1 to 25 of 45 Kusto Query Language Jobs in England

manage high-severity security incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps … Defender for Endpoint, Office 365, Identity, Cloud Apps, Defender for Cloud, and Azure security controls Create and maintain Kusto Query Language (KQL) queries, automation workflows, and enrichment logic to enhance detections and investigation efficiency Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ...

services : App Service, WebJobs, Functions, Storage, Service Bus/Event Hub. Expertise in monitoring and observability : Application Insights, Kusto Query Language (KQL), Log Analytics. Knowledge of Azure Identity & Security : Managed Identities, Key Vault, Entra ID authentication. Experience with CSV/Blob storage pipelines for large-scale data ...

supporting C#/.NET Core/MVC web applications with SQL Server backends and Azure Blob Storage. Advanced Azure diagnostics (Application Insights, Log Analytics, Kusto Query Language). Proficient in SQL for investigation and remediation. Scripting and automation skills in PowerShell and/or C#. Understanding … Blob Storage, scaling strategies. Experience in capacity planning, SLOs, and error budget management Azure Monitor, Application Insights, Log Analytics, Azure Data Explorer (KQL), Azure Functions, Logic Apps, PowerShell, C#, SQL Server Management Studio, Azure Storage Explorer, Power BI (for reporting). The Senior Azure Support Engineer responsibilities and tasks: Monitor ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

Skills Needed: 5+ years of experience as a Data Engineer, ideally with Microsoft Fabric. Proficiency using T-SQL is essential. Experience with Python, Power Query, and KQL. Solid knowledge of Azure DevOps and CI/CD best practices. Experience with secure multi-tenant data architectures (RLS and TLS). ...

ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations ...

semantic modelling). Advanced Programming and Data Engineering Skills: Proficient in Python, SQL and T-SQL with experience in PySpark; familiarity with KQL for real-time analytics and robust ELT design using medallion architectures. Proven Experience in Modern Data Platforms: Track record of building and operating Azure-based data platforms ...

desirable) Platforms & Infrastructure: Active Directory/Entra hybrid identity Windows Server and Linux Networking, VPNs, firewalls, endpoint management Tooling & Automation: KQL PowerShell API integrations Automation tooling Key Responsibilities Technical Delivery Lead technical discussions with customers, guiding architecture, design decisions, and best practice implementations. Own the end-to-end delivery … Design and implement detections, automation workflows, and runbooks. Conduct technical assessments across identity, endpoint, cloud posture, logging, and security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning ...

leadership experience within a security engineering or SecDevOps environment Strong technical grounding in the Microsoft Security ecosystem, ideally including Microsoft Sentinel, Defender XDR, and KQL Ability to balance people management with hands-on technical credibility Experience within an MSSP or consultancy environment is highly advantageous Excellent communication skills and confidence ...

incidents, odd behaviours, multi-cloud weirdness - you investigate, correlate, and close.? Turning threat hunting into a habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.? Making the SIEM/XDR bill make sense : understanding ingestion, licensing … manage log sources properly.? You're comfortable designing security architecture in Azure/M365, integrating cloud-native controls, and wiring in threat intel.? KQL is second nature ; PowerShell or Python are tools you reach for without thinking.? You're happy explaining trade-offs between cost and coverage and backing ...

National Infrastructure (CNI), OT/ICS environments, threat hunting, detection engineering, EDR/NDR/SOAR tools, and basic scripting or query skills (KQL, SQL, Python). Desirable qualifications: cyber security or computer science degree, and certifications such as CompTIA Security+, BTL1, GIAC (GSEC, GCED, GCIA), or Elastic Certified ...

Location: UK (remote/hybrid) Stack: • Microsoft Security: Defender XDR, Sentinel, Entra ID • SIEM/XDR: Microsoft Sentinel (KQL), SentinelOne (S1QL) • Exposure to other platforms such as CrowdStrike, or Elastic a plus • Threat intelligence integration and detection tuning • Tooling: KQL, S1QL, PowerShell, API usage Join us and help strengthen … threat intelligence practitioners to build high-quality detections. Technical responsibilities • Design, build, and tune detection logic across Sentinel and XDR platforms. • Write and optimise KQL and S1QL queries for detection and hunting scenarios. • Improve signal quality through tuning, suppression logic, and data validation. • Review and enhance existing analytic rules ...

ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations … Deep expertise in Microsoft Sentinel and Microsoft Defender XDR Advanced KQL skills and SIEM data integration experience Knowledge of Azure and Microsoft 365 security services Scripting experience with PowerShell and/or Python This is an excellent opportunity for a senior security professional to make real impact in a modern ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and Scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...