o Collaborate with security analysts to implement effective use cases and threat hunting scenarios within Azure Sentinel. o Develop and manage custom queries using KQL (KustoQueryLanguage) to identify potential security incidents and perform forensic analysis. o Set up, manage, and refine automated incident response playbooks … o Excellent communication skills to collaborate with both technical and non-technical stakeholders. * Technical Skills: o Proficiency in KustoQueryLanguage (KQL) for Sentinel query writing. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in more »
Birmingham, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
in busy end customer SOC environment this will be considered The ability to dynamically assess risks, threats & threat actors for new and existing customers KQL (KustoQueryLanguage) experience Cyber qualifications such as the Microsoft SC-200 or related certs Previous experience with SIEM tools including Microsoft more »
Manchester, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
in busy end customer SOC environment this will be considered The ability to dynamically assess risks, threats & threat actors for new and existing customers KQL (KustoQueryLanguage) experience Cyber qualifications such as the Microsoft SC-200 or related certs Previous experience with SIEM tools including Microsoft more »
Maidenhead, England, United Kingdom Hybrid / WFH Options
Cloud Decisions
in busy end customer SOC environment this will be considered The ability to dynamically assess risks, threats & threat actors for new and existing customers KQL (KustoQueryLanguage) experience Cyber qualifications such as the Microsoft SC-200 or related certs Previous experience with SIEM tools including Microsoft more »
position within an MSSP. Strong technical and analytical skills Experience in incident response and security analytics Experience using KustoQueryLanguage (KQL) Ability to work effectively in a team environment Excellent problem-solving skills and attention to detail Excellent experience across the Microsoft Security stack - MS Sentinel more »
platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR Experience of onboarding, tuning, reporting, and configuring SIEM solutions Experience of threat intelligence Leadership and mentoring experience and skills Understanding of more »
Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure. Microsoft 365 suite. Defender XDR. Entra ID (Azure Active Directory). more »
computing, Familiar with a DevOps or DevSecOps approach, Awareness of Cybersecurity, particularly Web Application Security, Any programming or scripting languages (e.g., C#, Python, JavaScript, KQL) Desirable Skills: Experience with high-traffic web applications, particularly eCommerce Microsoft Azure SQL Postman (or another API design and management tool) Microservices and similar system more »
Clapham, England, United Kingdom Hybrid / WFH Options
The Gym Group
computing, Familiar with a DevOps or DevSecOps approach, Awareness of Cybersecurity, particularly Web Application Security, Any programming or scripting languages (e.g., C#, Python, JavaScript, KQL) Desirable Skills: Experience with high-traffic web applications, particularly eCommerce Microsoft Azure SQL Postman (or another API design and management tool) Microservices and similar system more »
Strong skills in API development and integrations, with a proven track record of successfully connecting systems to enhance security operations. Technical Skills: Proficient in KQL, JSON, and PowerShell. Solid understanding of Azure Logic Apps, M365, Defender, Entra ID, and other key infrastructure technologies. What’s On Offer: Fully Remote Position more »
Strong skills in API development and integrations, with a proven track record of successfully connecting systems to enhance security operations. Technical Skills: Proficient in KQL, JSON, and PowerShell. Solid understanding of Azure Logic Apps, M365, Defender, Entra ID, and other key infrastructure technologies. What's On Offer: Fully Remote Position more »
to the creation of training materials and reporting frameworks. Essential Skills and Experience: Proficient with Microsoft Sentinel and other SIEM platforms. Strong experience with KQL for querying and alert tuning. Knowledge of security logs and event types (e.g., firewalls, servers). Excellent troubleshooting and analytical skills. Familiarity with OKTA and more »
to enhance the organization's security infrastructure. Key Requirements: SOC Analyst background with hands-on experience in developing and integrating APIs. Proficient in JSON, KQL, and PowerShell. Proven experience in building, maintaining, and optimizing Azure Logic Apps and Sentinel playbooks. Familiarity with automating routine SOC tasks to improve security operations. more »
to enhance the organization's security infrastructure. Key Requirements: SOC Analyst background with hands-on experience in developing and integrating APIs. Proficient in JSON, KQL, and PowerShell. Proven experience in building, maintaining, and optimizing Azure Logic Apps and Sentinel playbooks. Familiarity with automating routine SOC tasks to improve security operations. more »
