5 of 5 Contract Kusto Query Language Jobs

overview of customer industry and projects, access to cutting-edge technology etc.) Technical SME in Cybersecurity space Key responsibilities: (Up to 10, Avoid repetition) KQL: Expert Level Able to develop and maintain high-fidelity detection rules using Kusto Query Language Able to utilize KQL for detection engineering … Coordinate the end-to-end onboarding of log sources into Sentinel. Key skills/knowledge/experience: (Up to 10, Avoid repetition) Expert in KQL Technical SME for Sentinel set up Strong understanding of cloud and on premises logging (Windows, Linux, application, DB, identity). Experience onboarding data using ...

engineering activities on a rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where … Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise KQL queries (essential). Knowledge of scripting/query languages (e.g., Falcon Query Language) is advantageous. Analytical Capability: Strong investigative and problem-solving ...

third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs). * Support DPIA processes through ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...