9 of 9 Permanent Kusto Query Language Jobs in the UK excluding London

contribute to continual service improvements. What We’re Looking For 3+ years experience in SOC/NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK More ❯

SOAR) for security monitoring, detection, and incident response. The ideal candidate will have practical experience configuring, tuning, and maintaining these solutions, analysing alerts and incidents, developing advanced hunting queries (KQL), developing automation playbooks, and integrating with other security controls and solutions. Experience with security tools outside of the Microsoft eco-system , such as IDS/IPS, vulnerability scanners, web and More ❯

or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST More ❯

improvement through recommendations and change initiatives Required Skills & Experience Proven expertise in IBM QRadar SIEM Strong understanding of log formats, parsing, and normalization Experience with SIEM query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

Security Center Azure Policy & Role-Based Access Control (RBAC) Microsoft Purview and Compliance tools Familiarity with security frameworks such as NIST, ISO 27001, or CIS. Experience with scripting (PowerShell, KQL) and automation for security operations. Relevant certifications (e.g., AZ-500 , SC-200 , SC-300 ) are highly desirable. What's on Offer Join a globally respected financial institution with a strong More ❯

Security Center Azure Policy & Role-Based Access Control (RBAC) Microsoft Purview and Compliance tools Familiarity with security frameworks such as NIST, ISO 27001, or CIS. Experience with scripting (PowerShell, KQL) and automation for security operations. Relevant certifications (e.g., AZ-500 , SC-200 , SC-300 ) are highly desirable. What's on Offer Join a globally respected financial institution with a strong More ❯

Cyber Security Analyst When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team More ❯