cyber-focused MSP or MSSP Strong hands-on capability with platforms such as Microsoft Sentinel, Defender for Endpoint, or similar Proficiency in scripting and query languages such as KQL or PowerShell Knowledge of detection logic, investigation workflows, and cloud-based infrastructure Confident communicator with strong documentation and reporting skills Apply today for more information. More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
BAE Systems (New)
and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯
Jobs Search Type All Job Area All Sentinel SecOps Engineer - Sentinel, KQL, EDR, SOC Tooling London - Hybrid (3 days in the office) £450 - £500 p/day Outside IR35 Sentinel SecOps Engineer - Sentinel, KQL, EDR, SOC Tooling - London (3 days onsite) - £450 - £500 p/day Outside IR35 I am working with an exceptional Microsoft Security Solution Provider, and they … of them. You will need to build all the analytical rules within the log sources and help to support the entire estate. It is essential that you have exceptional KQL skills, not just be able to follow code, but create it from scratch and spot errors and changes in code as and when you review it. They need someone who … days later in the contract, but this is not guaranteed. Required: Exposure working with a previous managed security provider or within an MSSP environment Strong working knowledge of KQL (essential) Experience using SOC tooling (SIEM and EDR solutions) (essential) Previous experience working within financial services Experience using ITSM tools Knowledge of the phases in incident response and Cyber Kill Chain More ❯
with Microsoft Azure and SAP Hands on use of monitoring and observability tools such as Application Insights and New Relic Experience with various query languages such as SQL, KQL, Lucene, NRQL to analyse logs and metrics for modelling and troubleshooting would be beneficial Knowledge of testing in differing SDLC models and Shift Left principles Strong communication and leadership skills More ❯
