14 of 14 Kusto Query Language Jobs in the North West

incident response .Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering: Perform proactive threat hunting using KQL within Microsoft Sentinel. Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve … science, Cybersecurity, Engineering, or a related field. Hands-on experience in cybersecurity operations. Experience with Microsoft Sentinel and Microsoft Defender suite. Strong skills in KQL (Kusto Query Language) and Security architecture and data integration, Azure and Microsoft 365 security services Experience in onboarding and managing log sources ...

incident response .Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering: Perform proactive threat hunting using KQL within Microsoft Sentinel. Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve … science, Cybersecurity, Engineering, or a related field. Hands-on experience in cybersecurity operations. Experience with Microsoft Sentinel and Microsoft Defender suite. Strong skills in KQL (Kusto Query Language) and Security architecture and data integration, Azure and Microsoft 365 security services Experience in onboarding and managing log sources ...

roles (MSSP experience advantageous). Advanced expertise with: CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection) LogScale/Next-Gen SIEM (AQL/KQL queries, dashboards, pipelines) SIEM technologies and EDR/MDR workflows in 24×7 security operations Strong automation and scripting skills (Python, PowerShell, Bash). Proficiency ...

starting with PDS.? Desirable Experience? . Understanding of threat landscapes, attack vectors, and adversary tactics (MITRE ATT&CK framework). Proficiency in SQL/KQL and Resource Graph for data scripting, transformation and automation. Familiarity with Azure and Fabric, using dataflows and data lakes to build scalable datasets. Understanding ...

Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience ...

Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience ...

Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience ...

Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience ...

Exposure to Microsoft Sentinel, Google SecOps, or other SIEM platforms. Experience with Defender, CrowdStrike, SentinelOne, or similar XDR tools. Ability to query using KQL, XQL, S1QL, CQL, or similar languages. Awareness of threat intelligence concepts. Basic scripting or coding knowledge. Working Pattern & Clearance Shift pattern: 12-hour shifts ...

Exposure to Microsoft Sentinel, Google SecOps, or other SIEM platforms. Experience with Defender, CrowdStrike, SentinelOne, or similar XDR tools. Ability to query using KQL, XQL, S1QL, CQL, or similar languages. Awareness of threat intelligence concepts. Basic scripting or coding knowledge. Working Pattern & Clearance Shift pattern: 12-hour shifts ...

alerting, and KPIs/SLAs across data platform to enable consistent measurement of data reliability. Identify and create Azure Monitor alert rules and develop KQL queries to extract metrics and logs from Azure Monitor/Log Analytics for reliability tracking and alerting. Write SQL queries and PowerShell (or another scripting … quality enforcement Automation Experience for data validations, reconciliations and generating alerts. Experience with Azure Monitor, setting up Alert rules, building dashboards using data queried (KQL) from Log Analytics. Experience with Fabric Data Factory, Azure Data Factory, Synapse pipelines, and PySpark notebooks Hands-on experience calling REST/OData APIs ...

alerting, and KPIs/SLAs across data platform to enable consistent measurement of data reliability. Identify and create Azure Monitor alert rules and develop KQL queries to extract metrics and logs from Azure Monitor/Log Analytics for reliability tracking and alerting. Write SQL queries and PowerShell (or another scripting … quality enforcement Automation Experience for data validations, reconciliations and generating alerts. Experience with Azure Monitor, setting up Alert rules, building dashboards using data queried (KQL) from Log Analytics. Experience with Fabric Data Factory, Azure Data Factory, Synapse pipelines, and PySpark notebooks Hands-on experience calling REST/OData APIs ...

alerting, and KPIs/SLAs across data platform to enable consistent measurement of data reliability. Identify and create Azure Monitor alert rules and develop KQL queries to extract metrics and logs from Azure Monitor/Log Analytics for reliability tracking and alerting. Write SQL queries and PowerShell (or another scripting … quality enforcement Automation Experience for data validations, reconciliations and generating alerts. Experience with Azure Monitor, setting up Alert rules, building dashboards using data queried (KQL) from Log Analytics. Experience with Fabric Data Factory, Azure Data Factory, Synapse pipelines, and PySpark notebooks Hands-on experience calling REST/OData APIs ...

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience with Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a ...