9 of 9 Kusto Query Language Jobs in the East of England

/7 rota, specifically in an established IT or Security function. Working knowledge of SIEM tools. Scripting capability, particularly using PowerShell, Bash, and KQL (Kusto Query Language) for automation, scripting, and querying in Microsoft Sentinel and Defender. Experience with security and monitoring tools such as Zscaler, Microsoft More ❯

Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

in continuous learning and professional development. Flexibility to work on-site in Peterborough two days per week (negotiable). Preferred Skills & Certifications: Experience with KQL, Rapid7 SIEM, SentinelOne EDR, Microsoft Defender XDR, or Microsoft Sentinel. Level 3 Analysts: Additional expertise in threat hunting, digital forensics, and leadership experience. #J More ❯

of systems and processes. Essential Experience Experience in a SOC or security team. Hands-on experience with Microsoft Sentinel: Proven track record in writing KQL, hunting, and incident response processes within Microsoft Sentinel. Experience in managing Data Connectors and the processes behind them. Strong understanding of Workbooks development and integration. More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. OT operations/security (optional, but a bonus) #J-18808-Ljbffr More ❯

SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing … Hub, Sentinel Analytics, Sentinel Automation, Azure Event Hub, Azure Logic Apps Azure Function Apps. Experience in Sentinel/Analytics Rules/Logic App automations KQL Demonstrated ability in cybersecurity, with at least 5 years in a technical role in security operations and/or security software development. Solid understanding of More ❯

SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Key Skills and Experience Experience contributing … Hub, Sentinel Analytics, Sentinel Automation, Azure Event Hub, Azure Logic Apps Azure Function Apps. Experience in Sentinel/Analytics Rules/Logic App automations KQL Demonstrated ability in cybersecurity, with at least 5 years in a technical role in security operations and/or security software development. Solid understanding of More ❯

passion for cyber security • An analytical approach; ability in problem solving and comfortable working on production systems at scale. • Query languages such as KQL or SPL • Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.) Desirable Skills and Experience: • Knowledge of cloud infrastructure, cloud security … and cloud APIs a plus • Knowledge of attacker tools and evasion techniques within offensive engineering • Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell • Experience of developing detections as code Desirable Certifications • One or more from: CompTIA Security+, GIAC, CEH, SSCP. Where More ❯