Security Architect
Security Managed Services Team Lead/Consultant
|
Full time
|
Experience: 5-10 years
Job No. ATCI-5538731-S2021714
|
Mumbai
|
Required Skill: SAP Identity and Access Management,SAP Cloud Identity Services
Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : SAP Identity and Access Management, SAP Cloud Identity Services
Good to have skills : NA
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As a SAP ILM / IRM Security Architect, your typical day involves in Managing and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security. Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls). This role requires careful planning and documentation of security controls to ensure a smooth transition to cloud security-managed operations. The position demands continuous evaluation and refinement of security architectures to support evolving business needs and technological advancements, fostering a secure and resilient cloud environment.
Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Responsible for team decisions.
- Manage and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security
- Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls)
- Oversee SAP roles and authorization management, including Fiori activation and transport-related security aspects
- Coordinate firewall and WAF rule management in alignment with security policies and change processes
- Ensure proper security monitoring and incident handling, including SIEM integration and escalation management
- Act as the offshore lead for security delivery, ensuring SLA adherence and operational quality
- Support audit activities, evidence collection, and compliance reporting (e.g. EnWG, ISO 27001, KRITIS)
- Enforce segregation of duties and environment separation (PROD vs NON-PROD, Lot 1 vs Lot 2)
- Drive continuous improvement and automation of security processes
Professional & Technical Skills:
- Must To Have Skills: Proficiency in SAP Identity and Access Management.
- Strong knowledge of cloud security principles and best practices related to identity and access management.
- IAM & Identity Federation
- Strong understanding of identity architectures with Microsoft Entra ID, SAP Cloud Identity Services (CIS)
- Experience with SAP Identity Access Governance (IAG)
- Experience with federation protocols (SAML 2.0, OpenID Connect, OAuth2)
- Knowledge of user lifecycle management and provisioning (IPS/SCIM)
- Understanding of SoD (Segregation of Duties) concepts and governance processes
- SAP Security & Authorization Deep knowledge of SAP authorization concepts (PFCG)
- Experience with S/4HANA (ideally IS-U) security and role design Understanding of Fiori authorization model (catalogs, groups, roles)
- Familiarity with SAP BTP security concepts (Role Collections, XSUAA)
- Security Operations & Monitoring
- Experience with SIEM tools and security monitoring processes
- Understanding of log analysis across SAP, BTP, and identity systems
- Ability to manage security incidents and escalations
- Knowledge of audit logging and compliance requirements
- Network & Infrastructure Security
- Basic to advanced understanding of:
- Firewall (FW) management
- Web Application Firewall (WAF)
- Understanding of secure connectivity concepts (e.g. Cloud Connector, reverse proxy, API protection)
- Cloud & Platform Security Experience with SAP BTP security architecture
- Understanding of cloud-native security principles (Zero Trust, least privilege)
- Knowledge of multi-tenant architectures and isolation mechanisms
- Regulatory & Compliance Knowledge
- Familiarity with German EnWG and unbundling requirements (highly desirable)
ISO 27001 / ISMS processes
- Audit and compliance frameworks (KRITIS, SOC, etc.)
- Ability to translate regulatory requirements into operational controls
- Delivery & Coordination Skills
- Strong experience in service delivery management (ITIL-based)
- Ability to manage offshore teams and coordinate across time zones
- Experience in stakeholder management (onshore/offshore model)
- Strong incident, change, and problem management skills
- Strong communication skills (English mandatory, German a plus)
- High level of ownership and accountability,
- Ability to work in complex, regulated environments
- Structured and audit-oriented mindset
- Experience with SAP IAG Access Risk Analysis (ARA)
- Knowledge of automation tools / job schedulers in SAP environments
- Exposure to DevSecOps practices
- Experience in energy/utilities sector
Additional Information:
- The candidate should have minimum 8 years of experience in SAP Identity and Access Management.
- This position is based at our Mumbai office.
- A 15 years full time education is required.
