21 of 21 Kusto Query Language Jobs in the UK

Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

CSOC Compile and present monthly SOC reporting, advising on security posture improvements Support client service reviews and articulate cyber risk in business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure high-quality incident resolution and consistent SOC performance Who you are: Youre an experienced cyber … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

Azure observability playbook, delivering comprehensive dashboards, alerting rules, and operational runbooks using Application Insights, Log Analytics, and Kusto Query Language (KQL). AIOps & Intelligent Automation Develop AI‐driven alerting and detection mechanisms to surface early‐warning signals, including IP reputation degradation, database capacity saturation, and anomalous traffic … Expertise Deep proficiency in Terraform, including module design, remote state management, workspace strategies, and multi‐environment deployment patterns. Monitoring & Observability Expertise Advanced experience with KQL for Azure Log Analytics, with the ability to design and build custom Azure Monitor Workbooks for operational insight and reporting. Security Automation Strong background ...

overview of customer industry and projects, access to cutting-edge technology etc.) Technical SME in Cybersecurity space Key responsibilities: (Up to 10, Avoid repetition) KQL: Expert Level Able to develop and maintain high-fidelity detection rules using Kusto Query Language Able to utilize KQL for detection engineering … Coordinate the end-to-end onboarding of log sources into Sentinel. Key skills/knowledge/experience: (Up to 10, Avoid repetition) Expert in KQL Technical SME for Sentinel set up Strong understanding of cloud and on premises logging (Windows, Linux, application, DB, identity). Experience onboarding data using ...

Azure security tools. The "Investigator" Mindset: A natural curiosity to dig into logs until you find the answer. The "Value Add" (Nice to Have): KQL Skills: Experience writing Kusto Query Language for data hunting. Certifications: SC-200 (Cyber Security Operations Analyst), SC-900, or AZ-500. Consultancy ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

technical stakeholders. What youll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into ...

technical stakeholders. What you’ll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks ...

runbooks. We're after 23+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365/Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial. ...

experience with data ingestion tools such as Elastic Agent, Beats, Splunk UF/HF, Syslog, Kafka Advanced proficiency in querying languages including SPL, KQL, and EQL Strong understanding of ECS and CIM log normalization, enrichment, and large-scale data architectures Expertise in detection rule design, tuning, and lifecycle management Proficiency ...

flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint and desktop security: EDR deployment ...

flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint and desktop security: EDR deployment ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...

within Complex, Multi-Tenant Environments. The Engineering Edge: Good Background in Detection Engineering, Custom Rule Creation & Log Orchestration. You should be highly proficient in KQL & have good Scripting Capabilities (Python or PowerShell). Onboarding & Architecture: Proven Ability to Lead Technical Implementation for New Clients, ensuring their environments are correctly Scoped ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design ...

Microsoft Fabric Engineer - London Hybrid working - London Salary upto £90,000 A leading client in London seeks a Microsoft Fabric Engineer to design and deliver data and AI solutions on the Microsoft Fabric platform. As ...

Microsoft Fabric Engineer - London Hybrid working - London Salary upto £90,000 A leading client in London seeks a Microsoft Fabric Engineer to design and deliver data and AI solutions on the Microsoft Fabric platform. As ...