Security Engineer, Field Operations

SenseOnCybersecurity

Based in the United KingdomFull-TimeSenior

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

Experience: 3–6 years of experience
Required Skills: AWSDockerPythonElasticSearchGCPKubernetesMachine LearningAzureRESTful APIsLinuxTerraformNetworkingAnsible

3–6 years of experience in a technical cybersecurity role, ideally spanning Security Operations and an engineering or customer facing function.
Demonstrable software development capability, able to write, review, and deploy code in a production context.
Python is strongly preferred.
Proven ability to write and tune detection rules in one or more SIEM platforms (e.g. Splunk, Microsoft Sentinel, Elastic, QRadar).
Comfortable translating threat scenarios into detection logic and iterating on rule quality based on operational feedback.
Hands-on experience building and troubleshooting integrations with cloud platforms (AWS, Azure, or GCP), REST APIs, and common security tooling including SIEMs, EDRs, XDRs, and NDRs.
Strong understanding of networking fundamentals, operating systems (Windows and Linux), and identity and access management concepts.
Experience deploying or operating software in containerised environments (Docker, Kubernetes).
Excellent written and verbal communication skills, with the ability to engage credibly with both technical engineers and non-technical stakeholders up to C-level.

Lead end-to-end SenseOn platform deployments and complex log ingestion rollouts without customer disruption.
Conduct architectural reviews to define deployment strategies and identify integration opportunities.
Own the post-sale technical relationship into steady-state operations, delivering against technical success criteria tied to quantifiable security outcomes.
Provide the technical evidence base and build business cases for renewals and expansions.
Write production-quality software to build and maintain integrations across third-party security tools, SIEMs, identity platforms, and AWS, Azure, and GCP environments.
Write, tune, and maintain high-fidelity, low-noise SIEM detection rules by translating threat intelligence and attacker behaviour.
Develop deep relationships with customer security leadership, acting as a trusted adviser across their security architecture.
Partner with Sales Engineering on Proof of Value (POV) engagements, providing technical credibility to differentiate SenseOn.
Act as a direct conduit between the field and product teams, raising well-evidenced bugs, feature requests, and detection improvements.

View Full Description & ApplyYou'll be redirected to the employer's site