13 of 13 Remote/Hybrid Permanent Kusto Query Language Jobs

Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written … rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft ...

fundamentals ✔️ Familiarity with Windows, Linux & macOS ✔️ Curious, analytical mindset with a genuine interest in cyber defence (Sentinel/CrowdStrike/MITRE ATT&CK/KQL experience is a bonus, not essential) Shift pattern 12-hour shifts : 2 days/2 nights/4 off Flexibility required during major incidents 🔐 Clearance ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

effectively. Documentation & Compliance Improve and maintain accurate system documentation for configuration, troubleshooting, and best practices. Ideal Background Proficiency in SQL Server, T-SQL, and KQL (Azure Application Insights), including writing queries and stored procedures from scratch. Experience troubleshooting application logs, Windows Event Viewer, and system errors. Hands-on experience with ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

Data Factory (pipelines, orchestration) o Data Engineering (Lakehouse, notebooks, Apache Spark) o Data Warehouse (SQL endpoints, schemas, MPP performance tuning) o Real-Time Analytics (KQL databases, event ingestion) o Manage and enhance OneLake architecture, delta lake tables, security policies, and data governance within Fabric. o Build scalable, reusable data assets ...

leadership experience within a security engineering or SecDevOps environment Strong technical grounding in the Microsoft Security ecosystem, ideally including Microsoft Sentinel, Defender XDR, and KQL Ability to balance people management with hands-on technical credibility Experience within an MSSP or consultancy environment is highly advantageous Excellent communication skills and confidence ...

detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements. Develop, optimise, and maintain high-fidelity detections using Splunk , Microsoft Sentinel , KQL , SPL , and Python for automation and Detection as Code. Work closely with cloud platforms ( AWS and Azure ) to enhance detection capabilities in hybrid environments. Monitor networks … expertise with Splunk and Microsoft Sentinel SIEM platforms. Strong programming skills in Python , with experience developing automation and Detection as Code pipelines. Proficiency in KQL and SPL for creating efficient, high-fidelity detections. Solid understanding of security detection methodologies, threat intelligence, and cloud security environments. Strong communication and stakeholder management ...

Solid understanding of log sources across endpoint, network, cloud, and identity environments Proven ability to develop detection rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What ...

Solid understanding of log sources across endpoint, network, cloud, and identity environments Proven ability to develop detection rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What ...