@Roger Roger
Thank you for your post!
Assigning the Security Reader role in AzureAD to your user will work. However, keep in mind that you can assign this at the Azure AD or resource level with Azure RBAC (IAM). Depending on your requirements, the Azure AD Security Reader role and the Azure RBAC Security Reader role will give you a different set of permissions. For example, the AzureAD role will give a user global read-only access for security-related features, while the RBAC role will give the user view permissions (recommendations, alerts, a security policy, and security states) for Security Center.
For more info:
Azure AD Security Reader
Azure RBAC Security Reader
Permissions in Azure Security Center
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.