1 to 25 of 41 Permanent Kusto Query Language Jobs in England

on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. * Applying expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. * Identifying and escalating critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response … Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms. * Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. * Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. * Able to communicate clearly and efficiently with team More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

and orchestrations that reduce manual effort and improve speed and accuracy in security operations. - Tell Stories with Data: Use tools like Jupyter Notebooks, Kusto Query Language (KQL), and Python to query and visualize large-scale security datasets. Translate telemetry into insights and share narratives that influence decision-making across engineering and leadership teams. - Support Compliance and More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

improving security posture Provide technical support within client service reviews along with attending any other meetings at the CSOC Managers discretion Articulation of security risk to customers in a language that can be understood by business representatives Responsible for continual service improvement activities within the CSOC Ensuring the integrity of client IT infrastructures Protecting information systems residing upon them … strict SLAs. Experience with, SIEM, EDR and Email Security toolsets and how to leverage these tools to provide robust Detect & Respond services. Experience working in a Microsoft XDR SOC KQL (Kusto Query Language) experience Experience in mentoring and assisting analysts of varying levels of skill. Must have been a UK resident for a minimum of 5 years More ❯

cyber risk remediation. Technical Skills & Qualifications Ability to communicate complex issues to non-technical audiences. Understanding of OT infrastructure and networking. Proficiency in Kusto Query Language (KQL) and SIEM systems, especially Microsoft Sentinel. Desirable Experience & Skills Knowledge of network security tools like NAC, Firewalls, IDS/IPS. Leadership experience; cybersecurity or related degree; certifications like Microsoft Security More ❯

simplify complex IT and Security problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel. Desirable Experience More ❯

preferably in a next generation SOC environment or in an MSSP or MDR provider Experience with SIEM and SOAR platforms, particularly Microsoft Sentinel or Google Chronicle, including rule tuning, KQL, and automation. Knowledge of infrastructure-as-code and security automation (e.g., Bicep, Terraform, Logic Apps, PowerShell). Exposure to compliance-driven environments (e.g. ISO 27001, PCI-DSS, GDPR). Desired More ❯

Architect, Senior Security Consultant, and Systems Architect. Skills Required: Windows Architecture and Administration. Windows and Linux hardening best practices. Understanding of protocol analysis techniques. Experience with Azure Log Analytics, KQL, and Azure Alerts. Python, Shell, and PowerShell scripting. Experience with security tools and technologies (e.g., SIEM, IDS/IPS, NG Firewall capabilities, vulnerability scanners). Knowledge of Active Directory and More ❯

operational optimization. The ideal candidate Minimum of 5 years of experience in IT Security, cloud architecture, IAM or related roles Experience architecting and implementing IAM strategies Solid experience with KQL, PowerShell, and automated policy deployment Experience designing and implementing policies and procedures related to: Cloud tenant security (O365), Conditional Access, PIM, MFA, Auditing, logging, threat detection Bachelor's degree in More ❯

skills due to the trust imparted as an IRM analyst. Proficiency in using security tools and technologies such as Microsoft Sentinel SIEM, EDR and forensic analysis tools. Familiarity with KQL be beneficial for automating tasks and conducting advanced analysis. Beneficial: Understanding of data protection laws, regulations, and compliance requirements (e.g., GDPR, CCPA, HIPAA). Industry certifications such as Certified Information More ❯

policies, management groups, tagging, cost control, and monitoring tools (Azure Monitor, Log Analytics). Proven experience implementing Microsoft Sentinel: connecting data sources, building analytics rules, creating dashboards, and writing KQL queries. Understanding incident response, security event correlation, and automation via Logic Apps. Solid understanding of cybersecurity principles: Zero Trust, Conditional Access, MFA, identity protection, and secure score improvement. Intune/ More ❯

have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. More ❯

critical national infrastructure in a large-scale environment Provide support and troubleshooting for Azure services including Compute, Storage, Networking, etc. Utilize Azure Management tools such as Azure Monitor, Agents, KQL, ARM templates, Azure Policies, and Infrastructure as Code (IaC) with Azure DevOps, Bicep, etc. Perform scripting with PowerShell and manage patching in cloud environments Follow ITIL incident management practices, document More ❯

industry regulations, and best practices. You have - Proven experience deploying and managing Microsoft Defender (across all versions), Sentinel, Intune, and Windows security solutions, as well as strong proficiency in KQL, authentication protocols, and conditional access policies. - Practical knowledge of endpoint security across both server and end-user environments, including Active Directory, Entra ID, Windows and RHEL hardening, and device management. More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

NIST, ISO 27001, Zero Trust. Extensive experience with Windows and Linux hardening. Skilled in protocol analysis, network architecture, and infrastructure design. Technical Toolkit: Strong command of Azure Log Analytics, KQL, and Azure-based security tools. Scripting: Python, PowerShell, Shell. Experience with IDS/IPS, firewalls, SIEMs, and vulnerability management tools. Strong grasp of Active Directory, Azure AD, and identity access More ❯

NIST, ISO 27001, Zero Trust. Extensive experience with Windows and Linux hardening. Skilled in protocol analysis, network architecture, and infrastructure design. Technical Toolkit: Strong command of Azure Log Analytics, KQL, and Azure-based security tools. Scripting: Python, PowerShell, Shell. Experience with IDS/IPS, firewalls, SIEMs, and vulnerability management tools. Strong grasp of Active Directory, Azure AD, and identity access More ❯

Security Engineer - SIEM, KQL- sought by investment bank based in London. Inside IR35 - 3 days a week on-site Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost, and data retention policies Troubleshoot log ingestion and parsing issues Log … rules, STIX, and YAML Participation in red/purple team exercises. 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain More ❯

contribute to key decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC More ❯

contribute to key decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC More ❯

Sentinel Knowledge of other security tools e.g. Qualys, Akamai, Valimail Working knowledge of cloud providers such as AWS Ability to understand and develop coding languages such as Terraform, Python & KQL (or similar) Recognised cyber security certifications or qualifications (desirable). Experience with NIST (or similar) security framework(s). What we offer: We believe that all the people who work More ❯