13 of 13 Kusto Query Language Jobs in the UK excluding London

Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities. This is a technically advanced role that combines engineering depth … Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter ...

threat categories. Analyze logs generated by applications using Azure Log Analytics and Azure Sentinel to identify anomalies and potential threats. Design, build, and maintain KQL queries to extract and correlate security-relevant data from logs. Implement automated alerting and reporting workflows through Azure Logic Apps integrated with Azure Sentinel. Collaborate … configuration, customization, and automation. In-depth knowledge of Azure Log Analytics , log ingestion, and data analysis. Proficiency in Kusto Query Language (KQL) for creating efficient, scalable queries. Experience with Azure Logic Apps to orchestrate automated response and reporting workflows. Solid understanding of application security principles, common threat ...

customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender XDR, Entra ID) Basics in KQL (Kusto query language) Strong analytical and problem-solving skills Excellent verbal and written communication skills Preferred Qualifications About 12 months of experience ...

technologies such as Defender or Azure security tools Strong analytical thinking and willingness to learn Nice to Have Experience writing queries for investigations (e.g. KQL) Microsoft security certifications (SC-200, SC-900, AZ-500) Exposure to incident response or threat detection activities Location This role requires 2 days per week ...

with Terraform as the primary tool and Bicep as an Azure-native IaC language. Ideally, you will have the ability to write and use KQL for dashboards, alerts, investigations, and insights in Log Analytics, Azure Monitor, and Application Insights. Experience administering and optimizing Windows Server workloads on Azure Virtual Machines ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

similar Good knowledge of cyber security basics and best practices Experience with SIEM tools, firewall and weakness management Proven experience of log checking and KQL Good knowledge of cloud, network, and device security concepts Strong problem-solving skills and careful attention to detail Good communication and record-keeping skills Your ...

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ...

Defender XDR • Deep understanding of Azure security architecture and ingestion strategy • Proven experience configuring connectors and tuning detection rules • Experience with SOAR platforms • Strong KQL capability • Ability to manage competing priorities in fast-paced environments • Experience managing ingestion costs or cloud service optimisation • Confident customer communication Desirable • Integration experience (Mimecast ...

deep technical analysis Clear stakeholder communication Security Analyst (Contract) Focus: Detection, Response & Optimisation Key Responsibilities Advanced Microsoft Defender analysis & optimisation Write, tune, and troubleshoot KQL queries Investigate alerts and support incident response workflows Liaise with SOC & technical teams Analyse ITSM backlog/ticket trends Recommend improvements to Conditional Access … policies Required Experience Strong Microsoft Defender expertise Advanced KQL capability (hands-on) SOC/incident investigation background Analytical mindset with operational focus Strong communication & user engagement skills Security Engineer & Analyst Contracts - London RSG Plc is acting as an Employment Business in relation to this vacancy. ...

tools (Sentinel or Elastic) EDR deployment and management (Tanium, Trellix, Defender, or similar) Log ingestion creation (OOTB and custom integrations) Familiarity with scripting languages (KQL, Python, or PowerShell) TO BE CONSIDERED: Please either apply through this advert or email me directly via . For further information, please call … subject to required skills) your application to our client in conjunction with this vacancy only. KEY SKILLS SIEM Engineer, Sentinel, Elastic, EDR, Syslog, Linux, KQL, PowerShell, SC Cleared ...

Technical Architect - Microsoft Fabric Chester - Hybrid working 2 x per week Salary: Up to £90,000 per annum A leading client in Chester seeks a Technical Architect to design and deliver data and AI solutions ...

Splunk Enterprise Security Strong background in detection engineering and SIEM operations Experience designing and managing large scale data ingestion pipelines Advanced knowledge of SPL, KQL or EQL for detection engineering Experience with automation, scripting or Infrastructure as Code in SIEM environments Understanding of MITRE ATT&CK and threat detection techniques … your application to our client in conjunction with this vacancy only. KEY SKILLS Elastic Security, Splunk Enterprise Security, SIEM, Detection Engineering, Elastic Stack, SPL, KQL, EQL, MITRE ATT and CK, Security Monitoring, Log Ingestion, Terraform, Ansible, SOC Engineering, NSD. ...