Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Investigate security alerts and enhance detection using Microsoft Sentinel and KQL.
- Company: Join a rapidly growing MSSP in Manchester, making waves in cybersecurity.
- Benefits: Enjoy hybrid working, clear progression opportunities, and investment in training.
- Why this job: Be part of a supportive SOC team that makes a real difference in security.
- Qualifications: Experience with Microsoft Sentinel and KQL is essential; MSSP background is a plus.
- Other info: Interviews are happening soon, so apply now to secure your spot!
The predicted salary is between 24000 - 36000 £ per year.
Maxwell Bond have engaged with an MSSP in the Manchester area that’re looking for a Threat Analyst to join their team. We’re looking for somebody that has recent experience with Microsoft Sentinel (1-2 years) and KQL skills. The company are growing and hiring at a quick rate, really exciting time to join them as they expand. You will be in the Manchester based office ideally once per week, sometimes maybe once every two weeks.
What you’ll be doing:
- Investigating and responding to security alerts and incidents escalated by the L1 team
- Using Microsoft Sentinel as your primary SIEM platform, leveraging KQL to hunt, analyse, and improve detection
- Tuning Sentinel rules, creating workbooks and queries to enhance visibility and reduce false positives
- Working with clients across different sectors, helping them understand threats and improve their security posture
- Collaborating with Threat Intelligence and Engineering teams to strengthen detection and response capabilities
What we’re looking for:
- Solid experience working with Microsoft Sentinel in a live SOC environment
- Strong knowledge and hands-on ability with KQL (Kusto Query Language)
- Understanding of attack techniques (MITRE ATT&CK, etc.) and incident response workflows
- Comfortable working across different client environments and adapting to varied threat landscapes
- Previous experience in an MSSP or managed services environment is an advantage
Job details:
- Salary up to £30,000
- Hybrid working – once a week in the office
- Clear progression opportunities and exposure to a wide range of threat landscapes
- Work as part of a supportive, growing SOC team with real investment in tooling and training
If you’re ready to take the next step in your threat analysis career and want to be part of a team that makes a real difference, apply now.
We’re expecting a large amount of interest in this role with interviews taking place towards the end of the week, please apply now to be considered or alternatively contact Dan Rowland at Maxwell Bond on 0161 840 1021 or dan.rowland@maxwellbond.co.uk
Threat Intelligence Analyst employer: LinkedIn
Contact Detail:
LinkedIn Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Threat Intelligence Analyst
✨Tip Number 1
Familiarise yourself with Microsoft Sentinel and KQL by working on personal projects or contributing to open-source initiatives. This hands-on experience will not only boost your confidence but also give you practical examples to discuss during interviews.
✨Tip Number 2
Stay updated on the latest trends in threat intelligence and incident response. Follow relevant blogs, podcasts, and forums to gather insights that can help you understand the current threat landscape, which you can reference in conversations with potential employers.
✨Tip Number 3
Network with professionals in the cybersecurity field, especially those who work in SOC environments. Attend local meetups or online webinars to connect with others and learn about job openings that may not be widely advertised.
✨Tip Number 4
Prepare for technical interviews by practising common KQL queries and understanding how to tune Sentinel rules effectively. Being able to demonstrate your problem-solving skills in real-time scenarios will set you apart from other candidates.
We think you need these skills to ace Threat Intelligence Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with Microsoft Sentinel and KQL. Use specific examples from your previous roles to demonstrate your skills in a live SOC environment.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Mention how your background aligns with their needs, particularly your understanding of attack techniques and incident response workflows.
Showcase Relevant Projects: If you have worked on any projects involving threat analysis or security incidents, include them in your application. Detail your contributions and the outcomes to illustrate your capabilities.
Highlight Continuous Learning: Mention any relevant certifications or training you've completed, especially those related to threat intelligence or security tools. This shows your commitment to staying updated in the field.
How to prepare for a job interview at LinkedIn
✨Showcase Your Microsoft Sentinel Experience
Make sure to highlight your hands-on experience with Microsoft Sentinel during the interview. Be prepared to discuss specific incidents where you used Sentinel to investigate security alerts and how you tuned rules to improve detection.
✨Demonstrate KQL Proficiency
Since KQL is a key requirement for this role, be ready to explain your familiarity with it. You might even want to prepare a few examples of queries you've written or how you've used KQL to enhance visibility in previous roles.
✨Understand Threat Landscapes
Familiarise yourself with various attack techniques, especially those outlined in the MITRE ATT&CK framework. Being able to discuss these techniques and how they relate to incident response workflows will show your depth of knowledge in threat analysis.
✨Prepare for Client Interaction Scenarios
As the role involves working with clients across different sectors, think about how you would communicate complex security concepts to non-technical stakeholders. Prepare examples of past experiences where you successfully explained threats and security measures to clients.
