12 of 12 Kusto Query Language Jobs in Slough

and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering … or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk More ❯

of Security Tools: Proficiency in using various security tools and platforms, such as SIEMs, IDS/IPS, and threat intelligence platforms. Proficiency in Writing KQL Queries for Forensics: Strong ability to write and optimize Kusto Query Language (KQL) queries for conducting forensic investigations and analysing security events. More ❯

retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query Language (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯

/7 rota, specifically in an established IT or Security function. Working knowledge of SIEM tools. Scripting capability, particularly using PowerShell, Bash, and KQL (Kusto Query Language) for automation, scripting, and querying in Microsoft Sentinel and Defender. Experience with security and monitoring tools such as Zscaler, Microsoft More ❯

been UK-based for the past 5 years (due to security clearance requirements) Desirable: Familiarity with SIEM tools (Splunk, ELK, Azure Sentinel) Proficient in KQL (Kusto Query Language) Microsoft certifications: Azure Administrator Associate (AZ-104), Azure Solutions Architect Expert (AZ-305), Azure Security Engineer Associate (AZ More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Desirable: Experience with KQL and customising Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

SIEMplify) and cloud platforms (e.g., AWS, Azure, O365). Experience investigating intrusions in Linux and cloud environments. Proficiency in scripting, regular expression development, and query optimization (e.g., Kusto, SQL). If you’re ready to step up your career in a dynamic and global environment, apply today to More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

to automate, optimize, and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and … monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