employer is committed to providing an inclusive workplace free from unfair or unlawful treatment and values diversity across all backgrounds and identities.