20 of 20 Kusto Query Language Jobs in England

in Azure Sentinel . Hands-on experience configuring data connectors and diagnostic settings in Azure . Solid understanding of use case development and detection engineering . Knowledge of PowerShell, KQL (Kusto Query Language), and JSON formatting . Familiarity with identity-related logs (Azure AD, ADFS, M365 Defender, etc.) . Experience working in a Security Operations environment or More ❯

with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log management, APIs, data normalisation, and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent More ❯

stakeholders, and cloud architecture groups. Must-Have Skills Experience with Azure Sentinel Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations More ❯

in Microsoft Sentinel and Office 365 E5 security products. • Strong understanding of Azure services, including Azure AD, Defender for Cloud, and Logic Apps. • Experience with SIEM/SOAR platforms, KQL, and automation workflows. • Familiarity with compliance frameworks: ISO 27001, NIST, PCI-DSS, GDPR. • Excellent communication and stakeholder engagement skills. • Certifications such as SC-100, AZ-500, MS-500, or equivalent More ❯

data (SharePoint, Dataverse, SQL, Azure AI Search/RAG). Craft, test and version prompts ; define evaluation metrics, safety rails and guardrails. Implement telemetry/observability (App Insights/Kusto), A/B tests and continuous improvement loops. Work with Security/Compliance on data access, DLP, retention and audit ; follow least-privilege and secure-by-design. Partner with More ❯

platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and More ❯

platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and More ❯

project environments Contribute to IT strategy, roadmaps, and solution design discussions What Youll Bring: Essential: Proven experience supporting digital/web/mobile app lications Strong SQL and Azure KQL skills Linux scripting expertise Experience managing IIS-hosted digital solutions Highly Desirable: BigCommerce website support Redis platform experience Microsoft Dynamics 365 API support and monitoring tools (e.g., SolarWinds, Azure App More ❯

project environments Contribute to IT strategy, roadmaps, and solution design discussions What Youll Bring: Essential: Proven experience supporting digital/web/mobile app lications Strong SQL and Azure KQL skills Linux scripting expertise Experience managing IIS-hosted digital solutions Highly Desirable: BigCommerce website support Redis platform experience Microsoft Dynamics 365 API support and monitoring tools (e.g., SolarWinds, Azure App More ❯

manage the Azure based Cloud Infrastructure and Cyber security estate including the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. Experience of KQL will be an advantage. In this role you will be part of the Microsoft Infrastructure and Cyber Security team and will be key to creating a secure Azure based Cloud More ❯

Pantheon has been at the forefront of private markets investing for more than 40 years, earning a reputation for providing innovative solutions covering the full lifecycle of investments, from primary fund commitments to co-investments and secondary purchases, across private More ❯

Cyber Defense, Privacy, Compliance, Legal, and Architecture teams • Perform host-based digital forensics on Microsoft Windows systems primarily and other operating systems and document findings in clear and concise language • Analysis of network data (packets, logs) and endpoint data (logs, malicious artifacts) in both structured and unstructured methods. • Preserve evidence (both network and host) using forensically sound methods • Identify … TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture • Knowledge or certification of Crowdstrike, Darktrace, Sentinel is a plus • Experience with scripting and automation (Python, Powershell, Bash, KQL etc) • Financial services sector, a benefit/Shift work NOT required Click Apply now/contact Lianne to be considered for the Cyber Security SOC Analyst – London/Remote role More ❯

scripting. Integrate M365 using Graph API, EWS, SOAP, and REST. Deploy, monitor, and maintain Azure PaaS apps (App Service, Functions, Storage, Service Bus). Implement monitoring with Application Insights, KQL, and Log Analytics. Proven skills and experience to help you succeed in this role: Previous experience working as a Microsoft Developer Proficient in C#/.NET (6-8) and .NET … API, EWS, SOAP, and REST for M365 integration. Skilled with Azure PaaS: App Service, WebJobs, Functions, Storage, Service Bus/Event Hub. Expertise in monitoring/observability: Application Insights, KQL, Log Analytics. SC Cleared (essential) Please note, due to internal capabilities it will be difficult for us to take internal calls regarding your application - please direct all queries to , and More ❯

Sentinel analytics rules, workbooks, and connectors Develop and optimise dashboards and reports for threat visibility Manage Sentinel upgrades and ensure platform stability Conduct threat hunting and incident investigations using KQL Microsoft Defender Administer Defender for Endpoint, Identity, Cloud, and Office 365 Monitor and respond to alerts across Defender platforms Collaborate with IT teams to remediate vulnerabilities and improve endpoint security … have: Hands-on experience with Microsoft Sentinel including configuration, reporting, and upgrades Strong understanding of SOAR playbook development and automation Ability to manage multiple simultaneous initiatives effectively Proficiency in KQL, Azure Logic Apps, and Microsoft Defender suite Analytical mindset with experience in data-driven security planning Excellent communication and stakeholder engagement skills Job Offer Competitive daily rate of approximately More ❯

Skills Required: Proven DevOps experience in Azure environments. Strong knowledge of Azure architecture (App Services, Functions, Key Vault, etc.). Familiarity with Azure Monitor, Application Insights, Log Analytics, and KQL for observability and diagnostics. Experience with IaC, monitoring tools (App Insights, Log Analytics), and automation. Familiarity with .NET Core, React, or modern software delivery pipelines. Passion for reliability, continuous improvement … templates, or Terraform for Azure resource management. Practical knowledge of containerisation and orchestration (Docker, Azure Container Apps, or Kubernetes). Familiarity with Azure Monitor, Application Insights, Log Analytics, and KQL for observability and diagnostics. Strong focus on automation, continuous improvement, and service reliability. Understanding of DevSecOps principles and secure cloud deployment practices. If you have the relevant skills for this More ❯

systems and tools Experience in ITIL best practices, experience in supporting bespoke software, experience in supporting cloud infrastructure and hardware , experience in query languages such as SQL and KQL Desirable: Experience in Power BI and the languages used M query and DAX Awareness of programming languages such a Python and C# Experience in or awareness of software requirements More ❯

systems and tools Experience in ITIL best practices, experience in supporting bespoke software, experience in supporting cloud infrastructure and hardware , experience in query languages such as SQL and KQL Desirable: Experience in Power BI and the languages used M query and DAX Awareness of programming languages such a Python and C# Experience in or awareness of software requirements More ❯

than theoretical advice. The consultant should be able to work closely with the team to implement changes and improve security. Cyber Security Consultant’s Responsibilities: Develop and fine-tune KQL queries for advanced threat hunting and custom analytics in Microsoft Sentinel. Analyse Defender and Sentinel alert data to uncover insights, refine alerts, and reduce false positives. Design and optimise correlation … improve business operations. Expertise in creating runbooks and provide expert knowledge to improve the security environment. Proficiency in creating and optimising Sentinel workbooks and Logic Apps. Profound knowledge of KQL for developing advanced detection solutions. Experience in integrating Sentinel with diverse security technologies. Relevant security certifications would be desirable: (CSA, CompTIA Security+, CISSP, CISM) Details: Role: Cyber Security Consultant Location More ❯

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. On this More ❯

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. On this More ❯