Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Ping Identity
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education

Summary: Experience in IAM/SI architecture and engineering.The SI Engineer/Architect will be responsible for end-to-end design, development, and delivery of Identity & Access Management (IAM), Directory Services, Privileged Access Management (PAM), Public Key Infrastructure (PKI), and Cloud integration projects. The role involves solution architecture, hands-on engineering, enhancement of existing platforms, and ensuring alignment with enterprise security standards. Roles & Responsibilities: Lead and execute SI initiatives across IAM, IGA, PAM, AD, PKI, and cloud platforms. -Translate business requirements into scalable, secure technical designs. -Develop integration workflows, custom connectors, APIs, and automation scripts. -Coordinate with cross-functional teams for seamless deployment and project success. -Provide LLD/HLD documents, integration diagrams, and architectural artefacts. Design, configure, and implement SailPoint IdentityIQ modules (LCM, Compliance Manager, Certifications). Develop custom rules, workflows, connectors, aggregation tasks, and provisioning logic. Identity lifecycle automation (joiner/mover/leaver), RBAC, role modelling, SoD policies. Upgrade, optimize, and troubleshoot large-scale SailPoint environments. -Ping Federate, PingOne, PingID MFA, Ping Directory, PingOne Cloud Platform -Architect, deploy, and manage SSO, MFA, and federation solutions. -Configure OAuth, OIDC, SAML integrations across enterprise applications. -Implement adaptive authentication, MFA policies and conditional access. -Manage Ping Directory objects, synchronization, schema updates, and data modelling. -Develop custom authentication flows using PingFlows, APIs, hooks, and automation toolkits. -Semperis, AD, Azure AD / Entra ID -Strengthen AD and AAD security posture using Semperis Directory Services Protector (DSP) and DRA. -Monitor and respond to AD anomalies, replication issues, and identity threats. -AD/AAD architecture, GPO design, OU modelling, DNS/DHCP dependencies. -Implement conditional access, identity protection, SSO integrations and secure hybrid identity. -PKI – EBCA, Venafi, Microsoft CA -Architect and maintain enterprise PKI solutions for certificates, keys, signing, TLS/SSH. -Integrate Venafi Trust Protection Platform (TPP) for certificate automation. -Manage EBCA-based CA/RA operations, policy enforcement and lifecycle governance. -Create certificate issuance workflows and automate renewal processes using APIs. -Privileged Access Management (PAM) -HashiCorp Vault, Thycotic Secret Server)- Architect and manage PAM platforms for secrets, credentials, and privileged session governance. -Implement automated secret rotation, vaulting, token-based access, and workflow policies. -Integrate PAM systems with servers, databases, DevOps pipelines, and cloud services. -Develop automation using Vault API, Secret Server API, CLI, or Terraform. -Implement IAM, security, and identity federation in cloud environments. -Manage cloud directory services, access policies, and role-based permissions. -Integration of cloud services with Ping, SailPoint, PAM, PKI, and AD. -Support cloud-native security tools (Azure Identity Protection, AWS IAM, Oracle IAM). -Enterprise Architecture & Governance -Define architecture patterns, guardrails, and integration standards. -Conduct security assessments, gap analysis, and technical risk reviews. -Ensure solutions comply with enterprise security controls and regulatory standards. -Create roadmaps for identity modernization and architecture transformation. Professional & Technical Skills: -Strong hands-on expertise in SailPoint IIQ, Ping Identity suite, and AD/AAD. -Experience with Semperis, PAM systems (HashiCorp, Thycotic), Venafi/EBCA/MS PKI. -Solid understanding of cloud IAM (Azure, AWS, Oracle). -Proficiency in scripting (PowerShell, Python, Bash) and REST/SOAP APIs. -Excellent documentation and stakeholder communication skills. -SailPoint Certified Engineer -Ping Identity Professional/Architect -Microsoft Identity & Access Administrator (SC-300) -AWS / Azure Security Certifications -HashiCorp Vault Associate -Venafi or PKI-specific certifications Additional Information: - The candidate should have minimum 7.5 years of experience in Identity and Access Management (IAM) Operations. - This position is based at our Bengaluru office. - A 15 years full time education is required.

15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us at www.accenture.com 

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.