101 to 125 of 422 Kusto Query Language Jobs in the UK

to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL). More ❯

technologies such as Docker and Kubernetes. Proficiency in cloud platforms: Azure and AWS. Expertise in Microsoft Defender and Kusto Query Language (KQL). Qualifications: Bachelor’s degree in Computer Science, IT, or related field. Minimum of 5 years of experience in IT infrastructure engineering, focusing on Microsoft More ❯

simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information More ❯

leading incident management frameworks. Experience of Microsoft Cyber Security toolset to conduct detection and response activities. Competency with Kusto Query Language (KQL) is a distinct advantage. Team player and adept at working in multi-disciplinary and diverse teams. Proven analytical skills and capable of solving new and More ❯

solutions using Microsoft Fabric. Python data engineering experience. Strong understanding of SQL and NoSQL databases, SQL, CosmosDB and Kusto Query Language (KQL). Solid experience of data pipeline development using both cloud and on-premises data sources. Excellent problem-solving, analytical, and communication skills. Strong desire to More ❯

across global retail clients. Key Responsibilities Advanced threat detection and monitoring using industry-leading tools. Building and tuning detections using Kusto Query (KQL). Responding to and managing security incidents effectively. Engineering robust detections and performing proactive threat hunts. Supporting security automation and infrastructure-as-code initiatives. Qualifications … re looking for someone with relevant experience in the following: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike) Strong KQL capabilities for log analysis and detection tuning Cloud Security (Microsoft Azure, Google Cloud Platform) Kubernetes and container technologies (e.g., Docker) Threat Hunting, Detection Engineering, Incident More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

while collaborating across security, engineering, and business teams. Strong use of Splunk Programming Language. Strong scripting/query language skills (e.g., Python, KQL, SQL, PowerShell). Desirable Requirements Hands-on experience using Jupyter Notebooks for data exploration, automation, and visualization in a security context. Knowledge of cloud products More ❯

the Delivery Lead/PMO. The Role You will be responsible for: Creating Threat Hunt Hypotheses and executing Threat Hunts regularly. Translating hypotheses into KQL queries, executing them, and triaging results independently. Having knowledge of attacker TTPs and APT groups, conducting in-depth research. Verifying and refining Threat Hunt queries More ❯

platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of More ❯

new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. More ❯

Lead for prioritisation. · Ad-hoc communications with government or commercial security operations centres as part of root-cause analysis · Creation of low-medium complexity KQL analytics and hunt queries, conducting IOC and anomaly-based threat hunts, including root cause identification of findings · Identification and tagging of incorrect alert logic/ More ❯

integrating Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, KQL, analytics rules, and custom connectors Scripting skills in Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (preferred) Ability to More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Knowledge of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and custom data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Knowledge of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and custom connectors Scripting skills in Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (preferred) Ability to More ❯

standards Requirements: Experience with Microsoft Sentinel in enterprise environments Understanding of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and data connectors Scripting skills in Python, PowerShell, and API integration Background in threat detection, incident response, or DFIR is a plus Ability More ❯

Microsoft Sentinel deployment at SMC and enterprise level Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience with SIEM content development, KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus) Ability to More ❯

Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability More ❯

with building and integrating complex Microsoft Sentinel solutions Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience with SIEM content development, KQL, analytics rules, and custom data connectors Scripting skills in Python, PowerShell, APIs, and Function Apps Background in cyber threat detection, incident response, or DFIR (a More ❯

Sentinel deployment at SMC and enterprise levels. Understanding of security telemetry across identity, endpoint, cloud, and network layers. Experience in SIEM content development, including KQL, analytics rules, and data connectors. Scripting skills in Python, PowerShell, APIs, and Function Apps. Background in cyber threat detection, incident response, or DFIR is advantageous. More ❯

Experience with building and integrating complex Microsoft Sentinel solutions Understanding of security telemetry across identity, endpoint, cloud, and network Experience with SIEM content development, KQL, rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability to More ❯

Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development: KQL, analytics rules, data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to More ❯