ICOE Cyber Defence SME in London

Avanade’s Integrated Center of Excellence Security team is looking to hire an experienced Cyber Defense SME for our Global Cybersecurity Center of Excellence. This role is predominantly a deal-shaping and delivery focused role with the unique opportunity to help our clients solve complex and cutting-edge Cyber Defense business challenges across their Cloud Providers, Microsoft 365 platform, end user devices and identity infrastructures. You will have the opportunity to help shape their future Cyber Defense and Security Operations strategy, as well as helping to solution and deliver their future capabilities helping them detect, protect and respond to security incidents.

As a member of Integrated Center of Excellence Security team, you will be working on some of the most exciting, complex and leading-edge projects. In this client-facing role you will play an active role in transforming our client’s Cyber Defense and Security Operations strategy, capabilities and operations through the design and implementation of predominantly Microsoft Security Copilot, Defender and Sentinel based Extended Endpoint Detection and Response (XDR) capabilities.

As ICOE Security member you will be in a unique position within the business, where you are able to manage your time across both pre-sales, client delivery and able to make a change to the entire Avanade organisation through your offering development and thought leadership. We actively encourage innovation, training and development to ensure you are always at the cutting edge of Cyber Defense and Security Operations.

What makes this role so unique is that you are measured on your utilization of up to 70% of your time, as opposed to being a traditional “chargeable” or “billable” resource. Instead, you need only to support exciting client opportunities to achieve the goals of the role. The remaining 30% of your time is spent on asset and offering development and training, making this role truly flexible and attractive to those wanting a cutting-edge Cyber Security role, which has a global impact on Avanade and its clients, whilst working flexibly and remotely.

This is a fantastic opportunity to develop yourself into a leader in the Cyber Defense space. You will learn how to deliver large and global Cyber Defense solutions, as well as gain the knowledge and experience of Microsoft’s broader Security, Compliance, and Identity ecosystem, which is already recognized as a world-leading integrated security platform.

About You:

You are a Cyber Defense SME interested in joining our rapidly growing security practice. To hit the ground running, your skills include:

• Proven experience of Microsoft Sentinel as the integrated security, incident and event management solution and its integration into Security Operations, including security orchestration automation and response (SOAR) capabilities via Sentinel Playbooks.
• Proven experience in the design and implementation of Microsoft Defender for Endpoint solutions to protect, detect and respond to cyber incidents on endpoints across all major operating systems.
• Proven experience protecting in the design and implementation of Microsoft 365 Defender, to protect email, instant messaging and collaboration platforms from malicious attacks, such as Phishing as well as from more sophisticated attacks such as Spear Phishing, Business Email Compromise and identity theft.
• Proven experience with design and implementation of Microsoft Defender for Identity for user and entity behavioral analytics and how these services can be used to identify and defend against identity compromise.
• Proven experience performing use case development and rules that can be applied to consolidate events across disparate systems and used to identify an attack chain across systems.
• Proven experience performing threat hunting across endpoints, identities, networking, cloud and collaboration platforms.
• A good understanding of threat modelling, risk and how to mitigate the risks concerning applications, both from internal and external threat actors.
• A good understanding of incident response processes and techniques for cyber recovery.
• A good understanding of security operations centers, their functions and roles.
• A good understanding of the Microsoft platforms across Windows, Microsoft 365 and Azure.
• Experienced in managed security services, incident response and security advisory.
• A good understanding of techniques and approaches used by threat actors to compromise companies.
• A good understanding of the MITRE ATT&CK framework and how it can be applied to help customers improve their cyber defense.
• With an eye to the future, you are aware of emerging technologies in the Cyber Defense space.
• Core knowledge around Security Copilot and how AI can help Security Operations with their day-to-day activities.

This is an exciting opportunity to join a rapidly expanding and exciting security practice, with the opportunity to expand your proven delivery experience into the area of pre-sales and solutioning and you will be exposed to large, global enterprise clients, with some of the most complex and enticing security problems to solve.

Compensation at Avanade varies depending on a wide array of factors, which may include but are not limited to the specific office location, role, skill set, and level of experience. As required by local law, Avanade provides a reasonable range of compensation for roles that may be hired as set forth below.

We anticipate this job posting will be posted on 3/13/2026 and open for at least 30 days. Avanade offers a market competitive suite of benefits including medical, dental, vision, life, and long-term disability coverage, a 401(k) plan, bonus opportunities, paid holidays, and paid time off.