1 to 25 of 44 Kusto Query Language Jobs in the UK excluding London

Hunting role Strong understanding of cyber threats, malware and adversary TTPs Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written … rigid office attendance. Keywords Cyber Threat Intelligence Analyst, Threat Intelligence Analyst, Cyber Threat Analyst, Threat Hunter, Cyber Security Analyst, Microsoft Sentinel, Defender XDR, KQL, Kusto Query Language, SIEM, EDR, MITRE ATT&CK, Threat Hunting, Cyber Threat Intelligence, Malware Analysis, IOCs, OSINT, SOC, Incident Response, Blue Team, Microsoft ...

manage high-severity security incidents from identification through containment, eradication, recovery, and post-incident reporting Perform advanced threat hunting using Microsoft Defender XDR, Sentinel, KQL, and other telemetry sources to identify emerging threats, anomalous behaviour, and undetected malicious activity Develop, tune, and maintain Sentinel analytics rules, workbooks, playbooks (Logic Apps … Defender for Endpoint, Office 365, Identity, Cloud Apps, Defender for Cloud, and Azure security controls Create and maintain Kusto Query Language (KQL) queries, automation workflows, and enrichment logic to enhance detections and investigation efficiency Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ...

supporting C#/.NET Core/MVC web applications with SQL Server backends and Azure Blob Storage. Advanced Azure diagnostics (Application Insights, Log Analytics, Kusto Query Language). Proficient in SQL for investigation and remediation. Scripting and automation skills in PowerShell and/or C#. Understanding … Blob Storage, scaling strategies. Experience in capacity planning, SLOs, and error budget management Azure Monitor, Application Insights, Log Analytics, Azure Data Explorer (KQL), Azure Functions, Logic Apps, PowerShell, C#, SQL Server Management Studio, Azure Storage Explorer, Power BI (for reporting). The Senior Azure Support Engineer responsibilities and tasks: Monitor ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

technologies, experienced with Azure Security Solutions, Defender for endpoint, Defender for Identity and Office 365, and be experienced with the development of Microsoft Sentinel Kusto queries to support analytics and hunting capabilities. You'll also have a significant understanding of enterprise Windows security controls, implementations, and architectures. With excellent ...

environments Strong working knowledge of SIEM, EDR, and email security platforms Practical experience with Microsoft XDR technologies Ability to create and tune detections using KQL Track record of supporting or mentoring other analysts SC-200, CySA+, or comparable certifications (desirable) Clear communicator in both technical and business contexts Analytical, methodical ...

Skills Needed: 5+ years of experience as a Data Engineer, ideally with Microsoft Fabric. Proficiency using T-SQL is essential. Experience with Python, Power Query, and KQL. Solid knowledge of Azure DevOps and CI/CD best practices. Experience with secure multi-tenant data architectures (RLS and TLS). ...

ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise reduction. Experience with automation and Infrastructure-as-Code in SIEM environments. Deep understanding of SIEM platform operations ...

semantic modelling). Advanced Programming and Data Engineering Skills: Proficient in Python, SQL and T-SQL with experience in PySpark; familiarity with KQL for real-time analytics and robust ELT design using medallion architectures. Proven Experience in Modern Data Platforms: Track record of building and operating Azure-based data platforms ...

leadership experience within a security engineering or SecDevOps environment Strong technical grounding in the Microsoft Security ecosystem, ideally including Microsoft Sentinel, Defender XDR, and KQL Ability to balance people management with hands-on technical credibility Experience within an MSSP or consultancy environment is highly advantageous Excellent communication skills and confidence ...

incidents, odd behaviours, multi-cloud weirdness - you investigate, correlate, and close.? Turning threat hunting into a habit, not a once-a-month exercise: building KQL hunts, mapping to MITRE ATT&CK, and turning "interesting patterns" into hardened detections.? Making the SIEM/XDR bill make sense : understanding ingestion, licensing … manage log sources properly.? You're comfortable designing security architecture in Azure/M365, integrating cloud-native controls, and wiring in threat intel.? KQL is second nature ; PowerShell or Python are tools you reach for without thinking.? You're happy explaining trade-offs between cost and coverage and backing ...

National Infrastructure (CNI), OT/ICS environments, threat hunting, detection engineering, EDR/NDR/SOAR tools, and basic scripting or query skills (KQL, SQL, Python). Desirable qualifications: cyber security or computer science degree, and certifications such as CompTIA Security+, BTL1, GIAC (GSEC, GCED, GCIA), or Elastic Certified ...

ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations … Deep expertise in Microsoft Sentinel and Microsoft Defender XDR Advanced KQL skills and SIEM data integration experience Knowledge of Azure and Microsoft 365 security services Scripting experience with PowerShell and/or Python This is an excellent opportunity for a senior security professional to make real impact in a modern ...

understanding of MITRE ATT&CK, malware analysis, and adversary behaviour Hands-on experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms Proficiency in KQL, Python, or similar scripting/query languages Excellent communication skills — comfortable presenting to clients Analytical, detail-driven mindset with the ability to manage multiple ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

background in: C#/.NET Core/MVC SQL Server Azure Blob Storage Advanced Azure monitoring and diagnostics: Application Insights Azure Monitor Log Analytics KQL Strong SQL investigation skills Automation and Scripting with PowerShell and/or C# Good understanding of Azure services: App Services, VMs, Azure SQL, Storage, scaling … Tech Stack: Azure Monitor | Application Insights | Log Analytics | KQL | Azure Functions | Logic Apps | PowerShell | C# | SQL Server | Power BI Senior Azure SaaS Reliability & Support Engineer Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...

Detection Engineer - SIEM, KQL, Sentinel Client is looking for a Detection Engineer to join their security team. Will be creating and improving detetions. - KQL exp is a must (Sentinel/Log Analytics/Microsoft Defender)- Translate threat intelligence into actionable detection logic- Windows, MacOS or Linux operating systems exp London ...