aidanmclaughlin

Detection engineer. Finserv → Big Tech → Startup.

Building detection systems since 2018. Now trying to fix alert fatigue with ML.

Glasgow, Scotland LinkedIn
About

The short version

I've spent the last 7 years building detection systems, breaking things, and figuring out how security actually works in the real world.

Currently Lead Detection Engineer at Alpha Level, where we're using ML to solve the alert fatigue problem that's been annoying SOC analysts for decades. Before that: Principal Security Engineer at Oracle, SIEM Engineer at Lloyds Banking Group, and consulting stints across government, legal, and financial services.

I started this site to write about security, careers, and the stuff I wish someone had told me earlier.

Currently

What I'm working on

Alpha Level

Building ML that cuts SOC alert volumes by up to 87% without missing real threats. We're trying to fix the thing every security team complains about.

alphalevel.ai →

SOCurity

My consulting practice. Detection engineering, security training, and architecture work.

socurity.io →

Writing

Occasional posts on detection engineering, career stuff, and things I find interesting. No schedule, no newsletter spam.

Read below →
Journey

How I got here

2025 → Now
Lead Detection Engineer @ Alpha Level
Decided to fix the alert fatigue problem instead of just complaining about it. Building ML that actually helps SOC analysts.
2025
Principal Security Engineer @ Oracle
Promoted from Senior. Led incident response for global cloud infrastructure. Reviewed and redesigned 200+ detection rules across Oracle Security Operations.
2023
Senior Security Engineer @ Oracle
Joined Oracle Cloud Infrastructure. Architected security logging service across 100+ servers. Built Python automation tools adopted enterprise-wide.
2022
SIEM Engineer @ Advania Group
Built SIEM engineering function from zero. Reduced false positives 22%, saved 1,100+ analyst hours through automation.
2018 → 2022
SIEM Engineer @ Lloyds Banking Group
Started at 17. Built their first cloud-native SIEM on GCP. Managed 1000+ detection configurations. Resolved 30% of all engineering tickets in a 20-person team.
Writing

Things I've written

I write occasionally about detection engineering, careers in security, and things I find interesting.

Or subscribe on Substack

Connect

Let's talk

For security professionals

Trying to break into security, get unstuck, or figure out the jump to senior roles? I occasionally do mentoring and career coaching.

Book a call

For companies

Need help with detection engineering, security training, or architecture work? That's what SOCurity is for.

Visit SOCurity →