12 of 12 Remote Kusto Query Language Jobs in the UK excluding London

improving security posture Provide technical support within client service reviews along with attending any other meetings at the CSOC Managers discretion Articulation of security risk to customers in a language that can be understood by business representatives Responsible for continual service improvement activities within the CSOC Ensuring the integrity of client IT infrastructures Protecting information systems residing upon them … strict SLAs. Experience with, SIEM, EDR and Email Security toolsets and how to leverage these tools to provide robust Detect & Respond services. Experience working in a Microsoft XDR SOC KQL (Kusto Query Language) experience Experience in mentoring and assisting analysts of varying levels of skill. Must have been a UK resident for a minimum of 5 years More ❯

Qualifications: Strong knowledge of IT infrastructure, networking, and end-user computing Experience with SIEM tools, particularly Microsoft Sentinel Ability to write and tune Kusto Query Language (KQL) queries Hands-on experience with PAM, MFA, and other SecOps tools Excellent communication skills with the ability to explain technical issues to non-technical stakeholders Desirable Skills & Qualifications: Microsoft Security More ❯

infrastructure (CNI) project involving the deployment of Windows Hello for a major UK utility company. What You'll Be Doing: Supporting and tuning Microsoft Sentinel and other SIEM platforms (KQL scripting) Managing escalated incidents from L1 analysts and leading full incident response lifecycle (MIM) Conducting in-depth data analysis , threat hunting, and forensic investigations Maintaining and enhancing SOC documentation, SOPs … NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident response & breach handling Familiarity with threat intelligence, vulnerability management , and cloud security tools Proactive mindset with ability to work independently in high-pressure environments Active More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

We are hunting for an experienced SOC Analyst that's spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to legitimate security incidents. In addition to their primary tasks, First More ❯

Continuously monitoring network traffic, security alerts, and system logs for signs of suspicious activity or security breaches. Requirements Proven experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity KQL experience In depth understanding of PCAP analysis using Wireshark or equivalent. Network engineering/network admin OT operations/security (optional, but a bonus) What's on Offer? Competitive salary More ❯

MSP Strong technical knowledge of Microsoft 365, including migrations, hybrid identity, DLP, retention policies Hands-on Azure IaaS experience: networking, NSGs, VPNs, load balancers, governance Proven Microsoft Sentinel experience: KQL, dashboards, incident response Solid grasp of Intune, AutoPilot, security and compliance policies Strong networking and firewall understanding (e.g. Cisco, Fortinet, Ubiquiti) Confident presenting to stakeholders and creating detailed technical documentation More ❯

Management o Azure SQL and MI o Functions o Networking o Data Factory o Databricks Proven experience with Azure DevOps (ADO) Solid understanding of o Terraform o HELM o KQL Advantageous: Healthcare or Government related industry experience Understanding of JIRA and Confluence Understanding or experience with TCAF Qualifications: Experience is valued over accreditation, however, as we're a Microsoft partner More ❯

Harden infrastructure across Microsoft 365 and Endpoint environments Collaborate with System Admins, SOC Analysts, and Network Engineers Support compliance with upcoming Cyber Essentials certification Automate tasks with scripting (PowerShell, KQL, Python a plus) Help non-technical users understand and adopt secure practices What We're Looking For 5+ years in IT Security Engineering or a related technical field Proven hands … starting mindset, someone who "gets on with it" Desirable Certifications: AZ-500, CISSP, CCSP, CISM Experience with compliance initiatives like Cyber Essentials Any coding/scripting ability (PowerShell/KQL/Python) Working Pattern Fully remote with occasional head office visits Flexible approach to working patterns in a family friendly culture Benefits Strong training and development support Friendly, collaborative IT More ❯

Git (version control) Security & Compliance Cloud posture management (Azure Defender for Cloud, GCP SCCE) Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging DLP technical policy development Ability to build and train machine learning models More ❯

posture management (Azure Defender for Cloud, GCP SCCE) Microsoft Defender XDR/Microsoft Purview Data Loss Prevention/Data Security Posture Management (DSPM) Scripting & Automation Python (our preferred scripting language) Configuration as Code … principles API integration (e.g., Microsoft Graph API) IN ADDITION, THE BELOW WOULD BE NICE TO HAVE (DEPENDING ON THE TEAM) Lab 1: Cloud Enterprise and Computer Security Data & Analytics (KQL/SQL or BigQuery for GCP) Kubernetes (K8s) Power Platform and PowerShell Lab 2: Security Operations SIEM management Advanced logging Cyber Defence Centre tooling DLP technical policy development Ability to More ❯

and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