14 of 14 Remote Kusto Query Language Jobs

manage high-severity security incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps … Defender for Endpoint, Office 365, Identity, Cloud Apps, Defender for Cloud, and Azure security controls Create and maintain Kusto Query Language (KQL) queries, automation workflows, and enrichment logic to enhance detections and investigation efficiency Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ...

Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities. This is a technically advanced role that combines engineering depth … Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter ...

Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities. This is a technically advanced role that combines engineering depth … Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter ...

threat categories. Analyze logs generated by applications using Azure Log Analytics and Azure Sentinel to identify anomalies and potential threats. Design, build, and maintain KQL queries to extract and correlate security-relevant data from logs. Implement automated alerting and reporting workflows through Azure Logic Apps integrated with Azure Sentinel. Collaborate … configuration, customization, and automation. In-depth knowledge of Azure Log Analytics , log ingestion, and data analysis. Proficiency in Kusto Query Language (KQL) for creating efficient, scalable queries. Experience with Azure Logic Apps to orchestrate automated response and reporting workflows. Solid understanding of application security principles, common threat ...

customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender XDR, Entra ID) Basics in KQL (Kusto query language) Strong analytical and problem-solving skills Excellent verbal and written communication skills Preferred Qualifications About 12 months of experience ...

technologies such as Defender or Azure security tools Strong analytical thinking and willingness to learn Nice to Have Experience writing queries for investigations (e.g. KQL) Microsoft security certifications (SC-200, SC-900, AZ-500) Exposure to incident response or threat detection activities Location This role requires 2 days per week ...

DESIRABLE Databases – SQL Server, MySQL, PostgreSQL, MariaDB, ADLS, CosmoDB - DESIRABLE Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries - DESIRABLE CORE COMPETENCIES & SKILLS Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions, and best practice implementations. Own the end-to-end delivery … Design and implement detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning ...

Defender XDR • Deep understanding of Azure security architecture and ingestion strategy • Proven experience configuring connectors and tuning detection rules • Experience with SOAR platforms • Strong KQL capability • Ability to manage competing priorities in fast-paced environments • Experience managing ingestion costs or cloud service optimisation • Confident customer communication Desirable • Integration experience (Mimecast ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

engineering role Strong familiarity with security monitoring platforms such as SIEM, SOAR, and threat intelligence tooling Experience writing or tuning detection logic, ideally using KQL or similar query languages Practical exposure to threat hunting and analysing security alerts or incidents Experience building integrations or automation across security tooling Experience ...

deep technical analysis Clear stakeholder communication Security Analyst (Contract) Focus: Detection, Response & Optimisation Key Responsibilities Advanced Microsoft Defender analysis & optimisation Write, tune, and troubleshoot KQL queries Investigate alerts and support incident response workflows Liaise with SOC & technical teams Analyse ITSM backlog/ticket trends Recommend improvements to Conditional Access … policies Required Experience Strong Microsoft Defender expertise Advanced KQL capability (hands-on) SOC/incident investigation background Analytical mindset with operational focus Strong communication & user engagement skills Security Engineer & Analyst Contracts - London RSG Plc is acting as an Employment Business in relation to this vacancy. ...

Microsoft Fabric Architect - Chester Hybrid working Salary upto £90,000 A leading client in Chester seeks a Microsoft Fabric Architect to design and deliver data and AI solutions on the Microsoft Fabric platform. As Technical ...