14 of 14 Remote Kusto Query Language Jobs

platformsVulnerability management platformsThreat intelligence integrationsDevelop, tune, and maintain advanced threat detections, correlation rules, analytics, dashboards, and automation workflows.Utilize Kusto Query Language (KQL) to develop advanced threat hunting queries, detections, reporting, and security investigations within Microsoft Sentinel, Microsoft Defender, and related security platforms.Develop and maintain SOAR playbooks … experience supporting enterprise cybersecurity technologies and operations.Advanced experience with SIEM and SOAR technologies, including security automation, orchestration, and incident response workflow development.Strong experience utilizing KQL (Kusto Query Language) for threat hunting, analytics, detections, dashboards, and investigations.Strong PowerShell scripting experience for automation, reporting, incident response, and systems administration ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

with SIEM technologies, log analysis, and threat detection Strong understanding of Microsoft security tooling including Microsoft Sentinel, Defender XDR and Entra ID Experience with KQL (Kusto Query Language) for investigations and threat detection Good understanding of MITRE ATT&CK framework Knowledge of network security, Firewalls, VPNs, endpoint ...

Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel or CIS exposure beneficial The successful candidate will work closely with Infrastructure, Service Desk and operational IT teams ...

operations (coverage management, escalation handling, policy tuning). Familiarity with Microsoft Defender suite and/or Microsoft Sentinel. Scripting/automation skills (PowerShell, KQL, Python). Knowledge of ransomware recovery patterns (immutable backups, restore validation, offline documentation). Exposure to audit/compliance requirements (ISO 27001, NIST, CIS) and evidence ...

function, this role identifies opportunities to streamline processes, accelerate incident response, and reduce operational overhead through intelligent automation, leveraging Artificial Intelligence (AI) and Large Language Models (LLMs). In addition to building scalable automation workflows, this individual will contribute to the broader Security Engineering team, including supporting Detection Engineering … such as Azure Logic Apps, SOAR tools (e.g., Microsoft Sentinel, Splunk SOAR, Cortex XSOAR). Experience building and tuning detections using SIEM platforms (e.g., KQL, SPL) and working with security telemetry across endpoint, identity, network, and cloud. Experience designing SOAR workflows for automated security response and incident triage. Proven experience ...

incidents Broad technical understanding – Windows, Linux, Networks, VMware etc. Appreciation of GCIA, GCIH, GCFA etc. an advantageous Knowledge of tech such as Defender, Sentinel, KQL etc. This is an excellent opportunity to work in a large, enterprise level environment, where there is plenty of scope for growth. Please apply ASAP ...

design experience in ICS and/or cybersecurity. Exposure to tools like MDIoT, Sentinel, Wireshark, Nessus, or Splunk. Knowledge of data analysis and scripting (KQL, Python, PowerShell, or Bash) Please note that roles based out of SJS or Sunbury will move to Timber Square, Southwark, from Q4 2027. Why join ...

Clearance. What youll be doing: Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM. Write and optimise detection logic using KQL and SPL. Turn monitoring requirements and use cases into effective, actionable detections. Tune alerts to reduce false positives and improve SOC efficiency. Validate detections against telemetry … What youll bring: Experience in SOC engineering, detection engineering or SIEM engineering. Strong hands-on experience with Microsoft Sentinel and Splunk. Solid knowledge of KQL and SPL. Experience building, testing and maintaining detection rules. Good understanding of SIEM lifecycle management and security telemetry. Knowledge of cloud environments and IT infrastructure. ...

related security platforms Assist with vulnerability scanning, remediation support, and operational security improvements Contribute to automation and scripting initiatives using tools such as KQL, PowerShell, Python, or Bash Produce and maintain technical documentation, operational runbooks, and security playbooks Support governance and compliance activities aligned to standards such as ISO27001, GDPR … environments Security tooling, infrastructure, and cloud platforms Linux and Windows operating systems SIEM technologies and security monitoring Basic scripting or automation using KQL, PowerShell, Python, or Bash ITIL environments and structured change control processes Firewall, endpoint, or cloud security technologies We'd especially like to hear from candidates ...

frameworks Experience with cloud data platforms (ideally Microsoft Fabric) Familiarity with Power BI or similar BI tools Ability to optimise and troubleshoot query performance Strong … analytical and problem-solving skills Desirable Skills Knowledge of modern data architectures Experience with SQL, SSRS, SSIS and SSAS Experience using PySpark Familiarity with KQL Experience with data cataloguing tools Exposure to C# What you'll get in return Competitive Salary - 52,750 with a generous hybrid working policy. Pension ...