12 of 12 Permanent Kusto Query Language Jobs in the South East

/SIEM platforms (e.g., Elastic, Sentinel, Splunk), including query languages used for investigations and detections such as: Kusto Query Language (KQL) ES|QL Kibana Query Language Strong understanding of attacker tactics, techniques, and procedures (TTPs), including detecting indicators of compromise (IOCs) and knowing ...

Skills * Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) * Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL * Understanding of event correlation, alerting, and detection use-case development ________________________________________ Technical Foundations * Strong … client's supplier list for this role. ________________________________________ Keywords SIEM Analyst, Security Monitoring Analyst, SOC Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence ...

documentation, runbooks, and operational procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

operations (coverage management, escalation handling, policy tuning). Familiarity with Microsoft Defender suite and/or Microsoft Sentinel. Scripting/automation skills (PowerShell, KQL, Python). Knowledge of ransomware recovery patterns (immutable backups, restore validation, offline documentation). Exposure to audit/compliance requirements (ISO 27001, NIST, CIS) and evidence ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

runbooks. We’re looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365/Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial. ...

governance principles Understanding of identity and access control (e.g. Entra ID, RBAC) Experience across structured and unstructured data Scripting/automation skills (PowerShell, Python, KQL) Qualifications Relevant technical qualifications or equivalent experience. Microsoft certifications (e.g. SC-400, AZ-500, DP-203, AZ-305) Experience with Azure data services (e.g. Data ...

governance principles Understanding of identity and access control (e.g. Entra ID, RBAC) Experience across structured and unstructured data Scripting/automation skills (PowerShell, Python, KQL) Qualifications Relevant technical qualifications or equivalent experience. Microsoft certifications (e.g. SC-400, AZ-500, DP-203, AZ-305) Experience with Azure data services (e.g. Data ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

design experience in ICS and/or cybersecurity. Exposure to tools like MDIoT, Sentinel, Wireshark, Nessus, or Splunk. Knowledge of data analysis and scripting (KQL, Python, PowerShell, or Bash) Please note that roles based out of SJS or Sunbury will move to Timber Square, Southwark, from Q4 2027. Why join ...

Clearance. What youll be doing: Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM. Write and optimise detection logic using KQL and SPL. Turn monitoring requirements and use cases into effective, actionable detections. Tune alerts to reduce false positives and improve SOC efficiency. Validate detections against telemetry … What youll bring: Experience in SOC engineering, detection engineering or SIEM engineering. Strong hands-on experience with Microsoft Sentinel and Splunk. Solid knowledge of KQL and SPL. Experience building, testing and maintaining detection rules. Good understanding of SIEM lifecycle management and security telemetry. Knowledge of cloud environments and IT infrastructure. ...