Microsoft 365 applications and services, including Intune, Exchange Online, Graph, Security Centre, and Purview. Experience with Azure services and management tools (e.g., AVD, Sentinel, KQL). Strong background in overseeing and managing IT infrastructure, including operating systems, applications, servers, network devices, and hardware components. Experience with hardware/software upgrades more »
Cheshire East, England, United Kingdom Hybrid / WFH Options
Opus Recruitment Solutions
Microsoft 365 applications and services, including Intune, Exchange Online, Graph, Security Centre, and Purview. Experience with Azure services and management tools (e.g., AVD, Sentinel, KQL). Strong background in overseeing and managing IT infrastructure, including operating systems, applications, servers, network devices, and hardware components. Experience with hardware/software upgrades more »
in an advanced Security Engineering capacity; developing and deploying cyber monitoring and detection tooling. Previous experience using Microsoft Stack such as Azure, Sentinel and KQL for over 4+ years. Knowledge of telco related threats (DLL Sideloading, LOLBins, SIM Swapping, IMSI, Global Titles, 4g Infrastructure, etc) If you're an experienced more »
observability and visualisation tools (e.g., Dynatrace, App Dynamics, Splunk, Prometheus for Kubernets, ELK Stack, Zabbix, Datadog, NewRelic, Raygun, Azure Monitor and Log Analytics, Grafana, KQL), and proficiency in automation and scripting languages like Terraform. What we offer you: At RSA we put our people first. We have adopted hybrid working more »
in an advanced Security Engineering capacity; developing and deploying cyber monitoring and detection tooling. Previous experience using Microsoft Stack such as Azure, Sentinel and KQL for over 4+ years. Knowledge of telco related threats (DLL Sideloading, LOLBins, SIM Swapping, IMSI, Global Titles, 4g Infrastructure, etc) If you're an experienced more »
Employment Type: Permanent
Salary: £60000 - £70000/annum 10% Bonus + Great Benefits
Basingstoke, Hampshire, South East, United Kingdom Hybrid / WFH Options
Circle Group
SOC services to 3rd party customers Technical Knowledge: Hands-on experience with Azure Sentinel and associated Microsoft security tools (such as Defender for Endpoint, KQL, MS Stack ideally, although other SIEMS can be considered for the right person) SOAR - Ideally some interst and ability in creation of reusable responses and more »
entities like firewalls, identity providers, endpoint protection, and threat intelligence. Build and enhance playbooks and workflows for Microsoft Sentinel and Splunk. Leverage tools like KQL, Python, ARM, and Bicep to create robust integrations and solutions. Implement API integrations (SOAP, REST) and develop Azure Functions to automate security processes. Collaborate with … of 4 years’ experience with workflow automation platforms, especially in security-related SOAR development. Expertise with Microsoft Sentinel & Splunk SIEM solutions, including playbooks, workflows, KQL, and Python scripting. Experience with ARM Templates, Bicep, and Azure Functions. Familiarity with vulnerability management tools (e.g., Tenable, Qualys) and threat intelligence platforms (e.g., MISP more »
Cranfield, Wharley End, Bedfordshire, United Kingdom
Morson Talent
good awareness of Connected car system onboard (in vehicle) & offboard (cloud) side. • Have a good understand network communications and cloud system. • Good experience in KustoQuery is an advantage but not a must. • Must be proficient in the ticket management tools. • Be able to demonstrate and have practical more »
months working in a SOC You need to be able to know your way around Sentinel. Defender a huge bonus. Build basic KQL queries to help with threat hunts PowerShell scripting experience Bonus Bring experience across different cyber domains i.e. offensive security. Microsoft Security certifications This is a fully remote more »
Responsibilities of the Senior Cyber Threat Detection Engineer: Lead the development, implementation, and tuning of detection rules in Google SecOps (Chronicle) using Yara-L language to ensure high-fidelity alerts and minimal false positives. Utilize a SIEM platform to monitor and analyze security logs, identify threats, and investigate complex … enhance overall security posture. Required Qualifications of the Senior Cyber Threat Detection Engineer: Extensive experience in writing and optimizing detection queries in Yara-L language for Google SecOps … Chronicle). Experience working in a Security Operations Center (SOC) or Security Incident Response environment. Strong experience writing detection queries in additional languages (e.g., KQL for Microsoft Defender, SPL for Splunk). Experience working with SIEM log analysis, monitoring, and investigation. Identifying attacker tactics, techniques, and procedures. Knowledge of EDR more »