18 of 18 Permanent Kusto Query Language Jobs in England

Skills * Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) * Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL * Understanding of event correlation, alerting, and detection use-case development ________________________________________ Technical Foundations * Strong … client's supplier list for this role. ________________________________________ Keywords SIEM Analyst, Security Monitoring Analyst, SOC Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

/DV cleared) Familiarity with Azure Virtual Desktop (AVD) Python Scripting for automation or Azure Functions Knowledge of Kusto Query Language (KQL)/Log Analytics Awareness of HMG DDaT principles or NCSC Cloud Security Principles Experience with PagerDuty , Slack , or similar operational alerting integrations The Environment ...

documentation, runbooks, and operational procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge ...

operations (coverage management, escalation handling, policy tuning). Familiarity with Microsoft Defender suite and/or Microsoft Sentinel. Scripting/automation skills (PowerShell, KQL, Python). Knowledge of ransomware recovery patterns (immutable backups, restore validation, offline documentation). Exposure to audit/compliance requirements (ISO 27001, NIST, CIS) and evidence ...

logs, databases, messaging platforms, external integrations) rather than through a single tool Strong working knowledge of Microsoft Azure, including Portal fluency, Application Insights/KQL, Log Analytics, Azure Functions, Storage and Key Vault Practical experience of event-driven messaging platforms (Azure Service Bus or equivalent) producer/consumer patterns, dead ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

escalation point for insider risk matters, providing technical advice, case support and judgement across complex or sensitive activity. The role will use threat hunting, KQL and detection engineering to identify indicators of misuse, compromise, inappropriate access or unusual activity requiring review. The post holder will analyse Microsoft Defender for Endpoint ...

runbooks. We’re looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365/Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial. ...

governance principles Understanding of identity and access control (e.g. Entra ID, RBAC) Experience across structured and unstructured data Scripting/automation skills (PowerShell, Python, KQL) Qualifications Relevant technical qualifications or equivalent experience. Microsoft certifications (e.g. SC-400, AZ-500, DP-203, AZ-305) Experience with Azure data services (e.g. Data ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

design experience in ICS and/or cybersecurity. Exposure to tools like MDIoT, Sentinel, Wireshark, Nessus, or Splunk. Knowledge of data analysis and scripting (KQL, Python, PowerShell, or Bash) Please note that roles based out of SJS or Sunbury will move to Timber Square, Southwark, from Q4 2027. Why join ...

Clearance. What youll be doing: Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM. Write and optimise detection logic using KQL and SPL. Turn monitoring requirements and use cases into effective, actionable detections. Tune alerts to reduce false positives and improve SOC efficiency. Validate detections against telemetry … What youll bring: Experience in SOC engineering, detection engineering or SIEM engineering. Strong hands-on experience with Microsoft Sentinel and Splunk. Solid knowledge of KQL and SPL. Experience building, testing and maintaining detection rules. Good understanding of SIEM lifecycle management and security telemetry. Knowledge of cloud environments and IT infrastructure. ...

frameworks Experience with cloud data platforms (ideally Microsoft Fabric) Familiarity with Power BI or similar BI tools Ability to optimise and troubleshoot query performance Strong … analytical and problem-solving skills Desirable Skills Knowledge of modern data architectures Experience with SQL, SSRS, SSIS and SSAS Experience using PySpark Familiarity with KQL Experience with data cataloguing tools Exposure to C# What you'll get in return Competitive Salary - £52,750 with a generous hybrid working policy. Pension ...