1 to 25 of 54 Kusto Query Language Jobs in the UK excluding London

tooling, and network security. Certifications such as CISSP, CEH, GIAC, AZ-500, SC-100 , or relevant vendor-specific credentials. Scripting proficiency in Python, PowerShell, KQL (Kusto Query Language), or Kibana Query Language . Strong analytical mindset with the ability to process large datasets, detect threats ...

supporting C#/.NET Core/MVC web applications with SQL Server backends and Azure Blob Storage. Advanced Azure diagnostics (Application Insights, Log Analytics, Kusto Query Language). Proficient in SQL for investigation and remediation. Scripting and automation skills in PowerShell and/or C#. Understanding … Blob Storage, scaling strategies. Experience in capacity planning, SLOs, and error budget management Azure Monitor, Application Insights, Log Analytics, Azure Data Explorer (KQL), Azure Functions, Logic Apps, PowerShell, C#, SQL Server Management Studio, Azure Storage Explorer, Power BI (for reporting). The Senior Azure Support Engineer responsibilities and tasks: Monitor ...

Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft Defender for O365, Darktrace AI, anti-phishing, Safe ...

roles (MSSP experience advantageous). Advanced expertise with: CrowdStrike Falcon EDR (RTR, Forensics, Custom IOA, Identity Protection) LogScale/Next-Gen SIEM (AQL/KQL queries, dashboards, pipelines) SIEM technologies and EDR/MDR workflows in 24×7 security operations Strong automation and scripting skills (Python, PowerShell, Bash). Proficiency ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong ...

starting with PDS.? Desirable Experience? . Understanding of threat landscapes, attack vectors, and adversary tactics (MITRE ATT&CK framework). Proficiency in SQL/KQL and Resource Graph for data scripting, transformation and automation. Familiarity with Azure and Fabric, using dataflows and data lakes to build scalable datasets. Understanding ...

Azure servers (P2), with a focus on advanced threat detection and automated response. Skilled in Microsoft Sentinel SIEM/SOAR setup, tuning, and KQL query development for detection engineering and incident investigation. PowerShell/Python scripting for automating Microsoft security tooling, plus experience securing DNS, DKIM/DMARC ...

ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations ...

cyber security, ideally within a Managed Service Provider Deep experience with Microsoft Defender suite (MDE, MDO, MDCA, MDI) and Microsoft Sentinel Strong knowledge of KQL, Logic Apps, and automation/orchestration tools Skilled in endpoint, identity, and cloud security Familiar with Microsoft 365 and Azure security best practices Excellent communicator ...

cyber security, ideally within a Managed Service Provider Deep experience with Microsoft Defender suite (MDE, MDO, MDCA, MDI) and Microsoft Sentinel Strong knowledge of KQL, Logic Apps, and automation/orchestration tools Skilled in endpoint, identity, and cloud security Familiar with Microsoft 365 and Azure security best practices Excellent communicator ...

Practical experience with Azure SQL , Cosmos DB , and other Azure data services Microsoft certifications (AZ-204, AZ-400, ITIL Foundation) Familiarity with Application Insights , KQL , and security best practices Exposure to multi-cloud environments or containerisation (Docker, Kubernetes) About DigX DigX is a transformation consultancy delivering engineered outcomes across complex ...

deploy Microsoft Purview (DLP, classification, compliance) Implement the Defender suite (Endpoint, Identity, Cloud Apps, Office 365) Build and tune Sentinel SIEM: analytics rules, playbooks, KQL, automation Design Zero Trust controls via Entra ID: Conditional Access, PIM, RBAC Lead client-facing workshops and contribute to presales and security strategy Create LLDs ...

Security Engineer - SIEM, KQL- sought by investment bank based in London. *Inside IR35 - 3 days a week on-site** Key Responsibilities SIEM Management & Optimization: Design, implement, and maintain Microsoft Sentinel workspaces, connectors, analytics rules, and playbooks Develop advanced KQL queries for threat hunting and reporting Optimize SIEM performance, cost … further details - Alex Reeder Harvey Nash 3+ years in a Security Engineer, SOC Analyst, or similar role Hands-on experience with Microsoft Sentinel and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ...

performance, tenant-wide scoping, differential targeting by region/legal entity. Automate via PowerShell/Graph, and instrument telemetry/alerting (eg, Sentinel/KQL, compliance portals). Define controls, evidence artefacts, and reporting for internal audit and regulatory assurance. Create runbooks for policy changes, exceptions, break-glass procedures ...

doing As SOC Analyst, you will: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. Develop and maintain … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

security technologies. Skills/Must Have: Experience with SIEM platforms and log analysis. Ability to query and interpret log data; familiarity with KQL is beneficial. Exposure to EDR tools such as CrowdStrike, Microsoft Defender for Endpoint, or Carbon Black. Understanding of malware behaviour, IoCs, and basic analysis techniques. Knowledge ...

security technologies. Skills/Must Have: Experience with SIEM platforms and log analysis. Ability to query and interpret log data; familiarity with KQL is beneficial. Exposure to EDR tools such as CrowdStrike, Microsoft Defender for Endpoint, or Carbon Black. Understanding of malware behaviour, IoCs, and basic analysis techniques. Knowledge ...

bonus, not a requirement. What you'll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

bonus, not a requirement. What you’ll be doing: Operate, tune and configure SIEM tools Monitor and triage security alerts, applying custom queries (e.g. KQL) and correlation rules to detect suspicious activity. Investigate security incidents across endpoints, networks, and cloud environments; perform root-cause analysis, impact assessment and containment actions. … hands-on experience with SIEM tooling, alerts triage, detection logic, and security incident workflows. Ability to write and optimise detection queries (e.g. in KQL), review firewall and security logs, manage email/web filtering policies, and implement/review Data Loss Prevention (DLP) controls. Experience with automation or scripting (e.g. ...

junior analysts Handle complex threats, lead incident response, and shape security policy Oversee and lead investigations across various cloud security suites Develop and maintain KQL-based detection rules, hunting queries, and alert tuning strategies. Coordinate incident response playbooks across hybrid environments, including AWS EC2, Lambda, and containerized workloads. Contribute … response roles, with strong hands-on experience in Microsoft security suite, AWS Security Services, and other EDR/XDR/CNAPP platforms Proficient in KQL, PowerShell, and Python for automation and enrichment. Experience with AWS IAM, GuardDuty, Security Hub, CloudTrail, and Config. Strong understanding of UK compliance frameworks (NCSC ...

including data connector onboarding, ingestion optimisation, analytic rule lifecycle management, workspace architecture, and cost-aware service design for multi-tenant MSSP use cases Advanced KQL (Engineering & Detection Enablement) Expert-level KQL skills to support detection engineering, correlation logic, operational tuning, and platform performance across Sentinel and Defender data sources SOAR ...

Terraform , and scripting with PowerShell/Python . Monitor and optimise cloud performance using Azure Monitor , Service Health , and advanced query tools (KQL). Implement FinOps principles to control costs and ensure efficient use of public funds. Integrate security best practices with Microsoft Defender for Cloud and maintain compliance ...

Will Ideally Bring: Strong experience with Azure Cloud technologies, Microsoft Sentinel and Defender solution. Experience in query languages and/or script development (KQL, SPL, SQL, Powershell, etc.) Knowledge and familiarity of enterprise IT systems in relation to cyber security. Hands-on engineering experience with SIEM and/ ...