2 of 2 Kibana Jobs in the Thames Valley

knowledge of SIEM platforms (e.g. Microsoft Sentinel, Splunk, Elastic) * Experience writing and tuning queries using: o Kusto Query Language (KQL) o ES|QL/Kibana Query Language o Splunk SPL * Understanding of event correlation, alerting, and detection use-case development ________________________________________ Technical Foundations * Strong knowledge of: o Linux and Windows ...

with ideally around five years hands on experience. Strong hands-on experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat … MITRE ATT&CK TTPs, adversary behaviours, and emerging threat intelligence Write, refine, and optimise SIEM queries using KQL, SPL, Elastic/ESQL, and Kibana Query Language Perform IOC analysis, enrichment, and validation, integrating internal and external threat intelligence sources Lead investigations from initial detection through scoping, root cause analysis ...