1 to 25 of 34 Kusto Query Language Jobs in the UK excluding London

by Tier 1 Analysts, determining threat severity & advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, & thorough documentation of security incidents. * Identifying & escalating critical threats to Tier 3 Analysts with detailed analysis for further action … analysis; some exposure to additional analysis tools such as basic XDR platforms. * Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search & filter logs effectively. * Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats & gathering information. * Able to communicate clearly & efficiently … Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for More ❯

Provide insights into system downtime, trends, and customer impact . Automation & Continuous Improvement Develop scripts and queries using Kusto Query Language (KQL), PowerShell, or Python . Implement automated remediation workflows where applicable. Suggest architecture enhancements based on performance data analysis. Collaboration & Documentation Work closely with engineering, DevOps … Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Strong proficiency in Kusto Query Language (KQL) . Hands-on experience with automation Scripting (PowerShell, Python, or Azure Functions). Proven experience in setting up automated alerts, managing dashboards, and generating reports More ❯

and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering … or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk More ❯

and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering … or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk More ❯

Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat … using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising Kusto Query Language (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat … using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

in using multiple ticketing systems to manage incidents effectively, ensuring service level objectives are adhered to. Experience utilising Kusto Query Language (KQL) for log analysis will also be beneficial. This is a full-time on-site role, covering a 24x7 shift pattern, which will come with a … exposure to additional analysis tools such as basic XDR platforms is preferred Able to demonstrate basic knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Able to communicate clearly and efficiently with team members and stakeholders Can communicate simple technical issues to non-technical More ❯

and event management (SIEM) solutions to support the security operations team. They will also be proficient in utilizing Kusto Query Language (KQL) for log analysis and gain experience using multiple ticketing systems to manage incidents effectively, ensuring that we adhere to our service level objectives. Responsibilities: Monitor … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate basic knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (Kusto Query Language) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯

PAM) and Security Information & Event Management. (SIEM) Good understanding of IT, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for Sentinel queries and alerts. Desirable Experience Familiarity with managing network security capabilities such as NAC (Network Access Control), Firewalls, Proxies/VPN, IDS/ More ❯

solutions using Microsoft Fabric. Python data engineering experience. Strong understanding of SQL and NoSQL databases, SQL, CosmosDB and Kusto Query Language (KQL). Solid experience of data pipeline development using both cloud and on-premises data sources. Excellent problem-solving, analytical, and communication skills. Strong desire to More ❯

Engineering (SRE) principles and hands-on experience with Azure DevOps. Proficient in scripting (Bash, PowerShell, Azure CLI), coding (Python, C#, Java), and querying (SQL, Kusto Query Language). Familiar with version control systems like GitHub and CI/CD pipelines. Experience with PowerShell, Terraform, Python, Windows command More ❯

CISSP) are desirable. Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option to buy additional leave. Flexible working policies. Enhanced parental benefits. Company pension More ❯

Defender XDR, and/or other SIEM/XDR solutions. Strong understanding of log collection, parsing, and correlation for security monitoring. Experience in developing KQL queries, custom detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly More ❯

and technologies. Qualifications Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option to buy additional leave. Flexible working policies. Enhanced parental benefits. Company pension More ❯

To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat More ❯

To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat More ❯

data sources Govern structured/unstructured data using Purview , Unity Catalog , Profisee , Informatica Implement real-time streaming with Event Hub, Kafka, IoT Hub, and Kusto/ADX Design data platforms with Delta Lake, ADLS Gen2, Cosmos DB, Synapse, Fabric OneLake Lead CI/CD infrastructure using Terraform , Bicep , Azure … observability across the ecosystem Core Skills & Experience Azure Data Factory, Synapse, Databricks, Delta Lake, ADLS, Cosmos DB, Azure SQL Event Hub, Kafka, IoT Hub, Kusto/ADX Strong unstructured data migration and transformation experience Data modelling, mapping, profiling, governance, and security Tools: Purview, Profisee, Informatica, Unity Catalog Strong CI … cost optimisation, logging, monitoring, and performance tuning Desirable Skills Industry: Utilities, SCADA, SAP PM, GIS, telemetry, IoT Governance Tools: Collibra Programming: Python, Kusto (KQL More ❯

Data modelling, mapping, quality, profiling - HADR, AI/ML integration, cost management Desirable: - Utilities experience (SCADA, SAP PM, GIS) - Governance tools (Collibra), scripting (Python, Kusto More ❯

years of experience in the fields of detection engineering or cybersecurity research. Experience managing technical teams is essential. Strong hands-on experience in KQL with writing Use Cases in Sentinel. Preferred SIEM vendor certification of administrator. Familiarity with different security attack vectors and means of protection. Knowledge of common attack More ❯

in Microsoft Azure Platform services (Compute, Storage, Networking etc.). Managing/Operating/Troubleshooting experience in Azure. Azure Management - Azure Monitor, Monitoring Agents, KQL, ARM template, Azure Policies, IaC and deployment models. Infrastructure as code experience, ideally Azure DevOps, ARM, Bicep, ADO - Azure DevOps. Strong fault analysis/determination More ❯

in continuous learning and professional development. Flexibility to work on-site in Peterborough two days per week (negotiable). Preferred Skills & Certifications: Experience with KQL, Rapid7 SIEM, SentinelOne EDR, Microsoft Defender XDR, or Microsoft Sentinel. Level 3 Analysts: Additional expertise in threat hunting, digital forensics, and leadership experience. Benefits: Competitive More ❯

AWS, M365, and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for … Knowledge of Azure, AWS, M365, hybrid environments, and cloud security frameworks (CIS, NIST, ISO 27001, etc.). * Experience with scripting and automation (PowerShell, Python, KQL, or similar languages) to enhance security operations. * Excellent problem-solving, analytical, and communication skills with the ability to effectively influence others. * Ability to adapt quickly More ❯