22 of 22 Kusto Query Language Jobs in the UK

Skills * Strong knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) * Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL * Understanding of event correlation, alerting, and detection use-case development ________________________________________ Technical Foundations * Strong … client's supplier list for this role. ________________________________________ Keywords SIEM Analyst, Security Monitoring Analyst, SOC Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

Validate indicators of compromise and assess potential business impact Conduct proactive threat hunting activities Query and analyse security data using Microsoft Sentinel and KQL Support vulnerability management and remediation activities Work closely with technical teams to coordinate containment and recovery actions Produce incident reports, documentation and recommendations Contribute … technologies Strong analytical and problem-solving skills Experience working within a security operations environment Excellent communication and documentation skills Desirable Skills Microsoft Sentinel experience KQL (Kusto Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge ...

Assist with monthly SOC reporting and contribute insights into customer security posture Support client service reviews and communicate cyber risks in clear, business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure timely, high-quality incident resolution in line with SOC standards and SLAs … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

documentation, runbooks, and operational procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge ...

Knowledge:* Working across hybrid cloud environments* CIS hardening & benchmark standards* Cloud and AI engineering capabilities* One or more of the following would be advantageous: KQL, Python, linux shell* Data regulations as they relate to IT systems* Data Visualisation skills* Secure enablement and governance of Microsoft Copilot and GenAI (Copilot ...

operations (coverage management, escalation handling, policy tuning). Familiarity with Microsoft Defender suite and/or Microsoft Sentinel. Scripting/automation skills (PowerShell, KQL, Python). Knowledge of ransomware recovery patterns (immutable backups, restore validation, offline documentation). Exposure to audit/compliance requirements (ISO 27001, NIST, CIS) and evidence ...

runbooks. We’re looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365/Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial. ...

third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs). * Support DPIA processes through ...

escalation point for insider risk matters, providing technical advice, case support and judgement across complex or sensitive activity. The role will use threat hunting, KQL and detection engineering to identify indicators of misuse, compromise, inappropriate access or unusual activity requiring review. The post holder will analyse Microsoft Defender for Endpoint ...

runbooks. Were looking for 3+ years in a SOC or MSSP, hands-on with SIEM, EDR, and Microsoft 365/Entra ID security. KQL or PowerShell scripting, phishing and malware triage experience, and clear written communication are essential. Security+, SC-200, BTL1 or similar certs beneficial. ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Microsoft Fabric-based solutions while collaborating closely with clients to ensure effective implementation and performance. The ideal candidate will have expertise in SQL, KQL, and Azure data services, alongside experience in modern data architectures. This position offers a remote-first work environment with occasional travel to London. #J-18808-Ljbffr ...

building and maintaining ETL or ELT pipelines Experience working directly with stakeholders Ability to gather requirements and translate them into technical solutions Experience with KQL, Synapse or Databricks would be beneficial What you'll get in return for your experience This Data Engineer role is offering a salary ...

MITRE ATT&CK framework and how to practically apply it to threat hunting methodologies and detection logic. ·Proficiency in complex query writing (e.g., KQL, SPL, SQL) to filter, analyse, and visualise large, disparate datasets. Hands-on experience with EDR, NDR, SIEM, SOAR security platforms and data analysis platforms such ...

industry best practice. Detection Engineering & Security Automation Configure, optimise and continuously improve Microsoft Sentinel and Microsoft Defender technologies. Develop and tune detection logic using KQL to identify emerging threats and attacker behaviours. Build and maintain automated SOAR workflows using Logic Apps and related technologies. Integrate Microsoft security tooling with third … stakeholder communications during high-severity incidents. Strong understanding of attacker tactics, techniques and procedures (TTPs). Technical Skills Strong Microsoft security ecosystem expertise. Advanced KQL experience for investigations, detections and reporting. Experience building automation workflows using Logic Apps or similar technologies. Knowledge of cloud security principles across Azure and ideally ...

Clearance. What youll be doing: Develop, test and deploy detection content across Microsoft Sentinel and Splunk SIEM. Write and optimise detection logic using KQL and SPL. Turn monitoring requirements and use cases into effective, actionable detections. Tune alerts to reduce false positives and improve SOC efficiency. Validate detections against telemetry … What youll bring: Experience in SOC engineering, detection engineering or SIEM engineering. Strong hands-on experience with Microsoft Sentinel and Splunk. Solid knowledge of KQL and SPL. Experience building, testing and maintaining detection rules. Good understanding of SIEM lifecycle management and security telemetry. Knowledge of cloud environments and IT infrastructure. ...

frameworks Experience with cloud data platforms (ideally Microsoft Fabric) Familiarity with Power BI or similar BI tools Ability to optimise and troubleshoot query performance Strong … analytical and problem-solving skills Desirable Skills Knowledge of modern data architectures Experience with SQL, SSRS, SSIS and SSAS Experience using PySpark Familiarity with KQL Experience with data cataloguing tools Exposure to C# What you'll get in return Competitive Salary - £52,750 with a generous hybrid working policy. Pension ...