Overview

Senior Cyber Security Analyst - Incident Response. Based in Edinburgh; reports to the Cyber Response Lead. Part of the Cyber Security Operations team, supporting escalated security alerts from L1 and L2 analysts and proactively developing and tuning detection rules.

Responsibilities

• Conduct thorough investigations to determine root cause, scope, and impact of security alerts escalated from L1 and L2 analysts.
• Monitor detection and response KPIs.
• Support detection rule management, implementing new rules and tuning out false positives.
• Maintain incident response plans and playbooks.
• Document incidents and response actions in detailed post-incident reports.
• Manage the Information Security Queue in relation to Cyber Response tickets.
• Coordinate with internal and external stakeholders (IT, business, audit) on security-related matters.
• Recommend and implement security posture improvements, collaborating with IT to ensure security measures are integrated into systems.

About The Candidate (Qualifications & Experience)

• Experience in Cyber Security, ideally within an international asset management or similar large organisations.
• Passion for security and ongoing self-development to keep up with evolving threats, vulnerabilities, technologies and service improvements.
• Ability to work in an international matrix organisation with complex and dynamic drivers.
• Comfortable with a fast-paced, multi-threaded working environment.
• Proficiency in Microsoft Security Stack, including Defender suite (MDE, MDO, MDA, MDI) and related identity protection technologies (Azure AD Identity Protection, Conditional Access).
• Proficiency with Microsoft Sentinel (SIEM/SOAR) for security monitoring, detection, and incident response. Practical experience configuring, tuning, and maintaining these solutions; analysing alerts and incidents; developing hunting queries (KQL); developing automation playbooks; and integrating with other security controls.
• Experience with non-Microsoft security tools (IDS/IPS, vulnerability scanners, web and email filtering, WAFs, DDoS protections, proxies, host-based protections, malware analysis engines).
• Good understanding of Cyber Detection and Response concepts such as the MITRE ATT&CK framework for mapping adversary behaviors and improving detection coverage.

Benefits & Inclusion

There’s more to working life than a good salary. We offer an environment to learn, get involved and be supported, with a competitive package including:

• 40 days of annual leave
• 16% employer pension contribution
• Discretionary performance-based bonus (where applicable)
• Private healthcare and flexible benefits (gym discounts, season ticket loans, employee discount portal)

We are a Disability Confident Committed employer. If you have a disability and would like to apply under the Disability Confident Scheme, please notify us in the candidate questionnaire so we can support you through the process.

Our Approach & Inclusion

Aberdeen is committed to an inclusive workplace where diverse perspectives drive our actions. We support a blended working approach combining office collaboration with flexible remote options. If you need assistance or an adjustment to interview arrangements for any reason (including neurodiversity or other disabilities), please let us know and we will help.

If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.