1 to 25 of 38 Kusto Query Language Jobs

/SIEM platforms (e.g., Elastic, Sentinel, Splunk), including query languages used for investigations and detections such as: Kusto Query Language (KQL) ES|QL Kibana Query Language Strong understanding of attacker tactics, techniques, and procedures (TTPs), including detecting indicators of compromise (IOCs) and knowing ...

CSOC Compile and present monthly SOC reporting, advising on security posture improvements Support client service reviews and articulate cyber risk in business-friendly language Conduct security assessments, including vulnerability testing and risk analysis Ensure high-quality incident resolution and consistent SOC performance Who you are: Youre an experienced cyber … responding to cyber security incidents Hands-on experience with SIEM, EDR, and email security tooling Experience working in a Microsoft XDR SOC Strong KQL (Kusto Query Language) skills Experience mentoring and supporting analysts at different levels Excellent written and verbal communication skills Strong analytical thinking, judgement ...

Azure observability playbook, delivering comprehensive dashboards, alerting rules, and operational runbooks using Application Insights, Log Analytics, and Kusto Query Language (KQL). AIOps & Intelligent Automation Develop AI‐driven alerting and detection mechanisms to surface early‐warning signals, including IP reputation degradation, database capacity saturation, and anomalous traffic … Expertise Deep proficiency in Terraform, including module design, remote state management, workspace strategies, and multi‐environment deployment patterns. Monitoring & Observability Expertise Advanced experience with KQL for Azure Log Analytics, with the ability to design and build custom Azure Monitor Workbooks for operational insight and reporting. Security Automation Strong background ...

overview of customer industry and projects, access to cutting-edge technology etc.) Technical SME in Cybersecurity space Key responsibilities: (Up to 10, Avoid repetition) KQL: Expert Level Able to develop and maintain high-fidelity detection rules using Kusto Query Language Able to utilize KQL for detection engineering … Coordinate the end-to-end onboarding of log sources into Sentinel. Key skills/knowledge/experience: (Up to 10, Avoid repetition) Expert in KQL Technical SME for Sentinel set up Strong understanding of cloud and on premises logging (Windows, Linux, application, DB, identity). Experience onboarding data using ...

engineering activities on a rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where … Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise KQL queries (essential). Knowledge of scripting/query languages (e.g., Falcon Query Language) is advantageous. Analytical Capability: Strong investigative and problem-solving ...

engineering activities on a rotational basis. Develop and tune detection rules to improve alert quality and reduce false positives. Write and optimise queries (e.g., KQL) across SIEM platforms. Collaboration & Support: Work closely with internal teams and third-party providers to investigate and resolve incidents. Support MSSP interactions and escalations where … Microsoft Sentinel). Experience with EDR/XDR tools (e.g., CrowdStrike). ServiceNow or similar ITSM/SecOps platforms. Ability to write and optimise KQL queries (essential). Knowledge of scripting/query languages (e.g., Falcon Query Language) is advantageous. Analytical Capability: Strong investigative and problem-solving ...

with the ability to explain technical issues to varied audiences Demonstrated commitment to continuous learning Desirable Skills Experience with scripting or automation (e.g. PowerShell, KQL, Python) Exposure to threat hunting or threat intelligence practices Experience mentoring or supporting junior colleagues Familiarity with vulnerability management or digital forensics What’s Offered ...

technical stakeholders. What youll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks into ...

technical stakeholders. What you’ll bring: Deep SIEM expertise, building advanced detection logic, automation and complex queries in Splunk (SPL) and Microsoft Sentinel (KQL). A proven track record delivering complex detection engineering projects within enterprise or MSSP environments. Strong analytical skills, with the ability to break down sophisticated attacks ...

engineering teams with technical expertise • Driving detection maturity and technical standards What we’re looking for: ✔ Strong Splunk (SPL) and/or Microsoft Sentinel (KQL) experience ✔ Detection engineering experience within enterprise or MSSP environments ✔ Solid understanding of attacker TTPs and threat detection methodologies ✔ Scripting ability (Python/PowerShell) ✔ Knowledge ...

third-party security operations service. * Coordinate incident response activities including containment, evidence collection, documentation, and recovery support. * Contribute to threat hunting activities using KQL queries and intelligence-led techniques. * Support the triage and processing of data subject rights (DSR) requests, including subject access requests (SARs). * Support DPIA processes through ...

areas: vulnerability analysis, security alert analysis, email threat analysis, incident response, ability to read and understand essential scripting and database languages (PowerShell, python, SQL, KQL, etc) desired Bachelor’s degree in computer science, information systems, cybersecurity or related field optional. GIAC, ISACA, CompTIA, and/or ISC2 technical certifications preferred ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large-scale ingestion architectures. Strong knowledge of SPL; experience with KQL and EQL would be beneficial, but is not essential. Experience with automation and Infrastructure-as-Code within security monitoring or SIEM environments. Solid understanding of SIEM ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...

operating build & release automation and continuous integration and deployment, especially to Azure or to VMware VCF. Scripting and Programming languages in (Python, Bash, Powershell, KQL etc.,) Familiarity with infrastructure automation using tools like Ansible and Terraform. Experience of DevOps Practices, and working with Agile methodologies including SAFe. Unix & Windows system ...

monitoring tools (Elastic & Splunk) Build and optimise large-scale log ingestion pipelines and data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure ...

governance principles Understanding of identity and access control (e.g. Entra ID, RBAC) Experience across structured and unstructured data Scripting/automation skills (PowerShell, Python, KQL) Qualifications Relevant technical qualifications or equivalent experience. Microsoft certifications (e.g. SC-400, AZ-500, DP-203, AZ-305) Experience with Azure data services (e.g. Data ...

governance principles Understanding of identity and access control (e.g. Entra ID, RBAC) Experience across structured and unstructured data Scripting/automation skills (PowerShell, Python, KQL) Qualifications Relevant technical qualifications or equivalent experience. Microsoft certifications (e.g. SC-400, AZ-500, DP-203, AZ-305) Experience with Azure data services (e.g. Data ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

Analytics, Defender for Cloud) Excellent understanding of cloud performance, IaaS/PaaS, networking fundamentals, API performance and capacity modelling Skilled in dashboards, log queries (KQL), custom metrics and performance analysis Ability to diagnose complex issues across infrastructure, networks, applications or databases Confident scripting and automation skills (PowerShell, Azure Automation, Graph ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...

alert analysis, incident response, and email threat analysis. Ability to read and understand scripting and query languages such as PowerShell, Python, SQL, or KQL (desirable). Excellent analytical and critical-thinking skills, with the ability to investigate issues independently and make sound judgments. Clear and professional written and verbal ...