51 to 75 of 146 Permanent Kusto Query Language Jobs

analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operation centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts, and identify root causes. Identify and tag incorrect alert logic and high false positive detection rules for review. Transform More ❯

Security Operations Analyst (SC-200). Skills include problem-solving, attention to detail, continuous improvement, communication, flexibility, analytical thinking, technical expertise, incident response, familiarity with security tools, proficiency in KQL, scripting, automation, and a proactive learning attitude. Two Stage Hiring Process Initial Interview: 15-30 minutes via Teams with a CyPro partner. Final Assessment: 60-minute practical exercise in our More ❯

of Windows, Azure, and M365 security architectures. Knowledge of security monitoring and compliance best practices. Experience working with Microsoft Sentinel and XDR frameworks, an advantage. Scripting experience in PowerShell, KQL, or Python, an advantage. Microsoft certifications: SC-200, SC-300, SC-400, AZ-500, MS-500, SC-100, an advantage Self-starter with great attention to detail and care about More ❯

include, but not be limited to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL). More ❯

Knowledge of containerization and orchestration technologies such as Docker and Kubernetes. Proficiency in cloud platforms: Azure and AWS. Expertise in Microsoft Defender and Kusto Query Language (KQL). Qualifications: Bachelor’s degree in Computer Science, IT, or related field. Minimum of 5 years of experience in IT infrastructure engineering, focusing on Microsoft 365 tools and services. Relevant More ❯

/Security problems in a simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information & Event Management (SIEM) systems, in More ❯

Collaborate with automation teams to build capabilities using platforms like CrowdStrike Fusion, AWS Lambda, Azure Logic Apps, XSOAR, and Python scripts. Languages Good experience in query languages like KQL and Logscale for investigations and log analysis is highly desirable Managing Relationships: Develop and maintain key relationships with forensics, security operations governance, cyber defence engineering, risk and compliance, IT, and … tools (disassemblers, decompilers, debuggers) and processes (unpacking malware, reconstructing code logic, etc) is desirable Some programming experience for example, C, Python, Go, and/or other languages desirable Assembly language knowledge is a plus but not essential is desirable. Experience in User-Interface/User-Experience (UI/UX) design and development is desirable but not essential Development and More ❯

or data analysis. Experience integrating multiple cloud services together. Experience analysing cloud system data to identify areas of improvement. Experience in reporting findings and analysis in clear and concise language to stakeholders. Ability to motivate and guide team members (who will eventually be global) to build up their skills. Technical Skills Creative problem-solver with passion and attention to … Azure SQL). Developing Web Service/APIs (Swagger, OAuth2, ODATA). Experience with Relational DBMS systems (SQL, T-SQL). Experience with Azure Monitoring and Log Analytics (notably KQL, Python, PowerShell). Come to work with us! We are an amazing company with a wide range of benefits and opportunities for growth. Our team is made up of incredible More ❯

experience with Defender for Cloud, Conditional Access, Sentinel, IAM, PIM, Experience in Crowdstrike EDR and Identity Protection Experience using advanced Crowdstrike Logscale Queries (FQL) and advanced Kusto queries (KQL) Experience with Incident Response, Forensics and required tools Demonstratable experience with Penetration testing, planning and scoping, execution, and reporting. Familiarity with red/blue team exercises Hands-on experience with More ❯

technical workshops & architecture design sessions 🔹 Drive security strategy & compliance initiatives (ISO 27001, NIST, GDPR) 🔹 Perform threat detection, incident response & forensic analysis 🔹 Utilize Microsoft Sentinel, Cisco Splunk, Palo Alto QRadar, KQL & more What We’re Looking For: 🔸 4+ years in Cyber Security within an MSP or similar environment 🔸 Hands-on expertise in SIEM, EDR, firewalls, VPNs, cloud security (AWS, Azure, GCP More ❯

SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, , and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of Windows More ❯

in enterprise or critical infrastructure environments. Experience with control systems like ICS, SCADA, CNI. Exposure to SOC operations; incident triage; risk remediation. Technical skills: familiarity with OT infrastructure, networking, KQL, Microsoft Sentinel, MFA, PAM, SIEM. Preferred Qualifications Knowledge of network security tools (NAC, firewalls, IDS/IPS). Leadership experience; degree in related fields; security certifications such as Microsoft SC More ❯

SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of More ❯

SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of More ❯

tasks effectively. Willingness to participate in continuous learning and professional development. Flexibility to work on-site in Peterborough two days per week (negotiable). Preferred Skills & Certifications: Experience with KQL, Rapid7 SIEM, SentinelOne EDR, Microsoft Defender XDR, or Microsoft Sentinel. Level 3 Analysts: Additional expertise in threat hunting, digital forensics, and leadership experience. #J-18808-Ljbffr More ❯

evolving TTPs. Use intrusion analysis skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause analysis. Create KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. Transform internal and partner threat More ❯

SOC performance reports and threat intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of More ❯

for them (trusted advisor/technical coach). Position might be filled at a higher level based on candidate experience. What will help you succeed Preferred Requirements: Experience with query languages such as SQL, SPL, or KQL. Experience with observability and log collectors/pipelines such as FluentBit, OpenTelemetry, Cribl, and Logstash. Experience with web technologies such as HTML More ❯

Awareness of data protection principles and security frameworks (e.g. ISO 27001, NIST). Previous involvement in security audits, risk assessments, or policy development. Scripting or automation skills (e.g. PowerShell, KQL) are a plus. We are accepting applications for our hubs in Washington, Nairobi & Dubai -please note that a current right to work is required for these locations. Closing Date More ❯

SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. Experience with content engineering inside SIEM platforms (e.g., rule creation, advanced correlation searching, etc.). Knowledge of scripting languages (e.g., PowerShell and … improvement, plan implementation of improvements, and execute/oversee plans to completion. Create and modify SIEM use cases and detection logic, leveraging cyber threat intelligence, written in technology-specific query language or sigma open signature format. Provide expertise for SIEM and other SOC technologies that assist in incident response. Measure and improve alert fidelity through metrics creation, tracking More ❯

on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions. Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents. Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response … Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms. Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively. Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information. Able to communicate clearly and efficiently with team More ❯

of Defensive Cyber Operations (DCO), including threat hunting methodologies. Technical experience with cyber data analysis to include continuous monitoring, intelligence, and reporting. Proficient in various query languages (SQL, KQL (Kusto). Python experience, and bonus for experience using Jupyter notebooks. Experience with dashboarding/visualizations (Power-Bi, Superset, Kibana). Ability to abstract threat hunting concepts to look More ❯

response (including drills, simulations, response actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA, SANS, CCIM, MS-500, AZ …/200/300/400. Proven experience managing a SOC/Security Operations function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply immediately as first stage interviews are More ❯

critical national infrastructure in a large-scale environment Provide support and troubleshooting for Azure services including Compute, Storage, Networking, etc. Utilize Azure Management tools such as Azure Monitor, Agents, KQL, ARM templates, Azure Policies, and Infrastructure as Code (IaC) with Azure DevOps, Bicep, etc. Perform scripting with PowerShell and manage patching in cloud environments Follow ITIL incident management practices, document More ❯

security incidents. Hands-on experience with deploying and using SIEM tools. Skilled in Azure Security solutions, including Defender for Endpoint, Defender for Identity, and Office 365. Proficient in writing Kusto queries for Microsoft Sentinel to enhance analytics and threat hunting. Deep knowledge of Windows security controls, architecture, and implementation in enterprise environments. Strong analytical skills to assess and respond More ❯