escalated triage and analysis on security events identified by Tier 1 Analysts Apply expertise in SIEM solutions utilising KustoQueryLanguage (KQL) Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action Monitor the threat landscape and document findings on evolving threat … using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis Able to demonstrate proficient knowledge using KustoQueryLanguage (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate More ❯
To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat More ❯
glasgow, central scotland, United Kingdom Hybrid / WFH Options
Context Recruitment
to automate, optimize, and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and … monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯
