1 to 25 of 40 Remote/Hybrid Permanent Kusto Query Language Jobs

Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written … rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft ...

fundamentals ✔️ Familiarity with Windows, Linux & macOS ✔️ Curious, analytical mindset with a genuine interest in cyber defence (Sentinel/CrowdStrike/MITRE ATT&CK/KQL experience is a bonus, not essential) Shift pattern 12-hour shifts : 2 days/2 nights/4 off Flexibility required during major incidents 🔐 Clearance ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

semantic modelling). Advanced Programming and Data Engineering Skills : Proficient in Python, SQL and T-SQL with experience in PySpark ; familiarity with KQL for real-time analytics and robust ELT design using medallion architectures. Proven Experience in Modern Data Platforms : Track record of building and operating Azure-based data platforms ...

semantic modelling). Advanced Programming and Data Engineering Skills: Proficient in Python, SQL and T-SQL with experience in PySpark; familiarity with KQL for real-time analytics and robust ELT design using medallion architectures. Proven Experience in Modern Data Platforms: Track record of building and operating Azure-based data platforms ...

desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions, and best practice implementations. Own the end-to-end delivery … Design and implement detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning ...

leadership experience within a security engineering or SecDevOps environment Strong technical grounding in the Microsoft Security ecosystem, ideally including Microsoft Sentinel, Defender XDR, and KQL Ability to balance people management with hands-on technical credibility Experience within an MSSP or consultancy environment is highly advantageous Excellent communication skills and confidence ...

Location: UK (remote/hybrid) Stack: • Microsoft Security: Defender XDR, Sentinel, Entra ID • SIEM/XDR: Microsoft Sentinel (KQL), SentinelOne (S1QL) • Exposure to other platforms such as CrowdStrike, or Elastic a plus • Threat intelligence integration and detection tuning • Tooling: KQL, S1QL, PowerShell, API usage Join us and help strengthen … threat intelligence practitioners to build high-quality detections. Technical responsibilities • Design, build, and tune detection logic across Sentinel and XDR platforms. • Write and optimise KQL and S1QL queries for detection and hunting scenarios. • Improve signal quality through tuning, suppression logic, and data validation. • Review and enhance existing analytic rules ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...