3 of 3 Temporary Kusto Query Language Jobs in England

Cyber Defense, Privacy, Compliance, Legal, and Architecture teams • Perform host-based digital forensics on Microsoft Windows systems primarily and other operating systems and document findings in clear and concise language • Analysis of network data (packets, logs) and endpoint data (logs, malicious artifacts) in both structured and unstructured methods. • Preserve evidence (both network and host) using forensically sound methods • Identify … TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture • Knowledge or certification of Crowdstrike, Darktrace, Sentinel is a plus • Experience with scripting and automation (Python, Powershell, Bash, KQL etc) • Financial services sector, a benefit/Shift work NOT required Click Apply now/contact Lianne to be considered for the Cyber Security SOC Analyst – London/Remote role More ❯

Sentinel analytics rules, workbooks, and connectors Develop and optimise dashboards and reports for threat visibility Manage Sentinel upgrades and ensure platform stability Conduct threat hunting and incident investigations using KQL Microsoft Defender Administer Defender for Endpoint, Identity, Cloud, and Office 365 Monitor and respond to alerts across Defender platforms Collaborate with IT teams to remediate vulnerabilities and improve endpoint security … have: Hands-on experience with Microsoft Sentinel including configuration, reporting, and upgrades Strong understanding of SOAR playbook development and automation Ability to manage multiple simultaneous initiatives effectively Proficiency in KQL, Azure Logic Apps, and Microsoft Defender suite Analytical mindset with experience in data-driven security planning Excellent communication and stakeholder engagement skills Job Offer Competitive daily rate of approximately More ❯

Further details as follows: Role: Trainer Day rate: £400 - £500 outside ir35 Duration: Approx 10 days. 4 days delivery and 6 days prep Location: remote Requirements: Strong experience with KQL, Microsoft Defender and Microsoft Sentinel MCT would be preferable but not a must Experience of planning delivering training Details of the topics to be covered: The team actively uses Microsoft … Defender and Microsoft Sentinel to investigate and remediate security alerts . The training should explore better utilisation of the tools , including KQL to extract meaningful information, with a focus on: Setting up and editing alert rules and actions Streamlining alerts to reduce noise Automating resolution of expected tasks Most people attending rate themselves as having a lower understanding of KQL More ❯