1 to 25 of 36 Permanent Kusto Query Language Jobs in England

and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering … or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk More ❯

Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for … analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯

Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). Knowledge of … and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in incident response. Measure and improve alert More ❯

Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules … optimising performance, and reducing false positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong knowledge of cloud and hybrid security, particularly within Azure. Additional Requirements: Must hold or be eligible to achieve More ❯

them before customers feel the impact Build historical trend reports beyond Azure's native 90-day data retention Analyse logs and performance data using KQL, providing insights and actionable recommendations Automate remediation workflows using PowerShell, Python or Azure Functions Work closely with engineering and DevOps to resolve incidents quickly Document … of experience in cloud monitoring, data analysis, or DevOps support Deep familiarity with Azure services including App Service, SQL, Blob Storage Strong command of KQL (Kusto Query Language) for log and telemetry analysis Experience setting up automated alerts and building dashboards Working knowledge of automation (PowerShell, Python More ❯

been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (Kusto Query Language) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯

been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (Kusto Query Language) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯

oral and written Critical thinking skills and willingness to learn new concepts and technologies Familiarity with SQL or Kusto Query Language (KQL), and threat hunting automations Experience with forensic analysis tools and security solutions Knowledge of Windows internals, Linux/macOS forensic analysis, and third-party cybersecurity More ❯

problems for non-technical audiences. Strong understanding of OT infrastructure, networking, and end-user computing. Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems More ❯

problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems More ❯

PAM) and Security Information & Event Management. (SIEM) Good understanding of IT, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for Sentinel queries and alerts. Desirable Experience Familiarity with managing network security capabilities such as NAC (Network Access Control), Firewalls, Proxies/VPN, IDS/ More ❯

and technologies. Qualifications Technical Proficiency Strong understanding of IT security tools (SIEM, EDR, XDR), threat detection, and log analysis. Familiarity with scripting (Python, PowerShell, KQL) for automation. Benefits Competitive salary with annual reviews. 25 days holiday + option to buy additional leave. Flexible working policies. Enhanced parental benefits. Company pension More ❯

Defender XDR, and/or other SIEM/XDR solutions. Strong understanding of log collection, parsing, and correlation for security monitoring. Experience in developing KQL queries, custom detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly More ❯

To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat More ❯

in SRE, IT operations, software development, or DevOps. Familiarity with CI/CD, IaC, Agile, and ITIL frameworks. Proficiency in Azure Monitor, App Insights, KQL, and incident management. Hands on experience with YAML pipelines. Experience with Bicep, SolarWinds, Terraform and PowerShell. Want to be part of a growing SRE team More ❯

technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence strategy on a global More ❯

technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence strategy on a global More ❯

technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence strategy on a global More ❯

technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence strategy on a global More ❯

in Microsoft Azure Platform services (Compute, Storage, Networking etc.). Managing/Operating/Troubleshooting experience in Azure. Azure Management - Azure Monitor, Monitoring Agents, KQL, ARM template, Azure Policies, IaC and deployment models. Infrastructure as code experience, ideally Azure DevOps, ARM, Bicep, ADO - Azure DevOps. Strong fault analysis/determination More ❯

skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of threat modelling Knowledge of ISO 27001 and other commonly More ❯

working as a Cyber Security Analyst in a cloud environment (Azure) and have some experience with Network Security. The following skills are essential: Microsoft KQL Network security Web application security API security including OAUTH Experience of the following would be advantageous: Cyber incident response Akamai experience Cequence experience More ❯

working as a Cyber Security Analyst in a cloud environment (Azure) and have some experience with Network Security. The following skills are essential: Microsoft KQL Network security Web application security API security including OAUTH Experience of the following would be advantageous: Cyber incident response Akamai experience Cequence experience More ❯