Azure SIEM Architect

About the Role Avanade security managers collaborate on the development of information security architecture and ensure technology initiatives are implemented to make our client’s cloud environments more secure.

Members in this role are accountable for securing enterprise information by identifying network and application security transgressions, then planning and continuous improvement of security controls and procedures.

You will leverage your background in security incident and event management (SIEM) to create secure processes and remediation mechanisms for cloud native and private cloud environments.

Day to day, you will:
· Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design premier security practices, and deliver strategic, innovative cloud-based security offerings
· Analyze user, machine, software and IoT behaviors gathered by platform logging to determine threats and service stability
· Design and scope efforts to ‘secure as necessary’ given the depth and breadth of your clients’ monitoring tools
· Develop metrics that will measure current risk
· Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats
· Prioritize threats and risks against agreed-upon model and actively communicate to stakeholders
· Leverage industry leading tools and Avanade partners to consult on and perform Security Incident and Event Management (SIEM) The ideal team member will have a solid foundation across Microsoft technology stack and Azure security offerings.

You will articulate security and risk-related concepts to key stakeholders using your experience and willingness to learn the following:
· Design and manage deployments of Threat Detection and Response (TDR) tools from partners such as Microsoft, Splunk, Exabeam, LogPoint
· Integrate the multiple sources of vulnerability data with the help of Vulnerability Prioritization Technology (VPT) and Integrated Risk Management (IRM) tools
· Assess the needs for Digital Risk Protection Services (DRPS), security rating services (SRS) and Cloud Security Posture Management (CSPM)
· Jupyter Notebooks, machine learning and Kusto Query Language (KQL) to expedite log analysis and threat hunting
· Data & analytics tools
– Log Analytics, Azure Sentinel, AI/ML, Microsoft Defender
· Security architecture and design
· Solid grasp of security standard methodologies
· Proven implementation of cloud security models, particularly identity, network, and encryption
· Business case development skills for justifying, prioritizing & forecasting the funding requirements for security programs and initiatives Your certifications may include: CISSP, CCSP, CGEIT, Azure Security, Azure Data Engineer/ Scientist, Azure DevOps To supplement the technical knowledge and project delivery experience, successful candidates will come from a consulting background with good customer facing skills, the ability to capture customer requirements and produce high quality written work.

You likely have a bachelor’s degree in computer science, computer engineering, management information systems, information technology, or a similar field.

An equivalent combination of education and experience may substitute for a degree.