Data Engineer
FBI &TMT
- City of London, England, United Kingdom
- City of London, England, United Kingdom
About
One (1) Senior Detection Engineering Analyst
1. Senior Log Onboarding & Data Validation Engineer (x2)
Role Summary These engineers will be responsible for onboarding logs from multiple platforms, validating data quality, ensuring completeness and correctness, and handing over fully validated data sources to the Detection Engineering team. Key Responsibilities Lead log onboarding activities across operating systems, databases, SaaS platforms, appliances, and containerised environments.
Validate incoming log data for accuracy, completeness, consistency, and usability.
Develop and maintain ingestion pipelines, parsers, and normalization logic.
Collaborate with Detection Engineering to ensure logs are optimised for detection use cases.
Troubleshoot ingestion failures, schema issues, timestamp anomalies, and source-side configuration errors.
Produce technical documentation, runbooks, and handover materials.
Ensure alignment with compliance, logging standards, and data governance requirements.
Required Expertise & Skills Deep SME-level knowledge in: Database logging:
Oracle, MSSQL
Linux logging:
RHEL (Red Hat), AIX (Application, Auth & Audit logs)
SaaS logging:
Authentication, Audit, API-level logging
Strong experience with log forwarding technologies (e.g., syslog, agents, collectors).
Familiarity with K8s logging models, Windows Server 2016 event logging, and infrastructure logs (VMware ESXi, RestorePoint, AS-400).
Ability to build and tune data connectors, parsing logic, and ingestion schemas.
Experience working with SIEM platforms (Microsoft Sentinel preferred).
Strong analytical, troubleshooting, and documentation skills.
2. Senior Detection Engineering Analyst (x1)
Role Summary This role focuses on operationalising onboarded logs by building, optimising, and maintaining detection logic. The analyst will work closely with the Log Onboarding Engineers to maximise the security value of newly ingested log sources. Key Responsibilities Develop, refine, and maintain detection logic across the full detection lifecycle.
Leverage newly onboarded logs to create actionable detection use cases.
Build and update workbooks, analytic rules, alerting logic, and hunting queries.
Conduct threat modelling to identify gaps and opportunities for new detections.
Partner with SOC, Red Team, and Purple Team functions to validate detection effectiveness.
Perform tuning to reduce false positives and optimise alert fidelity.
Maintain documentation for detection logic design, deployment, and updates.
Required Expertise & Skills Previous experience in a
SOC, Red Team, or Purple Team
environment.
Strong understanding of detection engineering methodologies and threat-detection frameworks.
Expertise working with SIEM platforms and KQL-based analytics (Microsoft Sentinel advantageous).
Experience using cross-platform logs (Linux, Windows, SaaS, databases, appliances) for detection logic.
Ability to create dashboards, workbooks, and visualisation artefacts to support monitoring.
Strong knowledge of attacker techniques (MITRE ATT&CK), logging schemas, and telemetry sources.
Relevant Technologies Across Roles Expertise in the following technologies is essential: Operating Systems Red Hat Enterprise Linux (RHEL)
IBM AIX
Windows Server 2016
Databases Oracle
Microsoft SQL Server (MSSQL)
Platforms SaaS platforms (various)
Kubernetes (K8s)
Appliances & Systems VMware ESXi
AS-400
RestorePoint
TPBN1_UKTJ
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.