1 to 25 of 73 Remote Kusto Query Language Jobs in England

XDR to conduct in-depth incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Security Engineering & Platform More ❯

/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results. Experienced with and have sufficient knowledge of attacker TTP’s Have a deep understanding of Advanced Persistent Threat groups More ❯

/have: Responsible for and capable of independently creating Threat Hunt Hypotheses, running Threat Hunts at a regular cadence Responsible for and capable of translating Threat Hunt Hypotheses into KQL Queries, running those KQL queries and then independently triaging the results. Experienced with and have sufficient knowledge of attacker TTP's Have a deep understanding of Advanced Persistent Threat groups More ❯

operations experience. Experience with SIEM platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of low-level concepts including operating More ❯

with security frameworks & standards i.e. NIST, CIS Benchmarks, NCSC guidelines, ISO 27001 and Cyber Essentials Plus (CE+) Practical experience with PowerShell, Python, and Kusto Query Language (KQL) for automation, analysis, and custom alerting Exposure to programming languages such as JavaScript, C, or .NET is a big plus! About Us... We’ve been dubbed ‘the rebels of accountancy More ❯

Analysis skills to contribute to new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. Transform Threat Intelligence into actionable More ❯

consideration by the Intrusion Analysis Lead for prioritisation. · Ad-hoc communications with government or commercial security operations centres as part of root-cause analysis · Creation of low-medium complexity KQL analytics and hunt queries, conducting IOC and anomaly-based threat hunts, including root cause identification of findings · Identification and tagging of incorrect alert logic/high false positive detection rules More ❯

reports on system health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Work closely with engineering, DevOps, and customer support teams to resolve … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified: Azure More ❯

reports on system health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Work closely with engineering, DevOps, and customer support teams to resolve … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified: Azure More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

reports on system health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Work closely with engineering, DevOps, and customer support teams to resolve … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified: Azure More ❯

reports on system health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Work closely with engineering, DevOps, and customer support teams to resolve … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified: Azure More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

health and reliability. Provide recommendations and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering, DevOps, and customer support teams … in cloud monitoring, data analysis, or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Microsoft Certified More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

standards Requirements Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development: KQL, analytics rules, data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to work in fast-paced, customer More ❯

Requirements Experience with complex Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, including KQL, analytics rules, and data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus) Ability to work in fast More ❯

with building and integrating complex Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus) Ability to work in More ❯

building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability to work More ❯

building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR is a plus Ability to More ❯

building and integrating complex Microsoft Sentinel solutions at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR is a plus Comfortable working More ❯

Experience building and integrating complex Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response, or DFIR is a plus Comfortable working More ❯