2 of 2 Permanent Kusto Query Language Jobs in Bristol

bonus, not a requirement. What you’ll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

Will Ideally Bring: Strong experience with Azure Cloud technologies, Microsoft Sentinel and Defender solution. Experience in query languages and/or script development (KQL, SPL, SQL, Powershell, etc.) Knowledge and familiarity of enterprise IT systems in relation to cyber security. Hands-on engineering experience with SIEM and/ ...