226 to 250 of 422 Kusto Query Language Jobs in the UK

skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause analysis. Create KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. More ❯

API security standards. Knowledge of exploits, malware, ransomware, and detection methods. Experience with web architecture and system administration. Proficiency in building complex queries (RQL, KQL, SQL). Experience with Azure, AWS, or GCP security configurations. Programming skills in Python or PowerShell. Agile/Flexible Working KPMG supports flexible work arrangements More ❯

intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT More ❯

technical coach). Position might be filled at a higher level based on candidate experience. What will help you succeed Preferred Requirements: Experience with query languages such as SQL, SPL, or KQL. Experience with observability and log collectors/pipelines such as FluentBit, OpenTelemetry, Cribl, and Logstash. Experience with More ❯

and security frameworks (e.g. ISO 27001, NIST). Previous involvement in security audits, risk assessments, or policy development. Scripting or automation skills (e.g. PowerShell, KQL) are a plus. We are accepting applications for our hubs in Washington, Nairobi & Dubai -please note that a current right to work is required for More ❯

actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA …/400. Proven experience managing a SOC/Security Operations function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply More ❯

actions) Oversee threat detection and monitoring (via SIEM tools) Drive vulnerability management Report security posture via dashboards and metrics Use Microsoft Sentinel, Defender, and KQL for threat detection and investigation Lead and develop SOC analysts Requirements: Degree in Computer Science/IT or relevant industry certifications such as GSOC, CPSA …/400. Proven experience managing a SOC/Security Operations function within housing association/public sector. Strong experience with Microsoft Sentinel, Kusto (KQL), Azure Defender tools Hands-on incident response, threat monitoring, and SIEM use Knowledge of ISO 27001, GDPR, and NIST If you are interested, please apply More ❯

large-scale environment Provide support and troubleshooting for Azure services including Compute, Storage, Networking, etc. Utilize Azure Management tools such as Azure Monitor, Agents, KQL, ARM templates, Azure Policies, and Infrastructure as Code (IaC) with Azure DevOps, Bicep, etc. Perform scripting with PowerShell and manage patching in cloud environments Follow More ❯

large-scale environment Provide support and troubleshooting for Azure services including Compute, Storage, Networking, etc. Utilize Azure Management tools such as Azure Monitor, Agents, KQL, ARM templates, Azure Policies, and Infrastructure as Code (IaC) with Azure DevOps, Bicep, etc. Perform scripting with PowerShell and manage patching in cloud environments Follow More ❯

with deploying and using SIEM tools. Skilled in Azure Security solutions, including Defender for Endpoint, Defender for Identity, and Office 365. Proficient in writing Kusto queries for Microsoft Sentinel to enhance analytics and threat hunting. Deep knowledge of Windows security controls, architecture, and implementation in enterprise environments. Strong analytical More ❯

years in Cyber Security within enterprise and OT environments. • Strong knowledge of ICS, SCADA, and critical infrastructure security. • Hands-on experience with Microsoft Sentinel, KQL, MFA, and PAM tools. • Proven ability to triage and remediate cyber risks in real-time. • Excellent communication skills for non-technical stakeholders. Seniority level Seniority More ❯

of systems and processes. Essential Experience Experience in a SOC or security team. Hands-on experience with Microsoft Sentinel: Proven track record in writing KQL, hunting, and incident response processes within Microsoft Sentinel. Experience in managing Data Connectors and the processes behind them. Strong understanding of Workbooks development and integration. More ❯

them (trusted advisor/technical coach). Position might be filled at a higher level based on candidate experience. Qualifications Preferred Requirements: Experience with query languages such as SQL, SPL, or KQL. Experience with observability and log collectors/pipelines such as FluentBit, OpenTelemetry, Cribl, and Logstash. Experience with More ❯

analysis Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP) Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as More ❯

security tooling, including: Microsoft Sentinel – connector management, rule tuning, data enrichment Microsoft Defender solutions (Endpoint, Identity, Cloud Apps) Develop and refine detection logic using KQL, and implement SOAR playbooks via Logic Apps. Integrate data sources from hybrid environments (cloud/on-premise) into the SIEM. Optimise alert fidelity and reduce More ❯

security tooling, including: Microsoft Sentinel – connector management, rule tuning, data enrichment Microsoft Defender solutions (Endpoint, Identity, Cloud Apps) Develop and refine detection logic using KQL, and implement SOAR playbooks via Logic Apps. Integrate data sources from hybrid environments (cloud/on-premise) into the SIEM. Optimise alert fidelity and reduce More ❯

base and engineering standards Requirements Experience with Microsoft Sentinel in enterprise environments Understanding of security telemetry across various layers Skills in SIEM content development, KQL, analytics rules, data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to work in More ❯

with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. Ability to articulate specific projects that you have built, developed or led on More ❯

with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. Ability to articulate specific projects that you have built, developed or led on More ❯

. Experience securing cloud environments and ensuring compliance. Understanding of API security standards, exploits, malware, and web architecture. Proficiency in building complex queries (RQL, KQL, SQL). Hands-on experience with Microsoft Azure, AWS, or GCP security features. Programming skills in Python or PowerShell. We support flexible working arrangements and More ❯

deployment strategies including Blue/Green deployments. Knowledge of networking principles and security protocols. Confidence in working with data and system monitoring tools, writing KQL queries, and building insights dashboards. A strong understanding of compliance frameworks and how they apply to cloud infrastructure. Exposure to C#/.NET environments . More ❯

Desirable skills/knowledge/experience: • MDM (Informatica) • Data Governance (Collibra) • Utilities experience • Experience with SCADA, eSCADA, telemetry, SAP PM, GIS • Terraform • Bicep • Python, Kusto All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. More ❯

We are hunting for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to More ❯

We are hunting for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to More ❯

We are hunting for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to More ❯