Security Operations Centre (SOC) Analyst

Security Operations Centre (SOC) Analyst

Permanent

Location: Edinburgh (For roles with Aegon Enterprise Technology, office attendance will generally be required periodically, and more details will be discussed during your interview process with our hiring managers)

Salary: A competitive salary from £35,840 - £44,800 depending on the experience you can bring

Working Hours: This role requires non-standard working hours (2:00 PM - 10:00 PM) to effectively collaborate with global teams across multiple time zones.

Closing date: 20 November 2025

Global Technology Services (GTS) is Aegon’s global IT partner that provides infrastructure services, information security and global/corporate application support for Aegon’s businesses around the world.

From 6 locations in the US, the Netherlands, UK, and Hungary, we support 20+ country units and 24000+ employees in the world. Our support consists of a wide range of centralized global IT services such as programming, database management, project management, agile/dev/ops, and more.

We continue to maximize the value from having a clear digital and data technology platform strategy that extends our ecosystem, as an approach to digitization, enhancing customer experience, and improving operational efficiency.

All these teams work closely together to provide innovative and digital solutions as well as critical technology support. This is essential for enabling Aegon’s businesses around the globe to be innovative, digital, and competitive, efficient, and effective, and to provide the best solutions and customer experience for our customers and shareholders.

This dynamic role requires broad understanding of cyber security principles, investigation techniques, and incident response practices to support Aegon’s Security Operations Centre (SOC) team and is responsible for responding to security alerts and triage as well as participate in the full incident response lifecycle.

This role is responsible for collaborating with multiple teams and stakeholders to review security alerts. SOC team members routinely participate in threat hunts, purple team exercises and declared incident response.

• Responding to security alerts from SIEM, automation platforms, security controls and other teams to find relevant connections and triage security events.
• Reviewing and analysing forensic and cyber security event data related to security events.
• Coordinate cross functional cyber security and incident response events
• Ability to work on projects for ISS, either as a primary or supporting role
• Threat intelligence correlation to reveal and enrich understanding of threat vectors, attack processes, fraud actors, and malicious cyber behaviour.
• Assisting the threat intelligence function with open-source threat research and analysis.
• Development and distribution of root cause analyses; to gain shared understanding and agreement on attack, containment, remediation steps, process changes and technical control implementations.
• Working with business leaders and client management organizations to explain and level set security event issues and concepts.

• Experienced in conducting or leading security event triage, incident response activities or cyber investigations
• Experience with one or more of the following cyber security domain areas: Incident response and management, application awareness, identity awareness, identity and access management, Data handling and classification, web application firewalls, next gen firewalls, network zoning and segmentation, cyber resiliency, secure coding, fraud investigation and response, multi-factor authentication, identity and access management, DLP, forensics, security within SDLC
• Real-world experience in Enterprise Detection and Response (EDR) from monitoring and response to custom building rules.
• Must be able to work independently and make quick decisions based on available information
• Ability to define and communicate complex technical risk problems, concepts and situations to multiple skill levels; including business personnel with little to no cyber experience

• We’re serious about your future and our enhanced pension scheme is now in place. We ask you to contribute 3% of your salary to your pension and we’ll put in 9%. If you decide to contribute more, we’ll match it up to a combined total of 20% of your salary (that’s 7% from you and 13% from us).
• A discretionary bonus, depending on personal and company performance
• 34 days leave per year (including bank holidays, pro‑rated for part‑time)

We also offer private medical cover, life assurance, critical illness cover, enhanced parental leave and a variety of lifestyle benefits to help our employees live their best lives, including retail discount vouchers, cycle2work scheme, subsidised restaurant and online GP appointments. To find out more about what to expect at Aegon, visit our careers site.

We’ll need you to confirm you have the right to work in the UK. If we offer you a job and you accept, there are some checks we need to complete before you can start with us. This will include a credit and criminal record check, as well as providing satisfactory references.

Cifas Short Fair Processing Notice

The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found by visiting www.cifas.org.uk/fpn.

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their age, disability, race, religion/belief, gender, sexual orientation or gender identity.