4 of 4 Kusto Query Language Jobs in the North West

Git (version control) Security & Compliance Cloud posture management (Azure Defender for Cloud, GCP SCCE) Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models More ❯

have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. More ❯

and Service Extend Support Machines Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members More ❯

Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst/SOC/Microsoft Sentinel/KQL/SIEM Threat Analyst - Manchester/Hybrid - £30K Maxwell Bond have engaged with an MSSP in the Manchester area that're looking for a Threat Analyst to join their team. We're looking for somebody that has recent experience with … Microsoft Sentinel (1-2 years) and KQL skills. The company are growing and hiring at a quick rate, really exciting time to join them as they expand. You will be in the Manchester based office ideally once per week, sometimes maybe once every two weeks. What you'll be doing: Investigating and responding to security alerts and incidents escalated by … the L1 team Using Microsoft Sentinel as your primary SIEM platform, leveraging KQL to hunt, analyse, and improve detection Tuning Sentinel rules, creating workbooks and queries to enhance visibility and reduce false positives Working with clients across different sectors, helping them understand threats and improve their security posture Collaborating with Threat Intelligence and Engineering teams to strengthen detection and response More ❯