3 of 3 Permanent Kusto Query Language Jobs in Glasgow

Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience ...

junior analysts Handle complex threats, lead incident response, and shape security policy Oversee and lead investigations across various cloud security suites Develop and maintain KQL-based detection rules, hunting queries, and alert tuning strategies. Coordinate incident response playbooks across hybrid environments, including AWS EC2, Lambda, and containerized workloads. Contribute … response roles, with strong hands-on experience in Microsoft security suite, AWS Security Services, and other EDR/XDR/CNAPP platforms Proficient in KQL, PowerShell, and Python for automation and enrichment. Experience with AWS IAM, GuardDuty, Security Hub, CloudTrail, and Config. Strong understanding of UK compliance frameworks (NCSC ...

TAXII feeds and enrich IOC/IOA pipelines for SOC and Incident Response teams Translate threat intelligence into actionable detections, working with engineers on KQL/SPL queries and proactive threat hunts Produce regular threat reports and briefings for SOC leadership, CISO and senior stakeholders, including board-level risk narratives … with threat intelligence platforms such as MISP, Recorded Future, Anomali or similar Strong experience with Microsoft security tooling, ideally Sentinel and Defender Proficiency in KQL and working knowledge of Python for automation and enrichment Experience integrating intelligence into SIEM, EDR/XDR, and cloud security platforms (Microsoft, AWS, CrowdStrike, etc. ...