Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), KustoQueryLanguage (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). Knowledge of … and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific querylanguage or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in incident response. Measure and improve alert More ❯
of Security Tools: Proficiency in using various security tools and platforms, such as SIEMs, IDS/IPS, and threat intelligence platforms. Proficiency in Writing KQL Queries for Forensics: Strong ability to write and optimize KustoQueryLanguage (KQL) queries for conducting forensic investigations and analysing security events. More ❯
of Security Tools: Proficiency in using various security tools and platforms, such as SIEMs, IDS/IPS, and threat intelligence platforms. Proficiency in Writing KQL Queries for Forensics: Strong ability to write and optimize KustoQueryLanguage (KQL) queries for conducting forensic investigations and analysing security events. More ❯
retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using KustoQueryLanguage (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯
retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using KustoQueryLanguage (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯
retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using KustoQueryLanguage (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯
Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. KustoQueryLanguage (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules … optimising performance, and reducing false positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong knowledge of cloud and hybrid security, particularly within Azure. Additional Requirements: Must hold or be eligible to achieve More ❯
been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (KustoQueryLanguage) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯
been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (KustoQueryLanguage) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯
skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of threat modelling Knowledge of ISO 27001 and other commonly More ❯
common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Desirable: Experience with KQL and customising Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but More ❯
common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Desirable: Experience with KQL and customising Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Tenth Revolution Group
under control Skills Microsoft Fabric - Lakehouse and warehouse models Azure Tools (Data Factory, Synapse, SQL) Python experience for programming Databases, SQL and NoSQL (CosmosDB, KQL) Data Modelling: Kimball frameworks and 3NF Nice To Have Databricks Power BI AI/ML Azure Infrastructure DevOps Certifications Microsfot certified: fabric Analytics Engineer Associate More ❯
Locus Robotics is a global leader in warehouse automation, delivering unmatched flexibility and unlimited throughput, and actionable intelligence to optimize operations. Powered by LocusONE, an AI-driven platform, our advanced autonomous mobile robots seamlessly integrate into existing warehouse environments to More ❯