1 to 25 of 27 Kusto Query Language Jobs

Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written … rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft ...

managing Azure Monitor, Log Analytics workspaces, Application Insights, and Azure dashboards. Experience creating alert rules, action groups, workbooks, and analysing metrics and logs using KQL (Kusto Query Language). Skilled in performance troubleshooting, implementing Azure Service Health monitoring, and setting up distributed tracing. Ideally, knowledge and experience ...

analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Experienced in Kusto Query Language (KQL) Team leadership experience with great collaboration and stakeholder management skills Candidates must have a valid and live SC clearance for this role. Should this position ...

security certifications such as SC-900, SC-200, SC-300, SC-400, MS-500, AZ-500 or similar experience. Recognised security certifications. Proficient with Kusto Query Language . Knowledge (or ideally consulted on development) of secure hardware/software design and development practises. Understanding of vulnerability management ...

consultancy Nice to Have Certifications (AZ-500, SC-200, CySA+, BTL1/2) Microsoft 365 & Azure security tooling (Sentinel, Defender) PowerShell and KQL experience Working Pattern & Package 37.5 hours per week, shift-based with on-call escalation 90% remote (quarterly office visits) £40,000 - £45,000 salary + bonus Private ...

fundamentals ✔️ Familiarity with Windows, Linux & macOS ✔️ Curious, analytical mindset with a genuine interest in cyber defence (Sentinel/CrowdStrike/MITRE ATT&CK/KQL experience is a bonus, not essential) Shift pattern 12-hour shifts : 2 days/2 nights/4 off Flexibility required during major incidents 🔐 Clearance ...

including Azure AD, and Azure ecosystem. Working knowledge of medallion architecture and how it fits within a data platform. Working knowledge of Log Analytics, KQL and how it fits within monitoring solutions. Essential Knowledge, Skills & Experience Experience/Knowledge Integrations development involving Azure Integrations, SQL Server/Azure SQL, APIs ...

platforms. Incident investigation skills across endpoint, identity, and cloud. Understanding of Microsoft 365, Azure, and Zero Trust. Skilled in ASR rules, AV baselines, and KQL analytics. Desirable Skills Experience with Microsoft Sentinel. Understanding of MITRE ATT and CK. Exposure to red team activities. Familiarity with automation using PowerShell. Professional Attributes ...

effectively. Documentation & Compliance Improve and maintain accurate system documentation for configuration, troubleshooting, and best practices. Ideal Background Proficiency in SQL Server, T-SQL, and KQL (Azure Application Insights), including writing queries and stored procedures from scratch. Experience troubleshooting application logs, Windows Event Viewer, and system errors. Hands-on experience with ...

Functions Networking App Insights Data Factory Databricks Proven experience with Azure DevOps (ADO) Solid understanding of Terraform HELM Flux Powershell/Azure CLI KQL Advantageous: Healthcare or Government related industry experience Understanding of JIRA and Confluence Understanding or experience with TCAF Qualifications: Microsoft certification(s) in Azure, such ...

architectures, and configurations. Main Skills Needed: 5+ years of experience as a Data Engineer, ideally with Microsoft Fabric. Proficiency in Python, T-SQL, Power Query, and KQL. Solid knowledge of Azure DevOps and CI/CD best practices. Experience with secure multi-tenant data architectures (RLS and TLS). ...

ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

multiple domains - identity and access, network, system, data, application, cloud - and multiple product types. Proficiency in data analysis and Scripting languages (eg, PowerShell, Python, KQL). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills SC Clearance would be advantageous ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

Warwick. We respond as one global team, US & UK, comprising of analysts, senior analysts, principal analysts, & managers. This affords you a team you can query, learn, and rely upon. Additionally, we have procedures ingrained within our technology to assist your investigations from triaging to containment. The UK position … packet capture analysis, EDR, IDS/IPS, SIEM and AV. Knowledge of Windows/Linux/Mac Host internals. Knowledge of Cloud, Azure, KQL, Scripting, Microsoft Defender. Knowledge of network protocols and windows enterprise domains. Knowledge of MITRE ATT&CK tactics and techniques. Knowledge of Splunk ES8. Knowledge ...

tenant-wide scoping, and differential targeting by region/legal entity. Automate via PowerShell/Graph and instrument telemetry/alerting (e.g., Sentinel/KQL, compliance portals). Define controls, evidence artefacts, and reporting for internal audit and regulatory assurance. Create runbooks for policy changes, exceptions, break-glass procedures ...

deployments. Familiarity with compliance frameworks (GDPR, financial regulations). Excellent stakeholder communication and documentation skills. Skills Service design microsoft office purview ediscovery powershell automation kql sentinel Job Title: M365 Backup Design Architect Location: Sheffield, UK Rate/Salary: 550.00 - 650.00 GBP Weekly Job Type: Contract Trading as TEKsystems. Allegis Group ...

Graph API for troubleshooting and reporting. Provide CoPilot knowledge sharing sessions to fellow M365 Application owners. Skills Service design microsoft office COPILOT powershell automation kql sentinel Job Title: M365 Copilot SME Location: Sheffield, UK Rate/Salary: 550.00 - 650.00 GBP Weekly Job Type: Contract Trading as TEKsystems. Allegis Group Limited ...

detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements. Develop, optimise, and maintain high-fidelity detections using Splunk , Microsoft Sentinel , KQL , SPL , and Python for automation and Detection as Code. Work closely with cloud platforms ( AWS and Azure ) to enhance detection capabilities in hybrid environments. Monitor networks … expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient, high-fidelity detections. Solid understanding of security detection methodologies, threat intelligence, and cloud security environments. Strong communication and stakeholder management ...

ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations … Deep expertise in Microsoft Sentinel and Microsoft Defender XDR Advanced KQL skills and SIEM data integration experience Knowledge of Azure and Microsoft 365 security services Scripting experience with PowerShell and/or Python This is an excellent opportunity for a senior security professional to make real impact in a modern ...

understanding of MITRE ATT&CK, malware analysis, and adversary behaviour Hands-on experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms Proficiency in KQL, Python, or similar scripting/query languages Excellent communication skills — comfortable presenting to clients Analytical, detail-driven mindset with the ability to manage multiple ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender) - Translate threat intelligence into actionable detection logic - Windows, MacOS or Linux operating systems exp London ...