Consultant, Information Security
Area of expertise:
- Advise clients on the security implications of compliance and regulations such as OSFI, ISO, NIST, PCI, PIPEDA, GDPR etc.
- Carry out threat and risk assessments (TRAs) and develop security architecture to mitigate threats
- Lead and conduct threat modeling activities during Secure Development Lifecycle (SDL)
- Be the “Trusted Advisor” on best practices to protect information
- Actively lead multiple engagements simultaneously and seamlessly
- Mentor junior consultants
- Actively seek and nurture opportunities for business development.
- Lead response to RFPs, scope security programs and assist in closing sales opportunities.
- Actively participate in development of cyber security offerings.
- Methods and identification tools for risks and security threats
- Knowledge of information security standards (OSFI, ISO, NIST, PCI, PIPEDA, GDPR etc.)
- Proficiency in operating systems, database platforms, web technologies, firewalls and programming languages
- Excellent communication skills in written and oral English
- Giving effective advice in large-scale technology projects while working at all levels - with clients and your team.
- Strong technical skills to design and implement O365 Security services with hands on experience on several of the items outlined below:
- Managing identity and access in the Microsoft Cloud:
- Secure Hybrid environments (AD Connect and authentication)
- Azure AD Self-service password reset, Azure AD access reviews)
- Azure AD App Registration
- Azure AD Directory roles
- Authentication Methods (sign-on security, multi-factor authentication (MFA), device sign-on methods, Azure Seamless SSO, ADFS, ADFS Proxy, PHS and PTA)
- Azure AD Conditional Access (Compliance and conditional access policies, device compliance policy, conditional access policy)
- Role-based access control (RBAC)
- Azure AD Privileged Identity Management (PIM)
- Azure AD Identity Protection (User risk policy and sign-in risk policy)
- Azure ATP (Plan and implementation threat protection)
- Advanced knowledge designing, supporting, and upgrading Active Directory environments (Authentication, Authorization, Group Policy Objects, LDAP, PKI, DNS, ADFS, MIM/PAM, LAPS, etc.)
- Experience with domain migrations and consolidations: Merger and Acquisition projects (M&A)
- An understanding of the interdependencies in migration projects (user, workstation, application, network, directory, cloud).
- Knowledge of Red Forest (Enhanced Security Administrative Environment)
- Identity Lifecycle Management
- Knowledge of SAML, OpenID Connect, OAuth, JSON, SPML, SCIM, XACML integration standards.
- Understanding of REST and SOA fundamentals and design.
- Good to have experience with the following Identity and Access Management products: Sailpoint IdentityIQ, CyberArk, ForgeRock, Ping, Okta and Saviynt
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
- GIAC Certified
- MCSE Core Infrastructure
Share this job:
Avanade leads in providing innovative digital services, business solutions and design-led experiences for its clients, delivered through the power of people and the Microsoft ecosystem. Our professionals combine technology, business and industry expertise to build and deploy solutions to realize results for clients and their customers. Avanade has 29,000 digitally connected people across 23 countries, bringing clients the best thinking through a collaborative culture that honors diversity and reflects the communities in which we operate. We welcome all, and seek talented individuals who can bring their whole self to work, build inclusive teams and encourage diversity inside and outside the organization. Majority owned by Accenture, Avanade was founded in 2000 by Accenture LLP and Microsoft Corporation. Learn more at www.avanade.com.
Avanade® Is An Equal Opportunity Employer. Avanade prohibits discrimination and harassment against any employee or applicant for employment because of race, color, age, religion, sex, national origin, gender identity or expression, sexual orientation, disability, veteran, military or marital status, genetic information or any other protected status.
The EEO is the Law poster is available here
and poster supplement is available here
The Pay Transparency Policy is available here
Avanade is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation due to a disability for any part of the employment process, please send an e-mail to Avanade at email@example.com or call (206) 239-5610 and let us know the nature of your request and your contact information.
By using this site, you agree that we can place Cookies on your device. See our Job Applicant Data Privacy Statement and Cookies statement.