At a Glance
- Tasks: Investigate security incidents and escalate complex cases while contributing to platform improvements.
- Company: Join a leading tech firm focused on next-gen security operations.
- Benefits: Competitive salary, flexible shifts, and opportunities for professional growth.
- Other info: Dynamic 24/7 environment with mentorship and career advancement opportunities.
- Why this job: Make a real impact in cybersecurity and work with cutting-edge technologies.
- Qualifications: Experience in security analysis and strong analytical skills required.
The predicted salary is between 40000 - 50000 £ per year.
The SOC Analyst Team operates as a next‑generation, intelligence‑led Security Operations function, designed to deliver high‑quality, scalable 24×7 security monitoring and response. All SOC analysts participate in a 24×7 shift model, ensuring uninterrupted service coverage, while also contributing to detection improvement, automation feedback, and service optimisation when operational demand allows.
Tier 2 – SOC Analyst
Role Purpose: Tier 2 SOC Analysts represent the primary human analysis function, responsible for investigating escalated alerts and incidents that require human judgement, contextual understanding, and analytical depth.
Key Responsibilities:
- Perform deep investigation of escalated alerts and incidents from automated Tier 1 workflows.
- Validate threats, scope impact, and determine severity using contextual analysis.
- Investigate across multiple data sources, including:
- SIEM
- EDR / XDR
- Identity and authentication telemetry
- Cloud and SaaS platforms
- Coordinate and execute response actions in line with defined playbooks, client‑specific requirements, and incident response procedures.
- Maintain clear, high‑quality investigation documentation and handover notes.
Operational Expectations:
- Operate as part of a 24×7 shift rota.
- Maintain accountability for investigation accuracy and quality.
- Escalate complex or ambiguous cases to Tier 3 appropriately.
- Provide structured feedback into detection tuning, alert quality improvements, and automation optimisation.
Continuous Improvement Contributions:
When operational demand allows, Tier 2 analysts are expected to contribute insight time to platform improvement activities, supporting the Platform Automation Lead through:
- Identification of repeatable investigation patterns.
- Feedback on automation opportunities.
- Playbook refinement and improvement.
- Detection logic tuning recommendations.
Tier 3 – Senior SOC Analyst / Incident Specialist
Role Purpose: Tier 3 analysts provide advanced security expertise and escalation handling, focusing on complex, high‑risk, or ambiguous security incidents and ensuring consistent investigation quality across the SOC.
Key Responsibilities:
- Handle escalations involving high‑impact or business‑critical incidents, advanced or evasive attacker techniques, and ambiguous or novel threat behaviour.
- Conduct advanced threat analysis, including attacker behaviour and intent assessment, cross‑incident correlation, and campaign and intrusion analysis.
- Provide oversight and quality assurance of Tier 2 investigations.
- Lead complex incident response coordination where required.
Leadership & Mentorship:
- Participate in 24×7 escalation coverage, via on‑call or senior shift roles.
- Act as a technical mentor to Tier 2 analysts.
- Support analyst development through coaching and investigative guidance.
- Set investigation and response quality standards across the SOC.
Platform & Automation Feedback:
Like Tier 2, Tier 3 analysts are expected to provide structured feedback into platform and automation initiatives, working indirectly with the Platform Automation Lead to:
- Improve detection fidelity.
- Reduce repeat incident patterns.
- Increase automation coverage over time.
- Ensure complex incidents inform long‑term service improvement.
Microsoft Security Operations Centre (SOC) Analyst – T2 & T3 in Manchester employer: Avanade UK Limited Company
As a Microsoft Security Operations Centre (SOC) Analyst in Newcastle, you will join a dynamic team dedicated to delivering top-tier security monitoring and response in a collaborative and innovative environment. The company fosters a culture of continuous improvement, offering ample opportunities for professional growth and development, while also providing competitive benefits and a supportive work-life balance through its 24×7 shift model. With a focus on employee well-being and career advancement, this role is perfect for those seeking meaningful and rewarding employment in the cybersecurity field.
Contact Details:
Avanade UK Limited Company Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land Microsoft Security Operations Centre (SOC) Analyst – T2 & T3 in Manchester
✨Tip Number 1
Network like a pro! Reach out to current SOC analysts on LinkedIn or at industry events. Ask them about their experiences and any tips they might have for landing a role like this. Personal connections can really give you an edge!
✨Tip Number 2
Prepare for the interview by brushing up on your technical skills. Make sure you can talk confidently about Microsoft Sentinel, incident response procedures, and threat analysis. We want to see that you know your stuff and can handle real-world scenarios.
✨Tip Number 3
Showcase your problem-solving skills during interviews. Be ready to discuss how you've tackled complex incidents in the past or how you'd approach hypothetical situations. We love candidates who can think on their feet and adapt to challenges!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at StudySmarter!
We think you need these skills to ace Microsoft Security Operations Centre (SOC) Analyst – T2 & T3 in Manchester
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the SOC Analyst role. Highlight your experience with Microsoft Sentinel, incident response, and any relevant security certifications. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cybersecurity and how you can contribute to our team. Be sure to mention your understanding of the 24×7 shift model and your commitment to high-quality investigations.
Showcase Your Analytical Skills:In your application, give examples of how you've tackled complex security incidents in the past. We love seeing candidates who can demonstrate their analytical depth and contextual understanding, so don’t hold back!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at Avanade UK Limited Company
✨Know Your Tools Inside Out
Make sure you’re familiar with Microsoft Sentinel and Service Now, as these are key technologies for the role. Brush up on how they work, their features, and any recent updates or changes. Being able to discuss your experience with these tools will show that you're ready to hit the ground running.
✨Understand Incident Response Procedures
Get a solid grasp of incident response protocols and playbooks. Be prepared to discuss how you would handle specific scenarios, including threat validation and escalation processes. This will demonstrate your analytical depth and contextual understanding, which are crucial for a SOC Analyst.
✨Showcase Your Investigation Skills
Prepare examples of past investigations you've conducted, focusing on how you validated threats and scoped impacts. Highlight your ability to analyse data from multiple sources, as this is a big part of the job. Real-life examples will make your answers more compelling.
✨Emphasise Continuous Improvement Mindset
Talk about how you’ve contributed to process improvements in previous roles. Whether it’s through detection tuning or feedback on automation opportunities, showing that you have a proactive approach to enhancing security operations will set you apart from other candidates.
