76 to 100 of 296 Remote Kusto Query Language Jobs

and solutions to ensure consistent highl level of service to customers. Automation & Continuous Improvement Develop scripts and queries (Kusto Query Language - KQL, PowerShell, Python) for log analysis. Implement automated remediation workflows where possible. Recommend improvements to architecture based on performance data. Collaboration & Documentation Work closely with engineering … or DevOps support. Strong knowledge of Microsoft Azure services (App Service, SQL Database, Blob Storage, Azure Monitor, Application Insights, Log Analytics). Proficiency in KQL (Kusto Query Language) for log analysis. Experience with automation scripting (PowerShell, Python, or Azure Functions). Desirable Familiarity with SIEM tools (Splunk More ❯

incident response. - Correlate multi-source telemetry (network, endpoint, identity, cloud) to identify and contain threats. Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve … related field. - 5+ years of hands-on experience in cybersecurity operations. - Minimum 2 years of experience with Microsoft Sentinel and Microsoft Defender suite. Skills: - KQL (Kusto Query Language) - Security architecture and data integration - Azure and Microsoft 365 security services - Experience in onboarding and managing log sources in More ❯

NIST, CIS Benchmarks, NCSC guidelines, ISO 27001 and Cyber Essentials Plus (CE+) Practical experience with PowerShell, Python, and Kusto Query Language (KQL) for automation, analysis, and custom alerting Exposure to programming languages such as JavaScript, C, or .NET is a big plus! About Us... We’ve been More ❯

problems for non-technical audiences. • Strong understanding of OT infrastructure, networking, and end-user computing. • Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. • Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems More ❯

to Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL). More ❯

technologies such as Docker and Kubernetes. Proficiency in cloud platforms: Azure and AWS. Expertise in Microsoft Defender and Kusto Query Language (KQL). Qualifications: Bachelor’s degree in Computer Science, IT, or related field. Minimum of 5 years of experience in IT infrastructure engineering, focusing on Microsoft More ❯

simple manner to non-technical audiences Strong understanding of OT infrastructure, networking, and end-user computing. Experience writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts. Proficient in configuration and troubleshooting of multi-factor authentication (MFA), Privileged Access Management (PAM) and Security Information More ❯

the Delivery Lead/PMO. The Role You will be responsible for: Creating Threat Hunt Hypotheses and executing Threat Hunts regularly. Translating hypotheses into KQL queries, executing them, and triaging results independently. Having knowledge of attacker TTPs and APT groups, conducting in-depth research. Verifying and refining Threat Hunt queries More ❯

platforms, including IBM QRadar, Microsoft Sentinel and LogRhythm. In-depth experience with Microsoft Sentinel, including use case and rule development, workbook/playbook creation, KQL & Logic Apps/SOAR. Experience of onboarding, tuning, reporting, and configuring SIEM solutions. Experience of threat intelligence. Leadership and mentoring experience and skills. Understanding of More ❯

new detection techniques and research industry capabilities. Communicate with government or commercial security operations centers for root-cause analysis. Create low to medium complexity KQL analytics and hunt queries, conduct IOC and anomaly-based threat hunts. Identify and tag incorrect alert logic or high false positive detection rules for review. More ❯

Lead for prioritisation. · Ad-hoc communications with government or commercial security operations centres as part of root-cause analysis · Creation of low-medium complexity KQL analytics and hunt queries, conducting IOC and anomaly-based threat hunts, including root cause identification of findings · Identification and tagging of incorrect alert logic/ More ❯

integrating Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, KQL, analytics rules, and custom connectors Scripting skills in Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (preferred) Ability to More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Knowledge of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and custom data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Knowledge of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and custom connectors Scripting skills in Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (preferred) Ability to More ❯

standards Requirements: Experience with Microsoft Sentinel in enterprise environments Understanding of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and data connectors Scripting skills in Python, PowerShell, and API integration Background in threat detection, incident response, or DFIR is a plus Ability More ❯

Microsoft Sentinel deployment at SMC and enterprise level Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience with SIEM content development, KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability More ❯

Experience with Microsoft Sentinel at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network Skills in SIEM content development, KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus) Ability to More ❯

Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience in SIEM content development, including KQL, analytics rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability More ❯

with building and integrating complex Microsoft Sentinel solutions Understanding of security telemetry across identity, endpoint, cloud, and network layers Experience with SIEM content development, KQL, analytics rules, and custom data connectors Scripting skills in Python, PowerShell, APIs, and Function Apps Background in cyber threat detection, incident response, or DFIR (a More ❯

Sentinel deployment at SMC and enterprise levels. Understanding of security telemetry across identity, endpoint, cloud, and network layers. Experience in SIEM content development, including KQL, analytics rules, and data connectors. Scripting skills in Python, PowerShell, APIs, and Function Apps. Background in cyber threat detection, incident response, or DFIR is advantageous. More ❯

Experience with building and integrating complex Microsoft Sentinel solutions Understanding of security telemetry across identity, endpoint, cloud, and network Experience with SIEM content development, KQL, rules, and data connectors Scripting skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR is a plus Ability to More ❯

Microsoft Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development: KQL, analytics rules, data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in threat detection, incident response, or DFIR (a plus) Ability to More ❯

Microsoft Sentinel deployment at SMC and enterprise levels. Understanding of security telemetry across identity, endpoint, cloud, and network layers. Skills in SIEM content development: KQL, analytics rules, custom data connectors. Scripting and engineering skills: Python, PowerShell, APIs, Function Apps. Background in cyber threat detection, incident response, or DFIR is a More ❯

Sentinel deployment at SMC and enterprise levels Understanding of security telemetry across identity, endpoint, cloud, and network layers Skills in SIEM content development, including KQL, analytics rules, and data connectors Scripting and engineering skills: Python, PowerShell, APIs, Function Apps Background in cyber threat detection, incident response, or DFIR (a plus More ❯

Sentinel solutions at SMC and enterprise levels. Understanding of security telemetry across identity, endpoint, cloud, and network layers. Proficiency in SIEM content development, including KQL, analytics rules, and custom connectors. Scripting skills: Python, PowerShell, APIs, Function Apps. Background in cyber threat detection, incident response, or DFIR is a plus. Ability More ❯