aidanmclaughlin

Detection engineer. Finserv → Big Tech → Startup.

Building detection systems since 2018. Now trying to fix alert fatigue with ML.

Glasgow, Scotland LinkedIn
About

The short version

I've spent the last 7 years building detection systems, breaking, fixing, and figuring out how security actually works in the real world.

Currently Lead Detection Engineer at Alpha Level, where we're using machine learning to solve the alert fatigue problem that's been bothering SOC analysts for decades. Before that: Principal Security Engineer at Oracle, SIEM Engineer at Lloyds Banking Group, and consulting stints across government, legal, and financial services.

Currently

What I'm working on

Alpha Level

Building machine learning that cuts SOC alert volumes by up to 87% without missing real threats. We're fixing every security team's biggest problem.

alphalevel.ai →

SOCurity

My consulting practice. Detection engineering, security training, and architecture work.

socurity.io →

Writing

Posts about detection engineering, career advice, and my thoughts on current affairs in the security world.

Read below →
Journey

How did I get here?

Now
Lead Detection Engineer @ Alpha Level
I am currently building machine learning that actually helps SOC analysts, tackling the alert fatigue problem that's plagued security teams for years.
2025
Principal Security Engineer @ Oracle
Promoted from Senior. Led incident response for global cloud infrastructure. Reviewed and redesigned 200+ detection rules across Oracle Security Operations.
2023
Senior Security Engineer @ Oracle
Worked within Oracle Cloud Infrastructure. Architected security logging service across 100+ servers. Built Python automation tools adopted enterprise-wide.
2022
Founder @ SOCurity
Security consulting for organisations including NatWest, DLA Piper, Protiviti, and the Department for Education.
2022
SIEM Engineer @ Advania Group
Built a SIEM engineering function from scratch. Reduced false positives 22%, saved 1,100+ analyst hours through automation.
2018
SIEM Engineer @ Lloyds Banking Group
Started at 17. Built their first cloud-native SIEM on GCP. Managed 1000+ detection configurations. Resolved 30% of all engineering tickets in a 20-person team.
Writing

My Blog

I write occasionally about detection engineering, careers in security, and things I find interesting.

Or subscribe on Substack

Connect

Let's talk

For security professionals

Trying to break into security, get unstuck, or figure out the jump to senior roles? I occasionally do mentoring and career coaching.

Book a call

For companies

Need help with detection engineering, security training, or architecture work? That's what SOCurity is for.

Visit SOCurity →