2 of 2 Kusto Query Language Jobs in Gloucester

Knowledge Repository, creating and updating content autonomously. Build relationships outside the HMG community with external SOCs and cybersecurity researchers to identify beneficial analytics, tradecraft, and threat intelligence. Develop complex KQL analytics and playbooks for detection rules against M365 environments and host-based analytics for Linux and Windows VMs. Review open-source research on threats impacting cloud services and prioritize implementation. … in writing malware and anomaly detection rules. Use of statistical methods for anomaly detection. Advanced practical experience with Microsoft Sentinel and/or Microsoft XDR. Proficiency in writing complex KQL analytics/searches. Strong awareness of the latest security threats. Ability to prioritize threats and assess detection effectiveness. Threat hunting or SOC analyst certifications are preferred. Life at BAE Systems More ❯

benefit the Blue Team, including both communicating suggestions for funding/prioritisation to technical lead, and working as lead implementor when required. · Development of new complex and anomaly-based KQL analytics, and associated playbooks that result in creation of bespoke detection rules/analytics against M365 environments, plus host-based analytics for Linux and Windows VM's · Review open-source … anomaly detections Knowledge of using statistical methods to find anomalies in data · Advanced Practical use of Microsoft Sentinel and/or Microsoft XDR · Competent in writing med-highly complex KQL analytics/searches · Strong knowledge of latest threats in security · Ability to prioritise threats · Determine factors that contribute to a detection's effectiveness Threat hunting or SOC analyst skills/ More ❯