13 of 13 Permanent Kusto Query Language Jobs in England

Microsoft Sentinel Engineer, you will design, implement, and optimise Sentinel solutions across enterprise environments. You will connect multiple data sources, write complex KQL queries, build automation playbooks, and work closely with clients to strengthen their security operations and response capabilities. This is a technically advanced role that combines engineering depth … Develop and optimise automation rules, playbooks, and runbooks using Logic Apps and Power Automate. Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter ...

customers. Required Skills Basic understanding of cybersecurity principles and threat landscapes Experience working with Microsoft Security tools (Sentinel, Defender XDR, Entra ID) Basics in KQL (Kusto query language) Strong analytical and problem-solving skills Excellent verbal and written communication skills Preferred Qualifications About 12 months of experience ...

technologies such as Defender or Azure security tools Strong analytical thinking and willingness to learn Nice to Have Experience writing queries for investigations (e.g. KQL) Microsoft security certifications (SC-200, SC-900, AZ-500) Exposure to incident response or threat detection activities Location This role requires 2 days per week ...

with Terraform as the primary tool and Bicep as an Azure-native IaC language. Ideally, you will have the ability to write and use KQL for dashboards, alerts, investigations, and insights in Log Analytics, Azure Monitor, and Application Insights. Experience administering and optimizing Windows Server workloads on Azure Virtual Machines ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions, and best practice implementations. Own the end-to-end delivery … Design and implement detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning ...

similar Good knowledge of cyber security basics and best practices Experience with SIEM tools, firewall and weakness management Proven experience of log checking and KQL Good knowledge of cloud, network, and device security concepts Strong problem-solving skills and careful attention to detail Good communication and record-keeping skills Your ...

Defender XDR • Deep understanding of Azure security architecture and ingestion strategy • Proven experience configuring connectors and tuning detection rules • Experience with SOAR platforms • Strong KQL capability • Ability to manage competing priorities in fast-paced environments • Experience managing ingestion costs or cloud service optimisation • Confident customer communication Desirable • Integration experience (Mimecast ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

engineering role Strong familiarity with security monitoring platforms such as SIEM, SOAR, and threat intelligence tooling Experience writing or tuning detection logic, ideally using KQL or similar query languages Practical exposure to threat hunting and analysing security alerts or incidents Experience building integrations or automation across security tooling Experience ...

flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard Endpoint and desktop security: EDR deployment … flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard Endpoint and desktop security: EDR deployment ...

Technical Architect - Microsoft Fabric Chester - Hybrid working 2 x per week Salary: Up to £90,000 per annum A leading client in Chester seeks a Technical Architect to design and deliver data and AI solutions ...

Splunk Enterprise Security Strong background in detection engineering and SIEM operations Experience designing and managing large scale data ingestion pipelines Advanced knowledge of SPL, KQL or EQL for detection engineering Experience with automation, scripting or Infrastructure as Code in SIEM environments Understanding of MITRE ATT&CK and threat detection techniques … your application to our client in conjunction with this vacancy only. KEY SKILLS Elastic Security, Splunk Enterprise Security, SIEM, Detection Engineering, Elastic Stack, SPL, KQL, EQL, MITRE ATT and CK, Security Monitoring, Log Ingestion, Terraform, Ansible, SOC Engineering, NSD. ...