16 of 16 Kusto Query Language Jobs in Yorkshire

/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results. Experienced with and have sufficient knowledge of attacker TTP’s Have a deep understanding of Advanced Persistent Threat groups More ❯

/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results. Experienced with and have sufficient knowledge of attacker TTP's Have a deep understanding of Advanced Persistent Threat groups More ❯

to the Delivery Lead/PMO. The Role You will be/have: Responsible for creating Threat Hunt Hypotheses and running Threat Hunts regularly Capable of translating hypotheses into KQL queries and triaging results Knowledgeable about attacker TTPs and APT groups, with in-depth research skills Able to verify and refine Threat Hunt queries independently Experienced in Incident Response and More ❯

in the future. Reports to the Delivery Lead/PMO. The Role You will be responsible for: Creating Threat Hunt Hypotheses and executing Threat Hunts regularly. Translating hypotheses into KQL queries, executing them, and triaging results independently. Having knowledge of attacker TTPs and APT groups, conducting in-depth research. Verifying and refining Threat Hunt queries based on results. Incident Response More ❯

Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. Transform Threat Intelligence into actionable More ❯

consideration by the Intrusion Analysis Lead for prioritisation. · Ad-hoc communications with government or commercial security operations centres as part of root-cause analysis · Creation of low-medium complexity KQL analytics and hunt queries, conducting IOC and anomaly-based threat hunts, including root cause identification of findings · Identification and tagging of incorrect alert logic/high false positive detection rules More ❯

by dedicated professionals. We're seeking a skilled Cyber Security Engineer to join our clients eam. The ideal candidate will have expertise in Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. This role demands a proactive individual who can monitor and protect our organization's digital assets while staying updated on the latest security threats and trends. If you are … Responsibilities: Implement and manage Azure Sentinel SIEM for threat detection, incident response, and security monitoring. Configure and maintain Microsoft Defender for endpoint protection and threat detection. Develop and maintain KQL scripts for querying and analysing data within Azure Sentinel. Collaborate with cross-functional teams to identify security vulnerabilities and develop appropriate solutions. Conduct regular security assessments and penetration testing to … in Computer Science, Information Technology, or related field. Proven experience working as a Cyber Security Engineer or similar role. In-depth knowledge of Azure Sentinel SIEM, Microsoft Defender, and KQL scripting. One of the following certifications: AZ-500 (Microsoft Azure Security Technologies) or SC-200 (Microsoft Security Operations Analyst). Strong analytical and problem-solving skills. Excellent communication and interpersonal More ❯

analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operation centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts, and identify root causes. Identify and tag incorrect alert logic and high false positive detection rules for review. Transform More ❯

evolving TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause analysis. Create KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. Transform internal and partner threat More ❯

and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯

Extend Support Machines - ESSENTIAL Other Requirements Management Tools – Microsoft SCCM, Windows Admin Center, SCOM - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to More ❯