26 to 50 of 156 Permanent Kusto Query Language Jobs

across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯

in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols. You have knowledge of a query language (KQL, SPL ). Experience within a SOC environment is considered of high value. Experience with public cloud (Azure, GCP, AWS ) is considered of high value. Your More ❯

and maintain an accurate, consistent, repeatable process for responses to official questions by collecting, consolidating, and preparing written responses to external RFI or internal query from leadership Create and maintain records in compliance with DoD Records Management policies and directives Organize data, establish file structures, and ensure information is … Markup Language (HTML), AJAX, ASP.NET , XML, JavaScript, JQuery, CSS, Microsoft SharePoint Designer, complex SharePoint Workflows, Web Services, REST, Keyword Query Language (KQL), SharePoint Server 2013, and Internet Information Server (IIS). Required: Active Secret clearance is required to start, must be able to obtain a TS/ More ❯

of Windows, Linux, internet technology, and network protocols. Experience with Splunk Enterprise Security is mandatory . Knowledge of a query language (e.g., KQL, SPL). Strong data analytics skills are required for this function. Experience within a SOC environment is considered of high value. Experience with public cloud More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

the Delivery Lead/PMO. The Role You will be responsible for: Creating Threat Hunt Hypotheses and executing Threat Hunts regularly. Translating hypotheses into KQL queries, executing them, and triaging results independently. Having knowledge of attacker TTPs and APT groups, conducting in-depth research. Verifying and refining Threat Hunt queries More ❯

platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of More ❯

new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. More ❯

Lead for prioritisation. · Ad-hoc communications with government or commercial security operations centres as part of root-cause analysis · Creation of low-medium complexity KQL analytics and hunt queries, conducting IOC and anomaly-based threat hunts, including root cause identification of findings · Identification and tagging of incorrect alert logic/ More ❯

Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development: KQL, analytics rules, data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to More ❯

Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, including KQL, analytics rules, and data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus More ❯

Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a More ❯

Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is More ❯

Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR More ❯

Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR More ❯

Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR More ❯

To be successful as a Security Engineer, you should have the following skills/experience: SIEM experience - Azure Sentinel or Splunk (proficiency in writing KQL and SPL; log sources, ingestion patterns, and correlation rules). DevOps knowledge (Git/BitBucket/GitLab). Security Fundamentals (threat detection, incident response, threat More ❯

new detection techniques and research industry capabilities. Communicate with government or commercial security operation centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts, and identify root causes. Identify and tag incorrect alert logic and high false positive More ❯