23 of 23 Permanent Kusto Query Language Jobs

Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written … rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft ...

supporting C#/.NET Core/MVC web applications with SQL Server backends and Azure Blob Storage. Advanced Azure diagnostics (Application Insights, Log Analytics, Kusto Query Language). Proficient in SQL for investigation and remediation. Scripting and automation skills in PowerShell and/or C#. Understanding … Blob Storage, scaling strategies. Experience in capacity planning, SLOs, and error budget management Azure Monitor, Application Insights, Log Analytics, Azure Data Explorer (KQL), Azure Functions, Logic Apps, PowerShell, C#, SQL Server Management Studio, Azure Storage Explorer, Power BI (for reporting). The Senior Azure Support Engineer responsibilities and tasks: Monitor ...

consultancy Nice to Have Certifications (AZ-500, SC-200, CySA+, BTL1/2) Microsoft 365 & Azure security tooling (Sentinel, Defender) PowerShell and KQL experience Working Pattern & Package 37.5 hours per week, shift-based with on-call escalation 90% remote (quarterly office visits) £40,000 - £45,000 salary + bonus Private ...

including Azure AD, and Azure ecosystem. Working knowledge of medallion architecture and how it fits within a data platform. Working knowledge of Log Analytics, KQL and how it fits within monitoring solutions. Essential Knowledge, Skills & Experience Experience/Knowledge Integrations development involving Azure Integrations, SQL Server/Azure SQL, APIs ...

fundamentals ✔️ Familiarity with Windows, Linux & macOS ✔️ Curious, analytical mindset with a genuine interest in cyber defence (Sentinel/CrowdStrike/MITRE ATT&CK/KQL experience is a bonus, not essential) Shift pattern 12-hour shifts : 2 days/2 nights/4 off Flexibility required during major incidents 🔐 Clearance ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

effectively. Documentation & Compliance Improve and maintain accurate system documentation for configuration, troubleshooting, and best practices. Ideal Background Proficiency in SQL Server, T-SQL, and KQL (Azure Application Insights), including writing queries and stored procedures from scratch. Experience troubleshooting application logs, Windows Event Viewer, and system errors. Hands-on experience with ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

Skills Needed: 5+ years of experience as a Data Engineer, ideally with Microsoft Fabric. Proficiency using T-SQL is essential. Experience with Python, Power Query, and KQL. Solid knowledge of Azure DevOps and CI/CD best practices. Experience with secure multi-tenant data architectures (RLS and TLS). ...

ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

leadership experience within a security engineering or SecDevOps environment Strong technical grounding in the Microsoft Security ecosystem, ideally including Microsoft Sentinel, Defender XDR, and KQL Ability to balance people management with hands-on technical credibility Experience within an MSSP or consultancy environment is highly advantageous Excellent communication skills and confidence ...

incidents, odd behaviours, multi-cloud weirdness - you investigate, correlate, and close.? Turning threat hunting into a habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.? Making the SIEM/XDR bill make sense : understanding ingestion, licensing … manage log sources properly.? You're comfortable designing security architecture in Azure/M365, integrating cloud-native controls, and wiring in threat intel.? KQL is second nature ; PowerShell or Python are tools you reach for without thinking.? You're happy explaining trade-offs between cost and coverage and backing ...

detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements. Develop, optimise, and maintain high-fidelity detections using Splunk , Microsoft Sentinel , KQL , SPL , and Python for automation and Detection as Code. Work closely with cloud platforms ( AWS and Azure ) to enhance detection capabilities in hybrid environments. Monitor networks … expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient, high-fidelity detections. Solid understanding of security detection methodologies, threat intelligence, and cloud security environments. Strong communication and stakeholder management ...

understanding of MITRE ATT&CK, malware analysis, and adversary behaviour Hands-on experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms Proficiency in KQL, Python, or similar scripting/query languages Excellent communication skills — comfortable presenting to clients Analytical, detail-driven mindset with the ability to manage multiple ...

ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations … Deep expertise in Microsoft Sentinel and Microsoft Defender XDR Advanced KQL skills and SIEM data integration experience Knowledge of Azure and Microsoft 365 security services Scripting experience with PowerShell and/or Python This is an excellent opportunity for a senior security professional to make real impact in a modern ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and Scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

Solid understanding of log sources across endpoint, network, cloud, and identity environments Proven ability to develop detection rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What ...

Solid understanding of log sources across endpoint, network, cloud, and identity environments Proven ability to develop detection rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What ...