ICOE Cyber Defence SME

Avanade’s Integrated Center of Excellence Security team is looking to hire an experienced Cyber Defense SME for our Global Cybersecurity Center of Excellence. This role is predominantly a deal‑shaping and delivery focused role with the unique opportunity to help our clients solve complex and cutting‑edge Cyber Defense business challenges across their Cloud Providers, Microsoft 365 platform, end‑user devices and identity infrastructures. You will have the opportunity to help shape their future Cyber Defense and Security Operations strategy, as well as help to solution and deliver their future capabilities so they can detect, protect, and respond to security incidents. What You’ll Do As a member of the Integrated Center of Excellence Security team, you will be working on some of the most exciting, complex and leading‑edge projects. In this client‑facing role you will play an active role in transforming our client’s Cyber Defense and Security Operations strategy, capabilities and operations through the design and implementation of predominantly Microsoft Security Copilot, Defender and Sentinel based Extended Endpoint Detection and Response (XDR) capabilities. As ICOE Security member you will be in a unique position within the business, allowing you to manage your time across pre‑sales and client delivery while contributing to Avanade’s offering development and thought leadership. We actively encourage innovation, training, and development to keep you at the cutting edge of Cyber Defense and Security Operations. This role is measured on your utilisation of up to 70 % of your time, rather than being a traditional “chargeable” or “billable” resource. The remaining 30 % of your time will be devoted to asset and offering development and training, making this role truly flexible and attractive to those seeking a cutting‑edge Cyber Security role with a global impact, while working flexibly and remotely. This is a fantastic opportunity to develop yourself into a leader in the Cyber Defense space. You will learn how to deliver large, global Cyber Defense solutions and gain knowledge and experience of Microsoft’s broader Security, Compliance, and Identity ecosystem, which is already recognized as a world‑leading integrated security platform. Qualifications About You: Proven experience of Microsoft Sentinel as the integrated security, incident and event management solution and its integration into Security Operations, including security orchestration automation and response (SOAR) capabilities via Sentinel Playbooks. Proven experience in the design and implementation of Microsoft Defender for Endpoint solutions to protect, detect and respond to cyber incidents on endpoints across all major operating systems. Proven experience designing and implementing Microsoft 365 Defender to protect email, instant messaging and collaboration platforms from malicious attacks such as phishing, spear phishing, Business Email Compromise and identity theft. Proven experience designing and implementing Microsoft Defender for Identity for user and entity behavioural analytics and how these services can identify and defend against identity compromise. Proven experience performing use case development and rules that consolidate events across disparate systems to identify an attack chain. Proven experience performing threat hunting across endpoints, identities, networking, cloud and collaboration platforms. A good understanding of threat modelling, risk, and how to mitigate the risks concerning applications from internal and external threat actors. A good understanding of incident‑response processes and techniques for cyber recovery. A good understanding of security operations centres, their functions and roles. A good understanding of the Microsoft platforms across Windows, Microsoft 365 and Azure. Experienced in managed security services, incident response and security advisory. A good understanding of techniques and approaches used by threat actors to compromise companies. A good understanding of the MITRE ATT&CK framework and how it can be applied to help customers improve their cyber defence. With an eye to the future, you are aware of emerging technologies in the Cyber Defense space. Core knowledge around Security Copilot and how AI can help Security Operations with their day‑to‑day activities. Compensation and Benefits Compensation at Avanade varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Avanade provides a reasonable range of compensation for roles that may be hired as set forth below. Location ranges: California: $136,000-161,000 Cleveland: $117,000-139,000 Colorado: $117,000-139,000 District of Columbia: $136,000-161,000 Illinois: $131,000-155,000 Maryland: $136,000-161,000 Massachusetts: $136,000-161,000 Minnesota: $131,000-155,000 New York: $144,000-171,000 New Jersey: $117,000-139,000 Washington: $136,000-161,000 Avanade offers a market‑competitive suite of benefits including medical, dental, vision, life, and long‑term disability coverage, a 401(k) plan, bonus opportunities, paid holidays, and paid time off. #J-18808-Ljbffr Avanade