21 of 21 Remote Permanent Kusto Query Language Jobs

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

improving security posture Provide technical support within client service reviews along with attending any other meetings at the CSOC Managers discretion Articulation of security risk to customers in a language that can be understood by business representatives Responsible for continual service improvement activities within the CSOC Ensuring the integrity of client IT infrastructures Protecting information systems residing upon them … strict SLAs. Experience with, SIEM, EDR and Email Security toolsets and how to leverage these tools to provide robust Detect & Respond services. Experience working in a Microsoft XDR SOC KQL (Kusto Query Language) experience Experience in mentoring and assisting analysts of varying levels of skill. Must have been a UK resident for a minimum of 5 years More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

Architect, Senior Security Consultant, and Systems Architect. Skills Required: Windows Architecture and Administration. Windows and Linux hardening best practices. Understanding of protocol analysis techniques. Experience with Azure Log Analytics, KQL, and Azure Alerts. Python, Shell, and PowerShell scripting. Experience with security tools and technologies (e.g., SIEM, IDS/IPS, NG Firewall capabilities, vulnerability scanners). Knowledge of Active Directory and More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

SOC environments – Azure/AWS preferably. Practical experience both implementing and deploying DAC and IAC. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft Security stack – Defender, Sentinel, KQL, etc. Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you’re an experienced SecOps Engineer, looking to shape More ❯

contribute to key decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC More ❯

contribute to key decisions. Additionally, you will provide solutions to problems for your immediate team and across multiple teams. Key Requirements: Detailed Hands On SIEM support including policy updates (KQL/Sentinel) Hands On cyber escalations from L1 support Deep dive into data analysis and tools Incident Responder during a MIM Ensuring all SOC processes and docs are current SC More ❯

Continuously monitoring network traffic, security alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What's on Offer? Competitive salary More ❯

MSP Strong technical knowledge of Microsoft 365, including migrations, hybrid identity, DLP, retention policies Hands-on Azure IaaS experience: networking, NSGs, VPNs, load balancers, governance Proven Microsoft Sentinel experience: KQL, dashboards, incident response Solid grasp of Intune, AutoPilot, security and compliance policies Strong networking and firewall understanding (e.g. Cisco, Fortinet, Ubiquiti) Confident presenting to stakeholders and creating detailed technical documentation More ❯

Management o Azure SQL and MI o Functions o Networking o Data Factory o Databricks Proven experience with Azure DevOps (ADO) Solid understanding of o Terraform o HELM o KQL Advantageous: Healthcare or Government related industry experience Understanding of JIRA and Confluence Understanding or experience with TCAF Qualifications: Experience is valued over accreditation, however, as we're a Microsoft partner More ❯

MSP Strong technical knowledge of Microsoft 365, including migrations, hybrid identity, DLP, retention policies Hands-on Azure IaaS experience: networking, NSGs, VPNs, load balancers, governance Proven Microsoft Sentinel experience: KQL, dashboards, incident response Solid grasp of Intune, AutoPilot, security and compliance policies Strong networking and firewall understanding (e.g. Cisco, Fortinet, Ubiquiti) Confident presenting to stakeholders and creating detailed technical documentation More ❯

Technical Basic scripting skills in Python and/or other languages; familiarity with Windows, OS X, Linux. Experience with Splunk, Sentinel, and knowledge of SIEM query languages (SPL, KQL). Splunk configuration, CIM mapping, and API experience. Understanding of threat intelligence, network protocols, and security tools. Certifications in Azure Security and Splunk are desirable. Non-technical Strong stakeholder engagement More ❯

Harden infrastructure across Microsoft 365 and Endpoint environments Collaborate with System Admins, SOC Analysts, and Network Engineers Support compliance with upcoming Cyber Essentials certification Automate tasks with scripting (PowerShell, KQL, Python a plus) Help non-technical users understand and adopt secure practices What We're Looking For 5+ years in IT Security Engineering or a related technical field Proven hands … starting mindset, someone who "gets on with it" Desirable Certifications: AZ-500, CISSP, CCSP, CISM Experience with compliance initiatives like Cyber Essentials Any coding/scripting ability (PowerShell/KQL/Python) Working Pattern Fully remote with occasional head office visits Flexible approach to working patterns in a family friendly culture Benefits Strong training and development support Friendly, collaborative IT More ❯

Git (version control) Security & Compliance Cloud posture management (Azure Defender for Cloud, GCP SCCE) Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models More ❯

posture management (Azure Defender for Cloud, GCP SCCE) Microsoft Defender XDR/Microsoft Purview Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to More ❯

and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯

Jobs Search Type All Job Area All Sentinel SecOps Engineer - Sentinel, KQL, EDR, SOC Tooling London - Hybrid (3 days in the office) £450 - £500 p/day Outside IR35 Sentinel SecOps Engineer - Sentinel, KQL, EDR, SOC Tooling - London (3 days onsite) - £450 - £500 p/day Outside IR35 I am working with an exceptional Microsoft Security Solution Provider, and they … of them. You will need to build all the analytical rules within the log sources and help to support the entire estate. It is essential that you have exceptional KQL skills, not just be able to follow code, but create it from scratch and spot errors and changes in code as and when you review it. They need someone who … days later in the contract, but this is not guaranteed. Required: Exposure working with a previous managed security provider or within an MSSP environment Strong working knowledge of KQL (essential) Experience using SOC tooling (SIEM and EDR solutions) (essential) Previous experience working within financial services Experience using ITSM tools Knowledge of the phases in incident response and Cyber Kill Chain More ❯