Forward Deployed Engineer

Sense On is looking for a Forward Deployed Engineer to sit at the intersection of security engineering, software development, and customer success. This is one of the broadest and most impactful technical roles in the business, you will be the person who makes Sense On work, in the real world, for real customers.

As a Forward Deployed Engineer, you will embed directly with customers to deploy and configure the Sense On platform, develop custom integrations, and ensure that every customer derives measurable security value as quickly as possible. You will own the technical outcome, supporting technical sales and working on technical delivery to enable Sense On to be effective.

This is not a pre-sales or demo role. You support both new business engagements and existing customer renewals, providing the technical depth to prove and quantify the value Sense On delivers and ensuring that as deployments grow more complex with expanded log ingestion, customers always feel in safe hands.

You will report to the VP of Technology and work closely with the Security Operations, Customer Success, Sales Engineering, and Product teams.

Location:

UK

Travel:
Approx 25% to customer sites

Experience:

3 to 6 years+

You will own the full technical lifecycle of a customer deployment, from initial architecture review through to live production, ongoing integration development, and long‑term platform health. You will build cloud integrations. You will write and tune detection rules in SIEMs. You will debug customer environments. And you will ensure that every customer you touch becomes a Sense On advocate.

Your impact does not stop  Sense On’s log ingestion capability grows and deployments become more complex and wide ranging, you will work with the Customer Success team to build the technical business cases that win renewals and drive expansion bringing the same engineering rigour to proving value as you do to deploying it.

• Lead end-to-end Sense On platform deployments and complex log ingestion rollouts without customer disruption.
• Conduct architectural reviews to define deployment strategies and identify integration opportunities.
• Own the post‑sale technical relationship into steady‑state operations, delivering against technical success criteria tied to quantifiable security outcomes.
• Travel to UK and international customer sites approximately 25% of the time.

• Provide the technical evidence base and build business cases for renewals and expansions, translating platform telemetry and incident response data into clear customer outcomes.
• Proactively health‑check environments, close technical gaps, and resolve visibility issues ahead of renewal conversations.
• Collaborate with Sales Engineering to ensure continuity from pre‑sale technical validation through to post‑sale deployment.

• Write production‑quality software to build and maintain integrations across third‑party security tools, SIEMs, identity platforms, and AWS, Azure, and GCP environments.
• Contribute reusable connectors to the Sense On integration library and create custom automation to optimise security operations workflows.
• Work confidently across backend languages (Python preferred; Go, JavaScript, and Bash valued) utilising RESTful APIs, webhooks, and data pipeline patterns.

• Write, tune, and maintain high‑fidelity, low‑noise SIEM detection rules by translating threat intelligence and attacker behaviour.
• Map coverage to the MITRE ATT&CK framework to address visibility gaps, and develop new detection logic with Security Operations.
• Iterate on rules post‑deployment to reduce false positives, and provide expert guidance to customers regarding their detection strategy and risk posture.

• Develop deep relationships with customer security leadership, acting as a trusted adviser across their security architecture.
• Proactively mitigate adoption risks, resolve deployment blockers, and conduct structured onboarding from platform fundamentals to…