10 of 10 Kusto Query Language Jobs in London

vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel or CIS exposure beneficial The successful candidate will work closely with Infrastructure, Service Desk and operational IT teams ...

third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs). * Support DPIA processes through ...

logs, databases, messaging platforms, external integrations) rather than through a single tool Strong working knowledge of Microsoft Azure, including Portal fluency, Application Insights/KQL, Log Analytics, Azure Functions, Storage and Key Vault Practical experience of event-driven messaging platforms (Azure Service Bus or equivalent) producer/consumer patterns, dead ...

escalation point for insider risk matters, providing technical advice, case support and judgement across complex or sensitive activity. The role will use threat hunting, KQL and detection engineering to identify indicators of misuse, compromise, inappropriate access or unusual activity requiring review. The post holder will analyse Microsoft Defender for Endpoint ...

function, this role identifies opportunities to streamline processes, accelerate incident response, and reduce operational overhead through intelligent automation, leveraging Artificial Intelligence (AI) and Large Language Models (LLMs). In addition to building scalable automation workflows, this individual will contribute to the broader Security Engineering team, including supporting Detection Engineering … such as Azure Logic Apps, SOAR tools (e.g., Microsoft Sentinel, Splunk SOAR, Cortex XSOAR). Experience building and tuning detections using SIEM platforms (e.g., KQL, SPL) and working with security telemetry across endpoint, identity, network, and cloud. Experience designing SOAR workflows for automated security response and incident triage. Proven experience ...

detection and response capability What we’re looking for Strong hands-on experience with Microsoft Sentinel Experience across Defender suite (Endpoint, Identity etc) Solid KQL skills (detection engineering) Background in SIEM engineering/SecOps platforms Experience integrating systems and handling large-scale log ingestion Scripting (PowerShell/Python) for automation ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

design experience in ICS and/or cybersecurity. Exposure to tools like MDIoT, Sentinel, Wireshark, Nessus, or Splunk. Knowledge of data analysis and scripting (KQL, Python, PowerShell, or Bash) Please note that roles based out of SJS or Sunbury will move to Timber Square, Southwark, from Q4 2027. Why join ...

JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment Analyse threat intelligence feeds … Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best ...

engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design ...