1 to 25 of 31 Kusto Query Language Jobs in the UK

Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

CSOC Compile and present monthly SOC reporting, advising on security posture improvements Support client service reviews and articulate cyber risk in business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure high-quality incident resolution and consistent SOC performance Who you are: Youre an experienced cyber … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

Azure observability playbook, delivering comprehensive dashboards, alerting rules, and operational runbooks using Application Insights, Log Analytics, and Kusto Query Language (KQL). AIOps & Intelligent Automation Develop AI‐driven alerting and detection mechanisms to surface early‐warning signals, including IP reputation degradation, database capacity saturation, and anomalous traffic … Expertise Deep proficiency in Terraform, including module design, remote state management, workspace strategies, and multi‐environment deployment patterns. Monitoring & Observability Expertise Advanced experience with KQL for Azure Log Analytics, with the ability to design and build custom Azure Monitor Workbooks for operational insight and reporting. Security Automation Strong background ...

overview of customer industry and projects, access to cutting-edge technology etc.) Technical SME in Cybersecurity space Key responsibilities: (Up to 10, Avoid repetition) KQL: Expert Level Able to develop and maintain high-fidelity detection rules using Kusto Query Language Able to utilize KQL for detection engineering … Coordinate the end-to-end onboarding of log sources into Sentinel. Key skills/knowledge/experience: (Up to 10, Avoid repetition) Expert in KQL Technical SME for Sentinel set up Strong understanding of cloud and on premises logging (Windows, Linux, application, DB, identity). Experience onboarding data using ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

technical stakeholders. What youll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into ...

technical stakeholders. What you’ll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks ...

Dynamics 365 solutions Gather requirements, estimate effort and mentor team members Design and manage database models Support monitoring and data platforms (e.g. Log Analytics, KQL, medallion architecture) Essential Skills & Experience Azure integration technologies, SQL Server/Azure SQL, APIs, SaaS/PaaS CI/CD experience Agile methodologies (Scrum, Kanban ...

Dynamics 365 solutions Gather requirements, estimate effort and mentor team members Design and manage database models Support monitoring and data platforms (e.g. Log Analytics, KQL, medallion architecture) Essential Skills & Experience Azure integration technologies, SQL Server/Azure SQL, APIs, SaaS/PaaS CI/CD experience Agile methodologies (Scrum, Kanban ...

experience with data ingestion tools such as Elastic Agent, Beats, Splunk UF/HF, Syslog, Kafka Advanced proficiency in querying languages including SPL, KQL, and EQL Strong understanding of ECS and CIM log normalization, enrichment, and large-scale data architectures Expertise in detection rule design, tuning, and lifecycle management Proficiency ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...

flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns - SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard - Endpoint and desktop security: EDR deployment ...

operating build & release automation and continuous integration and deployment, especially to Azure or to VMware VCF. Scripting and Programming languages in (Python, Bash, Powershell, KQL etc.,) Familiarity with infrastructure automation using tools like Ansible and Terraform. Experience of DevOps Practices, and working with Agile methodologies including SAFe. Unix & Windows system ...

within Complex, Multi-Tenant Environments. The Engineering Edge: Good Background in Detection Engineering, Custom Rule Creation & Log Orchestration. You should be highly proficient in KQL & have good Scripting Capabilities (Python or PowerShell). Onboarding & Architecture: Proven Ability to Lead Technical Implementation for New Clients, ensuring their environments are correctly Scoped ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...

maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You’ll Bring Must … Have Skills & Experience: Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with ...

maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You’ll Bring Must … Have Skills & Experience: Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with ...

potential threats, anomalies, or policy violations. Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. Contribute to threat hunting activities using KQL queries and intelligence-led techniques. Maintain accurate incident records, ensuring actions and outcomes are logged to a high standard. Facilitate security testing and awareness through … data subject rights Experience analysing logs, alerts, or data from security tools. Strong documentation, investigation, and analytical skills. Desirable Hands‐on experience writing KQL queries, PowerShell, or CLI commands. Exposure to automation or playbooks (Logic Apps, Defender workflows). Knowledge of frameworks such as MITRE ATT&CK or NIST CSF. ...

MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling Experience with scripting or query languages (e.g. KQL, SPL, Python) Familiarity with DevOps environments and CI/CD pipelines Experience with identity security and access controls What We're Looking For A hands ...

maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You’ll Bring Must … Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks ...