Project Role : Security Transformation Practitioner
Project Role Description : Design, develop, and implement security solutions to safeguard digital assets and business operations. Integrate security controls into enterprise systems, applications, and processes to protect against cyber threats, unauthorized access, and data breaches.
Must have skills : Cisco Identity Services Engine (ISE)
Good to have skills : NA
Minimum 2 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary:
As a Security Transformation Practitioner, you will engage in the design, development, and implementation of security solutions aimed at safeguarding digital assets and business operations. Your typical day will involve collaborating with various teams to integrate security controls into enterprise systems, applications, and processes, ensuring robust protection against cyber threats, unauthorized access, and data breaches. You will also analyze existing security measures and recommend enhancements to fortify the organization's security posture, while staying updated on the latest security trends and technologies to effectively address emerging threats.

Roles & Responsibilities:
- Implement & Manage Cisco ISE for NAC: Lead the deployment and configuration of Cisco Identity Services Engine (ISE) to provide robust network access control for client environments.
- Ensure that only authorized and compliant devices connect to client networks by leveraging ISE features like device profiling, posture assessment, and guest/BYOD access management. Integrate ISE with directory services (e.g., Active Directory) and certificate authorities for seamless user authentication and certificate-based network access. Regularly update and tune ISE policies to align with evolving security requirements and to maintain a zero-trust approach to network access.
- Design & Operate Palo Alto Next-Gen Firewalls: Design, deploy, and maintain Palo Alto Networks firewalls as part of a multi-layered defense strategy protecting client applications and data. Configure security policies, NAT rules, and App-ID based controls on Palo Alto Next-Generation Firewalls to enable fine-grained traffic filtering and threat prevention. Utilize advanced Palo Alto features such as IPS/IDS, content filtering, WildFire for zero-day malware detection, and User-ID integration to enforce security based on user identity and behavior. Set up and manage VPN connectivity (GlobalProtect) for secure remote access and site-to-site VPNs, ensuring encryption and protection of data in transit. Leverage Panorama (Palo Alto s centralized management) to manage firewall deployments at scale, maintaining consistent security policies and performing efficient rule updates across multiple client firewalls. Conduct regular firewall rule base reviews and optimizations to eliminate unnecessary access and ensure alignment with best practices.
- Documentation & Training: Develop and maintain thorough documentation for all security solutions and changes. This includes creating network security architecture diagrams, ISE policy configuration documents, firewall rule change logs, standard operating procedures (SOPs), and client-specific security policy guides. Ensure that all design and configuration changes are clearly recorded and accessible to both the internal team and the client s IT stakeholders. In addition, lead knowledge transfer and training sessions for clients internal teams to ensure they understand the deployed security controls. Provide user-friendly guides or runbooks for day-to-day management of ISE (e.g., onboarding new devices, managing network access for users) and Palo Alto firewalls (e.g., updating security policies, responding to alerts).

Professional & Technical Skills:
- Cisco ISE Expertise: In-depth knowledge of Cisco Identity Services Engine (ISE) and Network Access Control concepts. Ability to configure Cisco ISE for 802.1X authentication, device profiling, posture assessment, guest access, and Bring Your Own Device (BYOD) scenarios. Familiarity with ISE integration into heterogeneous networks. Strong troubleshooting skills with ISE components (e.g., debugging authentication issues, analyzing ISE live logs, monitoring RADIUS Live Sessions) to quickly resolve access problems.
- Palo Alto Networks Firewall Mastery: Hands-on experience with Palo Alto Networks Next-Generation Firewalls, including designing and implementing firewall architectures for medium to large enterprises. Proficient in creating and optimizing firewall policies, NAT rules, and VPN configurations. Expertise in Palo Alto s advanced features – such as content security subscriptions (Threat Prevention, URL Filtering, WildFire sandboxing), GlobalProtect VPN for remote users, SSL decryption, and user identification services. Experience managing multi-site or multi-device firewall deployments using Panorama for centralized management and log analysis. Ability to perform firmware upgrades, backups, and high-availability (HA) configurations on Palo Alto appliances. Industry knowledge of comparable next-gen firewall platforms (Cisco Firepower, Fortinet, etc.) is a plus, but deep familiarity with Palo Alto s platform is required.
- Network Security Fundamentals: Strong foundation in general networking and security principles. Thorough understanding of networking protocols and concepts (TCP/IP, VLANs, subnetting, routing protocols like OSPF/BGP, VPN technologies, etc.) and how to apply security controls to them. Proficiency in configuring and securing network devices such as routers, switches, and wireless LAN controllers, including implementing Access Control Lists (ACLs), Quality of Service (QoS), NAT, and segmentation rules across various platforms. Familiarity with intrusion detection/prevention systems, web proxies, DDoS protection, and other network security tools is expected. Comfortable using network analysis and diagnostic tools (e.g., Wireshark, tcpdump) to troubleshoot complex connectivity or security issues.
- Certification: Information Security, or related field (or equivalent professional experience).
- Professional certifications are highly valued – in particular, Cisco Security certifications (CCNP Security, CCIE Security) and/or Palo Alto Networks Certified Network Security Engineer (PCNSE) are strongly preferred. These demonstrate validated expertise with Cisco s and Palo Alto s platforms, respectively. Additional relevant certs such as Cisco Certified Specialist
– Security Identity Management (SISE) (300-715) or Palo Alto PCNSA, and broader security certifications like CISSP or CCSP are a plus and indicate a commitment to ongoing professional development.
- Multi-Vendor & Cloud Security Experience: While Cisco ISE and Palo Alto are the primary focus, experience with additional network security technologies is beneficial. Familiarity with other firewall and VPN platforms (e.g., Cisco ASA/Firepower, Check Point, Fortinet) or load balancers like F5 can be useful in heterogeneous client environments. Experience with cloud security controls (AWS and Azure network security groups, cloud-native firewalls, or SASE solutions like Zscaler) is a strong plus, as many clients operate hybrid cloud environments. Understanding how to integrate on-premises security (like ISE NAC and hardware firewalls) with cloud-based security services will set you apart.
- Advanced Security Certifications: In addition to the required certifications, any further industry certifications that demonstrate broad security expertise or specialized skills will be advantageous. Relevant examples include Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or vendor-specific expert-level certs such as Cisco CCIE Security or Palo Alto Networks PCNSE (if not already obtained).

Additional Information:
- The candidate should have Minimum 3 years of experience in IT security with a focus on network security and infrastructure security.
- Proven track record in roles such as Network Security Engineer or Security Consultant, with hands-on work in deploying and managing network access control systems and firewall technologies in enterprise environments.
- Experience in client-facing or consulting roles is highly desirable, as this position requires direct engagement with customers to design and implement security solutions.
- A 15 years full time education is required.

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us at www.accenture.com 

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.