Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Identity Access Management (IAM), Microsoft Active Directory
Good to have skills : NA
Minimum
7.5 year(s) of experience is required
Educational Qualification : Bachelor or college degree in related field or equivalent work experience
Summary:
As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve working with Identity Access Management (IAM) and Microsoft Active Directory (AD) to implement and manage cloud security controls.
Roles & Responsibilities:
- Design and implement cloud security architecture, including IAM and AD, to meet business requirements and performance goals.
- Document the implementation of cloud security controls and transition to cloud security-managed operations.
- Collaborate with cross-functional teams to ensure security controls are integrated into the cloud environment.
- Provide technical guidance and support to project teams on cloud security best practices and standards.
Professional & Technical Skills:
Architecture Design and Planning: Lead the design, planning, and architecture of Active Directory domains, forests, and LDAP directories to meet the organization's requirements for scalability, performance, and interoperability. Define directory schema, object classes, attributes, and access controls to support identity and access management needs, ensuring seamless integration between AD and LDAP environments.
Integration Strategy: Develop and implement integration strategies between Active Directory and LDAP directories to enable centralized identity management and authentication across heterogeneous IT environments. Design and implement directory synchronization, federation, and authentication mechanisms to facilitate seamless user access and authentication for internal and external applications.
Domain and Forest Configuration: Architect and configure Active Directory domain controllers and LDAP servers to provide directory services and authentication mechanisms for users and applications. Implement replication topologies, site configurations, and trust relationships to ensure high availability, fault tolerance, and data consistency across AD and LDAP environments.
User and Group Management: Define and enforce user provisioning, de-provisioning, and group membership processes within Active Directory and LDAP directories. Implement access controls, group policies, and role-based access control (RBAC) policies to enforce least privilege principles and ensure data security and compliance with regulatory requirements.
Security and Compliance: Develop and implement security best practices, controls, and auditing mechanisms to protect Active Directory and LDAP environments from unauthorized access, data breaches, and insider threats. Monitor directory logs, events, and access attempts to detect and respond to security incidents promptly. Ensure compliance with regulatory requirements related to identity and access management.
Group Policy Management: Architect and manage Group Policy Objects (GPOs) within Active Directory to enforce security settings, desktop configurations, and application restrictions across organizational units (OUs) and group memberships. Configure security templates, administrative templates, and other policy settings to standardize system configurations and enforce compliance with security policies.
Backup and Recovery: Develop and implement backup and recovery strategies for Active Directory databases, LDAP directories, and system state data. Perform regular backups, test restoration procedures, and maintain backup copies off-site to ensure data integrity and availability in the event of system failures or disasters.
Performance Optimization: Architect and optimize Active Directory and LDAP environments to improve performance, scalability, and reliability. Monitor performance metrics, identify bottlenecks, and implement optimization strategies such as index tuning, query optimization, and infrastructure scaling to ensure optimal directory service performance.
Documentation and Training: Maintain accurate documentation of Active Directory and LDAP configurations, policies, procedures, and architectural guidelines. Provide training, guidance, and support to IT teams, system administrators, and helpdesk staff on Active Directory and LDAP best practices, troubleshooting techniques, and security protocols.
Continuous Improvement: Continuously assess and improve the effectiveness and efficiency of Active Directory and LDAP management processes, tools, and workflows. Implement process improvements, technology enhancements, and best practices to streamline directory management activities and enhance the organization's security posture.
Good to know Azure AD and Azure SSO
Additional Information:
- The candidate should have a minimum of 7.5 years of experience in Identity Access Management (IAM) and Microsoft Active Directory (AD).
- The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful cloud security solutions.
- This position is based at our Gurugram office.
Bachelor or college degree in related field or equivalent work experience
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with 742,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. We are uniquely able to deliver tangible outcomes because of our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song. These capabilities, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us at www.accenture.com.
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.
Accenture is committed to providing veteran employment opportunities to our service men and women.