51 to 75 of 98 Kusto Query Language Jobs in the UK excluding London

intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT More ❯

in continuous learning and professional development. Flexibility to work on-site in Peterborough two days per week (negotiable). Preferred Skills & Certifications: Experience with KQL, Rapid7 SIEM, SentinelOne EDR, Microsoft Defender XDR, or Microsoft Sentinel. Level 3 Analysts: Additional expertise in threat hunting, digital forensics, and leadership experience. #J More ❯

Experience with CI/CD tools (Azure DevOps, GitHub) and agile delivery practices Familiarity with ITIL processes and cloud-native monitoring tools (Application Insights, KQL) Excellent problem-solving skills and the ability to communicate with both technical and non-technical teams Nice to Have as an Cloud Integration Engineer Experience More ❯

skills to contribute to new detection techniques and research industry capabilities. Coordinate with government or commercial security operation centers for root cause analysis. Create KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. More ❯

intelligence summaries Required Skills & Experience: 5+ years in cybersecurity, with 2+ years at SOC Level 3 or senior analyst level Expertise in Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT More ❯

technical coach). Position might be filled at a higher level based on candidate experience. What will help you succeed Preferred Requirements: Experience with query languages such as SQL, SPL, or KQL. Experience with observability and log collectors/pipelines such as FluentBit, OpenTelemetry, Cribl, and Logstash. Experience with More ❯

large-scale environment Provide support and troubleshooting for Azure services including Compute, Storage, Networking, etc. Utilize Azure Management tools such as Azure Monitor, Agents, KQL, ARM templates, Azure Policies, and Infrastructure as Code (IaC) with Azure DevOps, Bicep, etc. Perform scripting with PowerShell and manage patching in cloud environments Follow More ❯

of systems and processes. Essential Experience Experience in a SOC or security team. Hands-on experience with Microsoft Sentinel: Proven track record in writing KQL, hunting, and incident response processes within Microsoft Sentinel. Experience in managing Data Connectors and the processes behind them. Strong understanding of Workbooks development and integration. More ❯

analysis Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP) Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as More ❯

security tooling, including: Microsoft Sentinel – connector management, rule tuning, data enrichment Microsoft Defender solutions (Endpoint, Identity, Cloud Apps) Develop and refine detection logic using KQL, and implement SOAR playbooks via Logic Apps. Integrate data sources from hybrid environments (cloud/on-premise) into the SIEM. Optimise alert fidelity and reduce More ❯

experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework More ❯

base and engineering standards Requirements Experience with Microsoft Sentinel in enterprise environments Understanding of security telemetry across various layers Skills in SIEM content development, KQL, analytics rules, data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to work in More ❯

with and responding to escalated and most high profile incidents. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft Security stack – Defender, Sentinel, KQL, etc. Experience working in hybrid-cloud SOC environments – Azure/AWS preferably. Ability to articulate specific projects that you have built, developed or led on More ❯

. Experience securing cloud environments and ensuring compliance. Understanding of API security standards, exploits, malware, and web architecture. Proficiency in building complex queries (RQL, KQL, SQL). Hands-on experience with Microsoft Azure, AWS, or GCP security features. Programming skills in Python or PowerShell. We support flexible working arrangements and More ❯

We are hunting for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to More ❯

We are hunting for an experienced SOC Analyst that’s spent time working within the Microsoft security stack, specifically with Sentinel, KQL and Defender. SOC First Responders form the bulwark of our cyber defences and are responsible for the rapid triage of security alerts and for the initial response to More ❯

analysis Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP) Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as More ❯

analysis Can demonstrate strong experience and track record in MS Purview information protection & Data Loss Prevention (DLP) Experienced in Azure Resource Manager template, Git, KQL, PowerShell Can work with control frameworks such as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005), Privacy and other frameworks as More ❯

in SRE, IT operations, software development, or DevOps. Familiarity with CI/CD, IaC, Agile, and ITIL frameworks. Proficiency in Azure Monitor, Application Insights, KQL, and incident management. Hands-on experience with YAML pipelines. Experience with Bicep, SolarWinds, Terraform, and PowerShell. Interested in joining a growing SRE team focused on More ❯

and common attacker techniques. Strong communication and leadership skills, with the ability to influence and guide both technical and non-technical stakeholders. Experience with KQL and customizing Sentinel detections. Exposure to cloud security operations (Azure preferred). Microsoft certifications such as SC-200 or AZ-500 are a bonus but More ❯

years’ experience working in a SOC environment – ideally MSSP. Experience in a technical security role is also considered. Experience with SIEM tools e.g. Sentinel, KQL, ELK, QRadar, AlienVault, or similar. A cyber security qualification, certification, or degree e.g. CySA+, CompTIA SEC+, or similar experience. Microsoft SC-200 Certs are desirable. More ❯

Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide More ❯

Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide More ❯

Additional Knowledge Management Tools - Microsoft SCCM, Windows Admin Center, SCOM Monitoring - SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide More ❯

Additional Knowledge Management Tools – Microsoft SCCM, Windows Admin Center, SCOM Monitoring – SCOM, WAC, Windows Network, Azure Log analytical Workspace, Sentinel Workspace, Event Logs and Kusto Queries Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide More ❯