126 to 150 of 173 Permanent Kusto Query Language Jobs

a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and … container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code Comfortable scripting in Python More ❯

a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and … container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code Comfortable scripting in Python More ❯

a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and … container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code Comfortable scripting in Python More ❯

a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and … container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code Comfortable scripting in Python More ❯

a business that thrives on data at scale. Key Responsibilities: Keeping a sharp eye on threats across hybrid and cloud estates (GCP) Crafting and fine-tuning smart detections using KQL Leading the charge on incident response, from first alert to final report Getting stuck into threat hunting and shaping how detections are built and improved Helping drive security automation and … container environments Requirements: Solid chops in security monitoring, threat detection, and fast, effective incident response Hands-on with XDR tools like Defender, Carbon Black, CrowdStrike, or FireEye Confident with KQL, especially in Microsoft Sentinel Strong background in GCP Experience securing Kubernetes, Docker, and containerised workloads Familiar with MITRE ATT&CK, SOAR, and writing detections as code Comfortable scripting in Python More ❯

optimize data pipelines Debug issues Keep costs under control Skills Microsoft Fabric - Lakehouse and warehouse models Azure Tools (Data Factory, Synapse, SQL) Python programming Databases, SQL and NoSQL (CosmosDB, KQL) Data Modelling: Kimball frameworks and 3NF Nice To Have Databricks Power BI AI/ML Azure Infrastructure DevOps Certifications Microsoft Certified: Fabric Analytics Engineer Associate DP-203 Azure Data Engineering More ❯

the MITRE ATT&CK framework and common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Experience with KQL and customizing Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but not essential. #J-18808-Ljbffr More ❯

with MITRE ATT&CK framework and common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Experience with KQL and customizing Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but not essential. #J-18808-Ljbffr More ❯

hire. Key Skills required: 2+ years’ experience working in a SOC environment – ideally MSSP. Experience in a technical security role is also considered. Experience with SIEM tools e.g. Sentinel, KQL, ELK, QRadar, AlienVault, or similar. A cyber security qualification, certification, or degree e.g. CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 Certs are desirable. Assess risks and threats for More ❯

Bonus: You've worked with version control for detection rules, or done some detection-as-code Certs like GCIA, GCIH, CEH, GNFA, GCFA Familiarity with frameworks like Sigma or KQL A side interest in threat hunting or malware behavior What You’ll Impact How quickly we detect and respond to real threats The signal-to-noise ratio of our security More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

and Service Extend Support Machines Additional Knowledge Management Tools – Microsoft SCCM, Windows Admin Center, SCOM Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

global platforms. What You’ll Be Doing Leading threat detection and incident response across GCP environments Building and refining cloud-native detections using Kusto Query Language (KQL) Driving security automation and Infrastructure-as-Code practices Enhancing cloud visibility through effective logging, monitoring, and threat modelling Collaborating with SOC analysts, engineers, and data teams to secure workloads and … skills and experience include: Cloud security expertise in Google Cloud Platform Hands-on experience with cloud-native tools (e.g., Defender for Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation More ❯

of Windows, macOS or Linux operating systems Understanding of modern attacker TTPs Translate threat intelligence into actionable detection logic. Solid grasp of detection technologies Query languages such as KQL or SPL Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.) Desirable Skills and Experience: Knowledge of cloud infrastructure, cloud security and cloud APIs a plus … Knowledge of attacker tools and evasion techniques within offensive engineering Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell Experience of developing detections as code More ❯

of Windows, macOS or Linux operating systems Understanding of modern attacker TTPs Translate threat intelligence into actionable detection logic. Solid grasp of detection technologies Query languages such as KQL or SPL Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.) Desirable Skills and Experience: Knowledge of cloud infrastructure, cloud security and cloud APIs a plus … Knowledge of attacker tools and evasion techniques within offensive engineering Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell Experience of developing detections as code More ❯

of Windows, macOS or Linux operating systems Understanding of modern attacker TTPs Translate threat intelligence into actionable detection logic. Solid grasp of detection technologies Query languages such as KQL or SPL Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, PowerShell etc.) Desirable Skills and Experience: Knowledge of cloud infrastructure, cloud security and cloud APIs a plus … Knowledge of attacker tools and evasion techniques within offensive engineering Working knowledge of at least one major programming language, including scripting languages like Python and PowerShell Experience of developing detections as code More ❯