1 to 25 of 26 Kusto Query Language Jobs in England

tooling, and network security. Certifications such as CISSP, CEH, GIAC, AZ-500, SC-100 , or relevant vendor-specific credentials. Scripting proficiency in Python, PowerShell, KQL (Kusto Query Language), or Kibana Query Language . Strong analytical mindset with the ability to process large datasets, detect threats ...

managing Azure Monitor, Log Analytics workspaces, Application Insights, and Azure dashboards. Experience creating alert rules, action groups, workbooks, and analysing metrics and logs using KQL (Kusto Query Language). Skilled in performance troubleshooting, implementing Azure Service Health monitoring, and setting up distributed tracing. Ideally, knowledge and experience ...

supporting C#/.NET Core/MVC web applications with SQL Server backends and Azure Blob Storage. Advanced Azure diagnostics (Application Insights, Log Analytics, Kusto Query Language). Proficient in SQL for investigation and remediation. Scripting and automation skills in PowerShell and/or C#. Understanding … Blob Storage, scaling strategies. Experience in capacity planning, SLOs, and error budget management Azure Monitor, Application Insights, Log Analytics, Azure Data Explorer (KQL), Azure Functions, Logic Apps, PowerShell, C#, SQL Server Management Studio, Azure Storage Explorer, Power BI (for reporting). The Senior Azure Support Engineer responsibilities and tasks: Monitor ...

practices for data governance and self-service analytics. Responsibilities Build and maintain Power BI reports, dashboards, and datasets using DAX, Power Query (M), KQL, and SQL. Develop reusable data models and implement CI/CD pipelines in Azure DevOps. Manage Power BI Service administration, including security and refresh schedules. … share knowledge across teams. Qualifications Strong Power BI development experience (reports, dashboards, data models). Advanced knowledge of DAX, Power Query (M), KQL, and Power BI Service. Expertise in SQL and relational database design. Familiarity with Azure DevOps for CI/CD and version control. Understanding of data warehousing ...

practices for data governance and self-service analytics. Responsibilities Build and maintain Power BI reports, dashboards, and datasets using DAX, Power Query (M), KQL, and SQL. Develop reusable data models and implement CI/CD pipelines in Azure DevOps. Manage Power BI Service administration, including security and refresh schedules. … share knowledge across teams. Qualifications Strong Power BI development experience (reports, dashboards, data models). Advanced knowledge of DAX, Power Query (M), KQL, and Power BI Service. Expertise in SQL and relational database design. Familiarity with Azure DevOps for CI/CD and version control. Understanding of data warehousing ...

Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft Defender for O365, Darktrace AI, anti-phishing, Safe ...

roles (MSSP experience advantageous). Advanced expertise with: CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection) LogScale/Next-Gen SIEM (AQL/KQL queries, dashboards, pipelines) SIEM technologies and EDR/MDR workflows in 24×7 security operations Strong automation and scripting skills (Python, PowerShell, Bash). Proficiency ...

starting with PDS.? Desirable Experience? . Understanding of threat landscapes, attack vectors, and adversary tactics (MITRE ATT&CK framework). Proficiency in SQL/KQL and Resource Graph for data scripting, transformation and automation. Familiarity with Azure and Fabric, using dataflows and data lakes to build scalable datasets. Understanding ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident investigation. PowerShell/Python scripting for automating Microsoft security tooling, plus experience securing DNS, DKIM/DMARC ...

platforms. Incident investigation skills across endpoint, identity, and cloud. Understanding of Microsoft 365, Azure, and Zero Trust. Skilled in ASR rules, AV baselines, and KQL analytics. Desirable Skills Experience with Microsoft Sentinel. Understanding of MITRE ATT and CK. Exposure to red team activities. Familiarity with automation using PowerShell. Professional Attributes ...

Practical experience with Azure SQL , Cosmos DB , and other Azure data services Microsoft certifications (AZ-204, AZ-400, ITIL Foundation) Familiarity with Application Insights , KQL , and security best practices Exposure to multi-cloud environments or containerisation (Docker, Kubernetes) About DigX DigX is a transformation consultancy delivering engineered outcomes across complex ...

project extensions typically follow the same pattern. What they are looking for Around twelve to eighteen months experience in a SOC Azure Sentinel Strong KQL capability Comfortable working in a front line analyst role Clear communication and structured thinking under pressure Clearance You must be eligible ...

performance, tenant‐wide scoping, differential targeting by region/legal entity. Automate via PowerShell/Graph, and instrument telemetry/alerting (e.g., Sentinel/KQL, compliance portals). Define controls, evidence artefacts, and reporting for internal audit and regulatory assurance. Create runbooks for policy changes, exceptions, break‐glass procedures ...

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ...

someone with at least a year of commercial SOC experience who’s confident working with Microsoft Sentinel and comfortable writing, adjusting, and analysing KQL queries for detection, investigation and threat-hunting. Role Responsibilities Monitor and analyse security events to identify threats, attacks and suspicious activity. Carry out full triage … investigation of alerts. Use KQL within Microsoft Sentinel to build analytics, detection rules, and conduct hunts for indicators of compromise. Contribute to SIEM/SOAR playbooks and improve detection capabilities. Document incidents, TTPs and root-cause findings. Work with internal and external stakeholders during investigations. Support continuous improvements to threat ...

doing As SOC Analyst, you will: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

security technologies. Skills/Must Have: Experience with SIEM platforms and log analysis. Ability to query and interpret log data; familiarity with KQL is beneficial. Exposure to EDR tools such as CrowdStrike, Microsoft Defender for Endpoint, or Carbon Black. Understanding of malware behaviour, IoCs, and basic analysis techniques. Knowledge ...

bonus, not a requirement. What you’ll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

including data connector onboarding, ingestion optimisation, analytic rule lifecycle management, workspace architecture, and cost-aware service design for multi-tenant MSSP use cases Advanced KQL (Engineering & Detection Enablement) Expert-level KQL skills to support detection engineering, correlation logic, operational tuning, and platform performance across Sentinel and Defender data sources SOAR ...

Terraform , and scripting with PowerShell/Python . Monitor and optimise cloud performance using Azure Monitor , Service Health , and advanced query tools (KQL). Implement FinOps principles to control costs and ensure efficient use of public funds. Integrate security best practices with Microsoft Defender for Cloud and maintain compliance ...

Terraform , and scripting with PowerShell/Python . Monitor and optimise cloud performance using Azure Monitor , Service Health , and advanced query tools (KQL). Implement FinOps principles to control costs and ensure efficient use of public funds. Integrate security best practices with Microsoft Defender for Cloud and maintain compliance ...

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience with Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a ...