2 of 2 Kusto Query Language Jobs in the North West

incidents, odd behaviours, multi-cloud weirdness - you investigate, correlate, and close.? Turning threat hunting into a habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.? Making the SIEM/XDR bill make sense : understanding ingestion, licensing … manage log sources properly.? You're comfortable designing security architecture in Azure/M365, integrating cloud-native controls, and wiring in threat intel.? KQL is second nature ; PowerShell or Python are tools you reach for without thinking.? You're happy explaining trade-offs between cost and coverage and backing ...

ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations … Deep expertise in Microsoft Sentinel and Microsoft Defender XDR Advanced KQL skills and SIEM data integration experience Knowledge of Azure and Microsoft 365 security services Scripting experience with PowerShell and/or Python This is an excellent opportunity for a senior security professional to make real impact in a modern ...