Security Engineer, Field Operations

SenseOn is looking for a Security Engineer to sit at the intersection of security engineering, software development, and customer success. This is one of the broadest and most impactful technical roles in the business, you will be the person who makes SenseOn work, in the real world, for real customers. You will embed directly with customers to deploy and configure the SenseOn platform, develop custom integrations, and ensure that every customer derives measurable security value as quickly as possible. You will own the technical outcome, supporting technical sales and working on technical delivery to enable SenseOn to be effective. This is not a pre-sales or demo role. You support both new business engagements and existing customer renewals, providing the technical depth to prove and quantify the value SenseOn delivers and ensuring that as deployments grow more complex with expanded log ingestion, customers always feel in safe hands. You will report to the VP of Technology and work closely with the Security Operations, Customer Success, Sales Engineering, and Product teams.

Location: UK

Travel: Approx 25% to customer sites

Experience: 3 to 6 years+

The Role in Detail

You will own the full technical lifecycle of a customer deployment, from initial architecture review through to live production, ongoing integration development, and long-term platform health. You will build cloud integrations. You will write and tune detection rules in SIEMs. You will debug customer environments. And you will ensure that every customer you touch becomes a SenseOn advocate. Your impact does not stop at deployment. As SenseOn’s log ingestion capability grows and deployments become more complex and wide ranging, you will work with the Customer Success team to build the technical business cases that win renewals and drive expansion bringing the same engineering rigour to proving value as you do to deploying it.

Responsibilities

• Customer Deployment & Technical Success: Lead end-to-end SenseOn platform deployments and complex log ingestion rollouts without customer disruption. Conduct architectural reviews to define deployment strategies and identify integration opportunities. Own the post-sale technical relationship into steady-state operations, delivering against technical success criteria tied to quantifiable security outcomes. Travel to UK and international customer sites approximately 25% of the time.
• Renewal Support & Customer Value Quantification: Provide the technical evidence base and build business cases for renewals and expansions, translating platform telemetry and incident response data into clear customer outcomes. Proactively health-check environments, close technical gaps, and resolve visibility issues ahead of renewal conversations. Collaborate with Sales Engineering to ensure continuity from pre-sale technical validation through to post-sale deployment.
• Software Development & Integration Engineering: Write production-quality software to build and maintain integrations across third-party security tools, SIEMs, identity platforms, and AWS, Azure, and GCP environments. Contribute reusable connectors to the SenseOn integration library and create custom automation to optimise security operations workflows. Work confidently across backend languages (Python preferred; Go, JavaScript, and Bash valued) utilising RESTful APIs, webhooks, and data pipeline patterns.
• Detection Engineering & SIEM Development: Write, tune, and maintain high-fidelity, low-noise SIEM detection rules by translating threat intelligence and attacker behaviour. Map coverage to the MITRE ATT&CK framework to address visibility gaps, and develop new detection logic with Security Operations. Iterate on rules post-deployment to reduce false positives, and provide expert guidance to customers regarding their detection strategy and risk posture.
• Customer Success & Relationship Management: Develop deep relationships with customer security leadership, acting as a trusted adviser across their security architecture. Proactively mitigate adoption risks, resolve deployment blockers, and conduct structured onboarding from platform fundamentals to advanced threat hunting. Monitor deployed environment health, address technical drift, and translate field experience into actionable product feedback internally.
• Pre-Sales & Proof of Value Support: Partner with Sales Engineering on Proof of Value (POV) engagements, providing technical credibility to differentiate SenseOn. Contribute to bespoke technical demonstrations, architecture proposals, and solution designs for complex prospects transitioning from legacy platforms or traditional SIEM solutions.
• Product & Analytics Feedback: Act as a direct conduit between the field and product teams, raising well-evidenced bugs, feature requests, and detection improvements. Participate in User Acceptance Testing (UAT) for new platform releases to provide field-informed quality assurance. Identify cross-environment patterns to highlight new detection opportunities or platform capability gaps for the analytics backlog.

Essential

• 3–6 years of experience in a technical cybersecurity role, ideally spanning Security Operations and an engineering or customer facing function.
• Demonstrable software development capability, you must be able to write, review, and deploy code in a production context. Python is strongly preferred.
• Proven ability to write and tune detection rules in one or more SIEM platforms (e.g. Splunk, Microsoft Sentinel, Elastic, QRadar). You are comfortable translating threat scenarios into detection logic and iterating on rule quality based on operational feedback.
• Hands-on experience building and troubleshooting integrations with cloud platforms (AWS, Azure, or GCP), REST APIs, and common security tooling including SIEMs, EDRs, XDRs, and NDRs.
• Strong understanding of networking fundamentals, operating systems (Windows and Linux), and identity and access management concepts.
• Experience deploying or operating software in containerised environments (Docker, Kubernetes).
• Excellent written and verbal communication skills, with the ability to engage credibly with both technical engineers and non-technical stakeholders up to C-level.
• Based in the United Kingdom with the right to work in the UK.

Highly Desirable

• Experience supporting customer renewal engagements from a technical perspective — building business cases, evidencing value, and closing coverage gaps ahead of renewal conversations.
• Familiarity with log ingestion at scale, including the operational and architectural challenges of onboarding diverse log sources across complex enterprise environments.
• Experience with CI/CD pipelines, Infrastructure-as-Code (Terraform, Ansible), and modern DevSecOps practices.
• Exposure to machine learning or AI-driven security analytics platforms.
• Relevant industry certifications such as CISSP, AWS Solutions Architect, GCIH, or equivalent.
• Experience supporting or replacing incumbent security platforms (e.g. Darktrace, CrowdStrike, Splunk) within enterprise customer transitions.

What Success Looks Like

Within your first 90 days, you will have completed at least one end-to-end customer deployment, established yourself as the technical lead for a portfolio of accounts, and shipped at least one integration adopted by a customer in production. Within 6 months, you will be leading complex multi-environment deployments independently, supporting renewal engagements with clear technical business cases, and have contributed meaningful detection rules and integrations to SenseOn’s shared library. Within 12 months, you will be shaping how SenseOn approaches deployment and customer value quantification at scale, informing product roadmap decisions, mentoring more junior team members, and owning the technical success of some of SenseOn’s most strategic accounts.

What We Offer

• Competitive salary commensurate with experience
• Unlimited holiday allowance
• Hybrid working model with flexibility around customer commitments
• Bi-annual career progression review
• Personal learning and development budget
• MacBook and all necessary tooling provided
• Enhanced pension scheme
• Private healthcare through Vitality, with rewards and discounts

Belong at SenseOn

At SenseOn, we define Talent as employees who are customer obsessed and pursuing excellence. They are courageous, good people, doing good things, powering our mission. If this resonates with you, then you will always belong. Nothing else matters. We are an Equal Opportunity Employer and do not discriminate against any qualified employee or applicant. Difference is what makes us stronger.