Cloud Application Security (AWS and Azure)

About the role

The Security Architect is responsible for leading the development of information security architecture and ensuring technology initiatives are implemented within the framework to make our client's cloud environments more secure. The Security Architect is accountable for securing enterprise information by identifying network and application security requirements, planning, implementing and testing security controls and procedures. The role of the Security Architect is to be customer facing and to play an active role in transforming our client's Security through designing and implementing Security technologies on-premise and in the cloud.

Day-to-day, you will:

  • Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud based security offerings.
  • Propose, design, plan and execute strategic and tactical operational security objectives.
  • Perform deep analysis and develop metrics that measure current risk
  • Develop metrics that effectively evaluate and manage threats
  • Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats.
  • Communicate threat intelligence and vulnerability management options
  • Analyzing threats and current security controls to identify gaps in current defensive posture
  • Meet with clients and leading workshops

The ideal candidate must have strong foundation across Microsoft technology stack and Azure security offerings and the ability to communicate security and risk-related concepts to key stakeholders along with experience with the following:


Skill Required:
  • Azure Active Directory including Synchronization and Active Directory Federation Services (ADFS)
  • Azure Tennant and Subscription Management
  • Microsoft Azure and Office 365
  • PKI Design and Implementation
  • Cloud Application Security (CAS)
    • Implementation (install) and configuration, validation testing,
    • Policy compliance based on pre-defined Microsoft Templates, configuration, and reporting Splunk Integration
    • Event hub for Splunk Integration (SIEM)_
    • Azure Application Alerts
    • Azure permissions (including out of box roles (e.g. contributor) and RBAC permissions
    • Application integration with CAS
    • Troubleshooting and support
    • Data security and privacy
  • Identity Access and Management
  • Technical documentation (i.e. design, operational runbook)
  • Windows Server Operating Systems Administration (2012 R2 and higher)

Non-Technical Skills:
  • Requirement gathering and assessment
  • Exception verbal and written communications to key stakeholders, technical and non-technical.
  • Familiar with Microsoft Project

  • Advanced Threat Analytics (ATA)

Recommended Certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Cloud Security Professional (CCSP)

Requisition ID - 55215

Avanade is the leading provider of innovative digital and cloud-enabling services, business solutions and design-led experiences, delivered through the power of people and the Microsoft ecosystem. Majority owned by Accenture, Avanade was founded in 2000 by Accenture LLP and Microsoft Corporation and has 30,000 professionals in 24 countries. Visit us at

Back to top