!!!KQL Consultant-100% remote!!!
My client (one of the largest international insurance companies in the word!), needs a KQL developer to join their team to consult their SOC team to the best practices with KQL and Azure sentinel. This will be a long term mission FULLY REMOTE and a great chance to improve your skills and gain some invaluable experience with one of the largest names in the game.
Role: Senior Use Case Developer KQL (Kusto)
Contract: 3 Month Renewable (2-3 Years)
Remote: FULL 100%
Languages: English
Start: ASAP
Job Summary:
Highly skilled Senior Kusto KQL Developer with a deep understanding of regular expressions.
The successful candidate will be responsible for designing, developing and implementing Kusto query-based solutions to meet customer requirements.
Main Tasks and accountabilities:
- Developing new custom Microsoft Sentinel Analytic Rules based on customer requirements
- Onboard unstructured log sources by developing custom parsers, utilising various log collection methods
- Develop and maintain playbook and investigation guidelines documentation to be used by SOC analysts
- Offer consultative advice in security principles and best practices related to Sentinel operations