3 of 3 Kibana Jobs in Wokingham

management/SIEM platforms (e.g., Elastic, Sentinel, Splunk), including query languages used for investigations and detections such as: Kusto Query Language (KQL) ES|QL Kibana Query Language Strong understanding of attacker tactics, techniques, and procedures (TTPs), including detecting indicators of compromise (IOCs) and knowing how to locate them ...

CSOC environment Hands-on expertise with SIEM tools (e.g. Microsoft Sentinel, Splunk, Elastic) Experience with query languages such as KQL/ES|QL/Kibana Solid understanding of threat detection, IOCs, and attacker TTPs Proven experience across the full incident lifecycle Clear and structured communication skills, especially under pressure ...

with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat … MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis ...