23 of 23 Permanent Kusto Query Language Jobs in the UK

/SIEM platforms (e.g., Elastic, Sentinel, Splunk), including query languages used for investigations and detections such as: Kusto Query Language (KQL) ES|QL Kibana Query Language Strong understanding of attacker tactics, techniques, and procedures (TTPs), including detecting indicators of compromise (IOCs) and knowing ...

CSOC Compile and present monthly SOC reporting, advising on security posture improvements Support client service reviews and articulate cyber risk in business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure high-quality incident resolution and consistent SOC performance Who you are: Youre an experienced cyber … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

Azure observability playbook, delivering comprehensive dashboards, alerting rules, and operational runbooks using Application Insights, Log Analytics, and Kusto Query Language (KQL). AIOps & Intelligent Automation Develop AI‐driven alerting and detection mechanisms to surface early‐warning signals, including IP reputation degradation, database capacity saturation, and anomalous traffic … Expertise Deep proficiency in Terraform, including module design, remote state management, workspace strategies, and multi‐environment deployment patterns. Monitoring & Observability Expertise Advanced experience with KQL for Azure Log Analytics, with the ability to design and build custom Azure Monitor Workbooks for operational insight and reporting. Security Automation Strong background ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

technical stakeholders. What youll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into ...

technical stakeholders. What you’ll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks ...

areas: vulnerability analysis, security alert analysis, email threat analysis, incident response, ability to read and understand essential scripting and database languages (PowerShell, python, SQL, KQL, etc) desired Bachelor’s degree in computer science, information systems, cybersecurity or related field optional. GIAC, ISACA, CompTIA, and/or ISC2 technical certifications preferred ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint and desktop security: EDR deployment ...

operating build & release automation and continuous integration and deployment, especially to Azure or to VMware VCF. Scripting and Programming languages in (Python, Bash, Powershell, KQL etc.,) Familiarity with infrastructure automation using tools like Ansible and Terraform. Experience of DevOps Practices, and working with Agile methodologies including SAFe. Unix & Windows system ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...

maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You’ll Bring Must … Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks ...

maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You’ll Bring Must … Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks ...

commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design ...

commercial experience in SOC content engineering, detection engineering, or SIEM administration Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design ...

engineering, detection engineering, or SIEM administration Strong commercial experience with Splunk Strong hands-on experience with SIEM platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design ...

MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling Experience with scripting or query languages (e.g. KQL, SPL, Python) Familiarity with DevOps environments and CI/CD pipelines Experience with identity security and access controls Benefits Competitive salary and performance-based bonus ...

Splunk Enterprise Security Strong background in detection engineering and SIEM operations Experience designing and managing large scale data ingestion pipelines Advanced knowledge of SPL, KQL or EQL for detection engineering Experience with automation, scripting or Infrastructure as Code in SIEM environments Understanding of MITRE ATT&CK and threat detection techniques … your application to our client in conjunction with this vacancy only. KEY SKILLS Elastic Security, Splunk Enterprise Security, SIEM, Detection Engineering, Elastic Stack, SPL, KQL, EQL, MITRE ATT and CK, Security Monitoring, Log Ingestion, Terraform, Ansible, SOC Engineering, NSD. ...

Microsoft Fabric Engineer - London Hybrid working - London Salary upto £90,000 A leading client in London seeks a Microsoft Fabric Engineer to design and deliver data and AI solutions on the Microsoft Fabric platform. As ...