1 to 25 of 29 Permanent Kusto Query Language Jobs in the UK excluding London

suitable methods. QUALIFICATIONS AND SKILLS English level C1 or above Strong analytical and documentation skills Bachelor's degree or equivalent experience Microsoft Sentinel SIEM Strong scripting skills in PowerShell, Kusto Query Language, Python (highly advantageous) Strong understanding of encryption technologies (TLS/SSL, PKI, IPSec, AES) Microsoft 365 Security & Compliance Microsoft Defender for Endpoints Microsoft Defender for More ❯

for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web More ❯

for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web More ❯

for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and Office365 Compliance Portal. AWS and Azure (IAM, IaaS, PaaS). Knowledge in KQL queries in Sentinel and/or SPL in Splunk for developing use cases, dashboards, custom rules, custom parsers. Intermediate Understanding of services and protocols commonly used in hosting environments: web More ❯

EDR platforms such as Microsoft Sentinel, Splunk, Defender, CrowdStrike or Elastic • Proven ability to build and tune detection rules, dashboards and automation playbooks • Knowledge of scripting or automation using KQL, PowerShell, Python or similar • Familiarity with log management, APIs and data normalisation • Understanding of cloud security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals More ❯

with SIEM or EDR platforms (e.g., Microsoft Sentinel, Splunk, Defender, CrowdStrike, Elastic). Expertise in building and tuning detection rules, dashboards, and automation playbooks. Proficiency in scripting or automation (KQL, PowerShell, Python, or similar). Knowledge of log management, APIs, data normalisation, and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent More ❯

cloud security across M365, Azure and AWS Excellent communication skills and a collaborative mindset Passion for learning and knowledge sharing Desirable Experience Experience with scripting or automation using PowerShell, KQL or Python Exposure to threat hunting, threat intelligence or vulnerability management Experience mentoring or coaching junior analysts What You’ll Get Competitive salary £40,000 to £55,000 depending on More ❯

Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or vulnerability management. Why apply? Hybrid flexibility, funded certifications, cutting-edge tooling, and clear development paths into leadership or specialist roles. If you More ❯

3+ years focusedon detection engineering Proven ability to operationalise threat intelligence into actionable, high-delity detections Demonstratable experience with detection-as-code using multiple detection languages - Sigma, YAML, SPL, KQL, YARA-L, CoreTIDE. Procient with Python, Git/GitHub and developing security tooling integrations and automations Hands-on experience with Splunk Cloud, Enterprise Security, and SOAR Deep understanding of MITRE More ❯

team and share knowledge into wider MSS teams. What we're looking for You'll have experience of: 3+ years of experience in Security Operations Writing scalable detection content (KQL/SPL/YARA-L) Strong knowledge of scripting languages such as Python, Go or Shell Knowledge of Infrastructure as Code (IaC) tools e.g. bicep Experience with cloud platforms (AWS More ❯

stakeholders, and cloud architecture groups. Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor and ServiceNow integrations More ❯

mentorship to more junior members of the team and share knowledge into wider MSS teams. What we're looking for You'll have experience of: Writing scalable detection content (KQL/SPL/YARA-L) Strong knowledge of scripting languages such as Python, Go or Shell Knowledge of Infrastructure as Code (IaC) tools e.g. bicep Experience with cloud platforms (AWS More ❯

years minimum) , dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure preferably. Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you More ❯

years minimum) , dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure preferably. Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you More ❯

years minimum) , dealing with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft E5 Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure preferably. Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you More ❯

project environments Contribute to IT strategy, roadmaps, and solution design discussions What Youll Bring: Essential: Proven experience supporting digital/web/mobile app lications Strong SQL and Azure KQL skills Linux scripting expertise Experience managing IIS-hosted digital solutions Highly Desirable: BigCommerce website support Redis platform experience Microsoft Dynamics 365 API support and monitoring tools (e.g., SolarWinds, Azure App More ❯

platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and More ❯

platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and More ❯

project environments Contribute to IT strategy, roadmaps, and solution design discussions What Youll Bring: Essential: Proven experience supporting digital/web/mobile app lications Strong SQL and Azure KQL skills Linux scripting expertise Experience managing IIS-hosted digital solutions Highly Desirable: BigCommerce website support Redis platform experience Microsoft Dynamics 365 API support and monitoring tools (e.g., SolarWinds, Azure App More ❯

Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment Analyse threat intelligence feeds to identify relevant threats and … to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best practice Experience with scripting and More ❯

Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment Analyse threat intelligence feeds to identify relevant threats and … to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best practice Experience with scripting and More ❯

Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment Analyse threat intelligence feeds to identify relevant threats and … to incidents Microsoft Sentinel and Defender hands-on expertise SC-200 certification or willingness to achieve it Within commuting distance (~1 hour) of Canary Wharf, London Technical Skills Strong KQL skills for threat hunting and incident forensics Experience with SIEM, IDS/IPS and threat intelligence platforms Familiarity with incident response frameworks and security best practice Experience with scripting and More ❯

systems and tools Experience in ITIL best practices, experience in supporting bespoke software, experience in supporting cloud infrastructure and hardware , experience in query languages such as SQL and KQL Desirable: Experience in Power BI and the languages used M query and DAX Awareness of programming languages such a Python and C# Experience in or awareness of software requirements More ❯

systems and tools Experience in ITIL best practices, experience in supporting bespoke software, experience in supporting cloud infrastructure and hardware , experience in query languages such as SQL and KQL Desirable: Experience in Power BI and the languages used M query and DAX Awareness of programming languages such a Python and C# Experience in or awareness of software requirements More ❯

systems and tools Experience in ITIL best practices, experience in supporting bespoke software, experience in supporting cloud infrastructure and hardware , experience in query languages such as SQL and KQL Desirable: Experience in Power BI and the languages used M query and DAX Awareness of programming languages such a Python and C# Experience in or awareness of software requirements More ❯