Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Cloud Security Architecture
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: The Virtual Desktops & Bastion Host Specialist is responsible for deploying, managing, securing, and optimizing enterprise Virtual Desktop Infrastructure (VDI) and Bastion Host/Jump Server environments. This role ensures secure remote access, privileged access workflows, and high availability of mission-critical virtual desktop and access gateway platforms. Roles & Responsibilities: - Deploy and manage Bastion Hosts (CyberArk PSM, Teleport, Delinea, PBPS, custom secure jump servers). - Manage privileged session access and enforcement policies. - Configure MFA, role-based access control (RBAC), and least-privilege workflows. - Monitor, record, and audit privileged sessions for compliance and threat detection. - Troubleshoot connectivity issues between Bastion Hosts and backend servers. - Maintain high availability and failover strategies for Bastion infrastructure. - Deploy, configure, and manage VDI environments (Citrix / VMware Horizon / Microsoft AVD). - Maintain and optimize master images, golden images, and application layering. - Manage virtual desktop pools, session hosts, and user assignment policies. - Monitor system performance (CPU, RAM, storage, IOPS) and conduct capacity planning. - Troubleshoot user sessions, profile loading issues, application performance, and connectivity failures. - Implement profile management solutions (FSLogix, Citrix UPM, VMware DEM). - Ensure OS patching, AV updates, and compliance across all VDI instances. - Implement hardening standards for VDI and Bastion systems (CIS Benchmarks, STIGs). - Integrate VDI and Bastion hosts with SIEM, PAM, MFA, and identity platforms (AD, AAD, IDPs). - Conduct access reviews, audit facilitation, and compliance reporting. - Ensure logging, session recording, and secure credential workflows are active and functioning. - Maintain configuration baselines and follow Change Management processes (ITIL). - Automate provisioning, session lifecycle management, and monitoring tasks using scripts (PowerShell, Python). - Manage backup, recovery, and disaster recovery for VDI and Bastion platforms. - Conduct root cause analysis (RCA) for recurring issues. - Provide L3 support for VDI, remote access, Bastion Host issues. - Work closely with Infra, AD, Security, and Application teams to support business operations. - Document system designs, procedures, knowledge base articles, and SOPs. Professional & Technical Skills: - Must To Have Skills: Proficiency in Cloud Security Architecture. - Strong understanding of virtualization (VMware ESXi, Hyper-V), storage, and networking. - Experience with Provide L3 support for VDI, remote access, Bastion Host issues, CyberArk PSM, Teleport, Delinea, or other Bastion/Jump Server solutions - Knowledge of identity and access management in cloud environments. - Familiarity with compliance requirements related to cloud security. - Expertise with AD, Group Policy, MFA integrations, and SSO. Proficiency in PowerShell scripting. - Experience with monitoring tools (ControlUp, Director, Horizon Console, Azure Monitor, etc.). - Good understanding of security fundamentals, RBAC, privileged access workflows. - Strong troubleshooting and problem-solving abilities. - Ability to work in fast-paced environments and manage multiple priorities. - Good communication and stakeholder engagement skills. Additional Information: - The candidate should have minimum 6+ years of experience in VDI and/or Bastion Host administration. - This position is based at our Gurugram office. - A 15 years full time education is required. Certifications preferred: Citrix (CCA-V/CCP-V), VMware VCP-DTM, Microsoft AZ-140 (AVD), PAM/Bastion certifications where applicable. - Experience supporting large-scale enterprise environments (5K 20K+ VDI users).
Gurugram
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.