Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : CyberArk Privileged Access Management
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: Hands-on with PAM (HashiCorp Vault / Thycotic) The PAM Consultant will be responsible for designing, implementing, administering, and optimizing Privileged Access Management solutions using HashiCorp Vault and Delinea (Thycotic) Secret Server. The role ensures secure credential management, privileged session governance, policy enforcement, and compliance across hybrid and multi-cloud environments. Roles & Responsibilities: -Deploy, configure, and maintain HashiCorp Vault Enterprise (Secrets Engine, PKI, KV, Transit, Identity, Workflow Automation). -Administer Thycotic Secret Server / Delinea Privilege Manager including safe creation, secret rotation, workflows & access policies. -Build and maintain credential rotation policies for servers, databases, applications, and cloud workloads. -Troubleshoot Vault and Thycotic infrastructure issues, integrations, and performance bottlenecks. -Implement PAM controls across AD, cloud (Azure/AWS/GCP), Linux/Unix, Network devices, and DevOps pipelines. -Manage onboarding of privileged accounts, application accounts, and service accounts. -Enforce least-privilege access, just-in-time access, and session monitoring policies. -Conduct periodic privileged access reviews and compliance reporting. Integrate Vault/Thycotic with identity platforms (Azure AD, Okta, Ping, AD). Automate secret retrieval and rotation using APIs, REST, CLI, Terraform, Python, or Ansible. Enable Vault integrations with CI/CD tools (GitHub, GitLab, Jenkins, Argo, Kubernetes). Implement Vault Agent / sidecar patterns in containerized environments. Monitor PAM system health, performance, logging, and event anomalies. Support incident investigations involving privileged misuse or credential exposure. Implement robust backup, disaster recovery, and high-availability configurations. Conduct vulnerability remediation related to privileged account exposures. Maintain architecture diagrams, SOPs, and operational runbooks. Provide PAM guidance to application teams, cloud teams, and security stakeholders. Conduct training sessions for privileged users and operational teams. Professional & Technical Skills: -Hands-on experience with HashiCorp Vault (Enterprise preferred): -Secrets Engines (KV v2, DB, SSH, Transit, PKI, AWS, Azure) -Vault clusters, namespaces, HSM integration, replication -Vault authentication methods (OIDC, LDAP, Kubernetes) -Strong expertise in Delinea/Thycotic Secret Server: -Secret lifecycle management -PAM workflows, password rotation -Privileged Session Management -Good understanding of IAM, RBAC, MFA, SSO and Zero Trust. -Windows & Linux administration -Active Directory privileged account management -Cloud IAM (Azure AD, AWS IAM, GCP IAM) -Scripting: PowerShell, Bash, Python -Infrastructure-as-Code: Terraform, Ansible -REST APIs and automation frameworks. -HashiCorp Vault Associate / Vault Expert Certification. -Delinea / Thycotic Secret Server Professional Certification. -Experience with PAM in regulated industries (BFSI, Healthcare, Energy). -Exposure to DevSecOps, Kubernetes security, and cloud security architecture. Additional Information: - The candidate should have minimum 3 years of experience in CyberArk Privileged Access Management. - This position is based at our Bengaluru office. - A 15 years full time education is required.
Bengaluru
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.