20 of 20 Kusto Query Language Jobs

data onboarding (streaming and historical), ETL pipeline development, and dashboard visualization. This role is critical to scaling our analytics infrastructure and supporting high-impact projects across Fabric, ADX/Kusto, and Azure ecosystems. Primary Responsibilities/Accountabilities: The operations team, specifically the analytics subgroup, focuses on migrating standalone data estates into Fabric and integrating data from new vendors, supporting … sources (using Event Hubs, SQL, Vector, etc.). ETL Pipeline Development: Build scalable, automated pipelines using Azure Data Factory (ADF), Logic Apps, and Kusto Query Language (KQL). Dashboard Development: Design and maintain real-time dashboards using Fabric (Power BI), Azure Data Explorer (ADX), and Azure Data Studio. Data Modeling & Governance: Implement robust data models and enforce … one month, the candidate should onboard data, transform it, and deliver a simple dashboard based on ingested data. Proficiency in Fabric, Azure Data Explorer (ADX/Kusto), SQL, KQL, Azure Data Studio, Event Hubs, Logic Apps, Vector, Splunk, and ADF. Strong scripting skills in Python or Bash. Experience with data visualization tools (ADX, Power BI, Grafana). Familiarity with More ❯

Identity and Access Administrator Associate • Experience with the following is preferred: o Azure, Microsoft 365, and Active Directory Domain Services o PowerShell and Kusto Query Language (KQL) • The following certifications are preferred: o Azure Solutions Architect Expert o Microsoft 365 Certified: Enterprise Administrator Expert Required: Active TS/SCI w/FSP Job Type: Full-time More ❯

an operations or support team managing SaaS applications. A strong background in SQL Server and Azure SQL . Experience with Log Analytics and Kusto Query Language (KQL) . If you are someone who can calmly and competently coordinate incident responses and communicate fluently with both engineers and client success teams, then we want to hear from you. More ❯

contribute to continual service improvements. What We’re Looking For 3+ years experience in SOC/NOC Environments Strong experience with SIEM - IBM QRadar . Experience with log parsing, KQL/SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK More ❯

SOAR) for security monitoring, detection, and incident response. The ideal candidate will have practical experience configuring, tuning, and maintaining these solutions, analysing alerts and incidents, developing advanced hunting queries (KQL), developing automation playbooks, and integrating with other security controls and solutions. Experience with security tools outside of the Microsoft eco-system , such as IDS/IPS, vulnerability scanners, web and More ❯

or already holding, SC Clearance. Proven expertise in IBM QRadar and SIEM engineering. Strong knowledge of log formats, parsing, and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST More ❯

alerts and responding to them appropriately Experience working through cyber investigations independently Proven experience of Splunk or Sentinel Worked with EDR systems such as Defender or Symantec Knowledge of KQL and SPL Threat Hunting experience Experience working with third-party suppliers and vendors?? Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems or similar More ❯

improvement through recommendations and change initiatives Required Skills & Experience Proven expertise in IBM QRadar SIEM Strong understanding of log formats, parsing, and normalization Experience with SIEM query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

including Nozomi Networks, firewalls, Cribl, EDR (e.g., Defender for Endpoint), VMDR (e.g., Qualys), and other OT/IT systems into Sentinel. Custom Analytics & Detection Rules Develop, and fine-tune KQL-based analytics rules tailored to OT threat scenarios, ensuring high-fidelity alerts and minimal false positives. Threat Intelligence Integration Integrate threat intelligence feeds into Sentinel to enhance detection capabilities and More ❯

Security Center Azure Policy & Role-Based Access Control (RBAC) Microsoft Purview and Compliance tools Familiarity with security frameworks such as NIST, ISO 27001, or CIS. Experience with scripting (PowerShell, KQL) and automation for security operations. Relevant certifications (e.g., AZ-500 , SC-200 , SC-300 ) are highly desirable. What's on Offer Join a globally respected financial institution with a strong More ❯

Security Center Azure Policy & Role-Based Access Control (RBAC) Microsoft Purview and Compliance tools Familiarity with security frameworks such as NIST, ISO 27001, or CIS. Experience with scripting (PowerShell, KQL) and automation for security operations. Relevant certifications (e.g., AZ-500 , SC-200 , SC-300 ) are highly desirable. What's on Offer Join a globally respected financial institution with a strong More ❯

Tier-1 GPO design/governance, SPN hygiene, gMSA adoption, and service-account policies (length/rotation). Automation-first: PowerShell and Microsoft Graph for audits, enforcement, and remediation; KQL, Terraform, Python; policy/config-as-code mindset in a DevOps environment. Exposure tooling: Hands-on with BloodHound/AzureHound and PingCastle (collection, analysis, and driving remediation). Quest ecosystem More ❯

SOC environments – Azure/AWS preferably. Practical experience both implementing and deploying DAC and IAC. Comprehensive knowledge and experience utilising/fine-tuning the Microsoft Security stack – Defender, Sentinel, KQL, etc. Ability to articulate specific projects that you have built, developed or led on, specific to SecOps Engineering and Automation. If you’re an experienced SecOps Engineer, looking to shape More ❯

IBM QRadar (configuration, rule development, playbooks). 3-5 years+ experience in IT security (SOC/NOC environment preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic More ❯

activity baselines and integrate external enrichment sources Deploy and tune EDR, NDR, and XDR, mapping detection to MITRE ATT&CK Skills & Experience: Strong Defender XDR expertise (integration, tuning, automation, KQL) SIEM engineering (Sentinel, LogRhythm) and Infrastructure as Code (ARM, Bicep, Terraform) Background in EDR/NDR implementation and cloud migration This is a long-term contract in a secure setting More ❯

and YAMLImplement performance optimization strategies during data transformationDeploy code artifacts using GitHub Workflows/CI-CD pipelines Collaborate effectively with team members and stakeholdersOptional: Work with Log Analytics and KQL queries Must-Have Skills: 10+ years of experience in Data Engineering Hands-on experience with PySpark, ADF, Databricks, SQL Strong understanding of dimensional modeling, normalization, schema design, and data harmonization More ❯

Cyber Security Analyst When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed. Come and join the Littlefish team More ❯