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : SAP Identity and Access Management, SAP Cloud Identity Services
Good to have skills : NA
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As a SAP ILM / IRM Security Architect, your typical day involves in Managing and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security. Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls). This role requires careful planning and documentation of security controls to ensure a smooth transition to cloud security-managed operations. The position demands continuous evaluation and refinement of security architectures to support evolving business needs and technological advancements, fostering a secure and resilient cloud environment.
Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Responsible for team decisions.
- Manage and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security
- Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls)
- Oversee SAP roles and authorization management, including Fiori activation and transport-related security aspects
- Coordinate firewall and WAF rule management in alignment with security policies and change processes
- Ensure proper security monitoring and incident handling, including SIEM integration and escalation management
- Act as the offshore lead for security delivery, ensuring SLA adherence and operational quality
- Support audit activities, evidence collection, and compliance reporting (e.g. EnWG, ISO 27001, KRITIS)
- Enforce segregation of duties and environment separation (PROD vs NON-PROD, Lot 1 vs Lot 2)
- Drive continuous improvement and automation of security processes
Professional & Technical Skills:
- Must To Have Skills: Proficiency in SAP Identity and Access Management.
- Strong knowledge of cloud security principles and best practices related to identity and access management.
- IAM & Identity Federation
- Strong understanding of identity architectures with Microsoft Entra ID, SAP Cloud Identity Services (CIS)
- Experience with SAP Identity Access Governance (IAG)
- Experience with federation protocols (SAML 2.0, OpenID Connect, OAuth2)
- Knowledge of user lifecycle management and provisioning (IPS/SCIM)
- Understanding of SoD (Segregation of Duties) concepts and governance processes
- SAP Security & Authorization Deep knowledge of SAP authorization concepts (PFCG)
- Experience with S/4HANA (ideally IS-U) security and role design Understanding of Fiori authorization model (catalogs, groups, roles)
- Familiarity with SAP BTP security concepts (Role Collections, XSUAA)
- Security Operations & Monitoring
- Experience with SIEM tools and security monitoring processes
- Understanding of log analysis across SAP, BTP, and identity systems
- Ability to manage security incidents and escalations
- Knowledge of audit logging and compliance requirements
- Network & Infrastructure Security
- Basic to advanced understanding of:
- Firewall (FW) management
- Web Application Firewall (WAF)
- Understanding of secure connectivity concepts (e.g. Cloud Connector, reverse proxy, API protection)
- Cloud & Platform Security Experience with SAP BTP security architecture
- Understanding of cloud-native security principles (Zero Trust, least privilege)
- Knowledge of multi-tenant architectures and isolation mechanisms
- Regulatory & Compliance Knowledge
- Familiarity with German EnWG and unbundling requirements (highly desirable)
ISO 27001 / ISMS processes
- Audit and compliance frameworks (KRITIS, SOC, etc.)
- Ability to translate regulatory requirements into operational controls
- Delivery & Coordination Skills
- Strong experience in service delivery management (ITIL-based)
- Ability to manage offshore teams and coordinate across time zones
- Experience in stakeholder management (onshore/offshore model)
- Strong incident, change, and problem management skills
- Strong communication skills (English mandatory, German a plus)
- High level of ownership and accountability,
- Ability to work in complex, regulated environments
- Structured and audit-oriented mindset
- Experience with SAP IAG Access Risk Analysis (ARA)
- Knowledge of automation tools / job schedulers in SAP environments
- Exposure to DevSecOps practices
- Experience in energy/utilities sector
Additional Information:
- The candidate should have minimum 8 years of experience in SAP Identity and Access Management.
- This position is based at our Mumbai office.
- A 15 years full time education is required.
15 years full time education
Mumbai
平等就业机会声明
所有聘用决定均不考虑年龄、种族、信仰、肤色、宗教、性别、国籍、血统、残疾状况、退伍军人身份、性取向、性别认同或表达、基因信息、婚姻状况、公民身份或任何其他受联邦、州或地方法律保护的因素。
求职者在招聘过程中没有义务披露已封存或已删除的定罪或逮捕记录。
埃森哲致力于为我们的男女军人提供退伍军人就业机会。
请阅读埃森哲的招聘和聘用声明,了解更多关于我们在招聘和聘用过程中如何处理您的数据的信息。
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.