13 of 13 Kusto Query Language Jobs in the South East

on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response … Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms. * Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. * Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. * Able to communicate clearly and efficiently with team More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs … NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active More ❯

cyber risk remediation. Technical Skills & Qualifications Ability to communicate complex issues to non-technical audiences. Understanding of OT infrastructure and networking. Proficiency in Kusto Query Language (KQL) and SIEM systems, especially Microsoft Sentinel. Desirable Experience & Skills Knowledge of network security tools like NAC, Firewalls, IDS/IPS. Leadership experience; cybersecurity or related degree; certifications like Microsoft Security More ❯

industry regulations, and best practices. You have - Proven experience deploying and managing Microsoft Defender (across all versions), Sentinel, Intune, and Windows security solutions, as well as strong proficiency in KQL, authentication protocols, and conditional access policies. - Practical knowledge of endpoint security across both server and end-user environments, including Active Directory, Entra ID, Windows and RHEL hardening, and device management. More ❯

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log … rules, STIX, and YAML Participation in red/purple team exercises. 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain More ❯

MSP Strong technical knowledge of Microsoft 365, including migrations, hybrid identity, DLP, retention policies Hands-on Azure IaaS experience: networking, NSGs, VPNs, load balancers, governance Proven Microsoft Sentinel experience: KQL, dashboards, incident response Solid grasp of Intune, AutoPilot, security and compliance policies Strong networking and firewall understanding (e.g. Cisco, Fortinet, Ubiquiti) Confident presenting to stakeholders and creating detailed technical documentation More ❯

Entra ID, Intune) Strong knowledge of Zero Trust principles, conditional access and data loss prevention Experience working in regulated enterprise environments Hands-on experience with Sentinel, Log Analytics and KQL is a plus Relevant certifications (SC-200, MS-500, AZ-500, etc.) highly desirable Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse More ❯

Management o Azure SQL and MI o Functions o Networking o Data Factory o Databricks Proven experience with Azure DevOps (ADO) Solid understanding of o Terraform o HELM o KQL Advantageous: Healthcare or Government related industry experience Understanding of JIRA and Confluence Understanding or experience with TCAF Qualifications: Experience is valued over accreditation, however, as we're a Microsoft partner More ❯

investment bank based in London - Contract - Hybrid *Inside IR35 - umbrella* Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log Source Integration: Onboard and configure critical log sources (AD … security tools Help define and measure control effectiveness Required Skills & Experience 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain More ❯

About the Role: We’re a leading Managed Service Provider (MSP) delivering cutting-edge IT and security solutions to businesses worldwide. Our mission is to protect digital assets through proactive security measures, advanced threat intelligence, and world-class support. Join More ❯

operations, or geospatial data have played a role. Bonus Points For: Exposure to event streaming platforms (e.g. Kafka, SQS, EventHub) Familiarity with SQL/NoSQL, CosmosDB, or Kusto (KQL) Knowledge of IoT protocols (GNSS, GSM, Bluetooth, UWB) Mobile development experience (iOS/Android) Experience with real-time monitoring or geospatial applications In Technology Group Ltd is acting as an More ❯

operations, or geospatial data have played a role. Bonus Points For: Exposure to event streaming platforms (e.g. Kafka, SQS, EventHub) Familiarity with SQL/NoSQL, CosmosDB, or Kusto (KQL) Knowledge of IoT protocols (GNSS, GSM, Bluetooth, UWB) Mobile development experience (iOS/Android) Experience with real-time monitoring or geospatial applications In Technology Group Ltd is acting as an More ❯