1 to 25 of 28 Remote Kusto Query Language Jobs in the Thames Valley

problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

Microsoft Sentinel. Experience in building and maintaining workflows with Azure Logic Apps to automate processes. Strong experience in API development and integration. Proficiency in KQL, JSON, and PowerShell. Good written and verbal communication skills. Technical understanding of IT infrastructure – Microsoft 365 suite, Defender XDR, Entra ID (Azure Active Directory), Azure More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration. • Experienced building complex custom RQL, KQL or SQL queries. • Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services. • Programming experience with Python or PowerShell More ❯

deployment strategies including Blue/Green deployments. Knowledge of networking principles and security protocols. Confidence in working with data and system monitoring tools, writing KQL queries, and building insights dashboards. A strong understanding of compliance frameworks and how they apply to cloud infrastructure. Exposure to C#/.NET environments preferred. More ❯

deployment strategies including Blue/Green deployments. Knowledge of networking principles and security protocols. Confidence in working with data and system monitoring tools, writing KQL queries, and building insights dashboards. A strong understanding of compliance frameworks and how they apply to cloud infrastructure. Exposure to C#/.NET environments preferred. More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

complex Microsoft Sentinel at SMC and enterprise Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and custom data connectors Scripting and engineering skills – Python, PowerShell, APIs, Function Apps A background in cyber threat detection, incident response or DFIR … is a real plus Comfortable working in very fast-moving, customer facing delivery environments The Technical Shizzle: Microsoft Sentinel (KQL, Analytics Rules, Workbooks, Watchlists) Azure Function Apps, Logic Apps, ARM templates PowerShell, Python, REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra More ❯

to automate, optimize, and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and … monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯

to automate, optimize, and strengthen security operations at scale. A key position within a world-class MSSP, leveraging Microsoft Sentinel, Defender for Endpoint, and KQL to enhance threat detection, response, and security automation. Responsibilities include developing automated security workflows, streamlining investigations, and advancing proactive defense strategies. Key Responsibilities: Design and … monitoring strategies and contribute to the overall SIEM architecture. Experience required: Proven experience working with Microsoft Sentinel and Defender for Endpoint. Strong proficiency in KQL for deep threat hunting and security analytics. Knowledge of SIEM automation, playbooks, and integrations. Experience in cybersecurity operations, threat detection, and incident response. Passion for More ❯