Avanade is the leading provider of innovative digital, cloud and advisory services, industry solutions and design-led experiences across the Microsoft ecosystem. Every day, our 59,000 professionals in 26 countries do what matters to make a genuine human impact for our clients, their employees and their customers.​

With the most Microsoft certifications (60,000+) and 18 (out of 18) Gold-level Microsoft competencies, we are uniquely positioned to help businesses grow and solve their toughest challenges.​

As a responsible business, we are building a sustainable world and helping young people from underrepresented communities fulfill their potential.​

Avanade was founded in 2000 by Accenture LLP and Microsoft Corporation.

As an Avanade Cybersecurity Data Analyst, you will work with a diverse team of security-minded technologists . You enjoy working on innovative technologies to help improve and assist in creating new security tools, incident response procedures, reporting, and KPI metrics to help strengthen the security and risk landscape . You maintain proficiency in coding and querying languages (Python, SQL, KQL), attack techniques, procedures, data mining, and big data analytics trends.You will use your strong problem-solving skills, excellent communication skills, and deep technical understanding of modern cybersecurity threats and data science/data analytics knowledge to protect and maintain the overall security of Avanade and improve cybersecurity operations processes and procedures.

Responsibilities:

• Gather, integrate, clean, transform, create data models, visualize data, and extrapolate key measures from the fragmented, voluminous, and fast-streaming sources that underlie modern cyberinfrastructure (system logs, security events and incidents, ticket management platform).
• Work closely with business stakeholders to identify business requirements. Develop and maintain key performance indicators (KPIs) and metrics to measure the organization's security program's effectiveness and identify improvement areas.
• Develop, maintain, and present cybersecurity operations metrics dashboards and reports highlighting trends, incidents, actionable insights, and recommendations to stakeholders, including senior management and other security teams.
• Evaluate the effectiveness of existing data collection practices and recommend improvements to foster accuracy in reporting and KPI metrics.
• Participate in incident response efforts, taking appropriate actions to identify, contain, and remediate cybersecurity incidents and threats.
• Collaborate with cybersecurity analysts and engineers to develop effective security solutions and strategies to optimize cybersecurity operations.
• Share, mentor, and help grow the cybersecurity data analytics mindset to new and existing team members.
• Develop and build innovative, more efficient, and automated triage and investigation guides and processes with Python using Sentinel Jupyter Notebooks and Logic Apps.
• Evaluate the effectiveness of existing security measures and incident response procedures and recommend improvements based on data-driven insights. Enhancing security capabilities by evaluating new technologies and processes.
• Leverage Machine Learning algorithms and statistical analysis for alert tunning, reducing alert fatigue and incident response times.
• Leverage Power Platform tools and solutions (Power Automate, Canvas Apps, etc.) to optimize cybersecurity operations processes and incident response efficiency.
• Participate in Insider Risk Management and Data Loss Prevention case investigations, assisting in alert and policy tunning and identifying new and emerging risk areas.
• Ensure data privacy and compliance with relevant regulations and industry standards.
• Stay current with the latest developments in cybersecurity, data science, and related fields to ensure the organization's security measures remain effective and relevant.

Your qualifications and skills likely include:

• Experience with data query languages like KQL, SQL, and SPL.
• Experience building PowerBI reports and dashboards (Advanced Excel, ETL, data modeling, data cleaning, EDA, DAX, M Query, R).
• Experience with Python for Data Science and ML using Jupyter Notebooks (in Azure ML workspace).
• Knowledge of different data types and formats i.e., JSON, YAML.
• Basic cloud knowledge of Azure, AWS, or GCP.
• Basic knowledge and understanding of Power Platform solutions (Power Automate, Canvas Apps, Power Pages, Power Virtual Agents, AI Builder).
• Understanding and knowledge of security tools such as Microsoft Sentinel, Microsoft Defender for Endpoint, Microsoft Defender for Identity, and Microsoft Defender for Cloud.
• Knowledge of commonly accepted information security principles, practices, and techniques attackers would use to identify vulnerabilities, gain unauthorized access, escalate privileges, and access restricted information.
• Experience performing technical analysis involving threat event data and evaluating malicious activity.
• Understanding of incident response phases.
• Capability to quickly script, query, and parse data.
• Collecting, preserving, and analyzing data and digital evidence.
• Knowledge of operating systems, network/system architecture, protocols, enterprise services, and enterprise architecture design.
• Exceptional analytical and critical thinking, willingness to challenge the status quo and innovate. Excellent interpersonal skills.
• Creating thorough reports and documentation of all incidents, investigations, and procedures; presenting findings to team and leadership.
• Exhibit detail-oriented, strong problem-solving, analytical mindset, and troubleshooting skills.
• Advanced written and oral communication, self-motivator. Team player and independent worker, highly adaptive.
• Ability to work across geographically separated and cross-functional teams.
• Ability to be flexible and work quickly and efficiently.
• Ability to react with appropriate urgency to situations and requests while exercising sound judgment, tact, diplomacy, integrity, and professionalism in all written and oral communications.
• One or more security and data science/analytics certifications preferred such as MS Power Platform Fundamentals, MS Power BI Data Analyst, MS Azure Fundamentals, , MS Security, Compliance and Fundamentals, ISC2 Certified in Cybersecurity (CC), or other industry-relevant certifications (SANS GSEC/GCIH, EC-Council CEH, ISC2-CISSP)