Job Description

Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : SAP Identity and Access Management, SAP Cloud Identity Services
Good to have skills : NA
Minimum 7.5 year(s) of experience is required
Educational Qualification : 15 years full time education

As a SAP ILM / IRM Security Architect, your typical day involves in Managing and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security. Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls). This role requires careful planning and documentation of security controls to ensure a smooth transition to cloud security-managed operations. The position demands continuous evaluation and refinement of security architectures to support evolving business needs and technological advancements, fostering a secure and resilient cloud environment.

Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Responsible for team decisions.
- Manage and coordinate day-to-day security operations across IAM (CIS/IAG), SAP security, Entra ID, and infrastructure security
- Ensure compliant execution of access management processes (user provisioning, role assignment, SoD controls)
- Oversee SAP roles and authorization management, including Fiori activation and transport-related security aspects
- Coordinate firewall and WAF rule management in alignment with security policies and change processes
- Ensure proper security monitoring and incident handling, including SIEM integration and escalation management
- Act as the offshore lead for security delivery, ensuring SLA adherence and operational quality
- Support audit activities, evidence collection, and compliance reporting (e.g. EnWG, ISO 27001, KRITIS)
- Enforce segregation of duties and environment separation (PROD vs NON-PROD, Lot 1 vs Lot 2)
- Drive continuous improvement and automation of security processes

Professional & Technical Skills:
- Must To Have Skills: Proficiency in SAP Identity and Access Management.
- Strong knowledge of cloud security principles and best practices related to identity and access management.
- IAM & Identity Federation
- Strong understanding of identity architectures with Microsoft Entra ID, SAP Cloud Identity Services (CIS)
- Experience with SAP Identity Access Governance (IAG)
- Experience with federation protocols (SAML 2.0, OpenID Connect, OAuth2)
- Knowledge of user lifecycle management and provisioning (IPS/SCIM)
- Understanding of SoD (Segregation of Duties) concepts and governance processes
- SAP Security & Authorization Deep knowledge of SAP authorization concepts (PFCG)
- Experience with S/4HANA (ideally IS-U) security and role design Understanding of Fiori authorization model (catalogs, groups, roles)
- Familiarity with SAP BTP security concepts (Role Collections, XSUAA)
- Security Operations & Monitoring
- Experience with SIEM tools and security monitoring processes
- Understanding of log analysis across SAP, BTP, and identity systems
- Ability to manage security incidents and escalations
- Knowledge of audit logging and compliance requirements
- Network & Infrastructure Security
- Basic to advanced understanding of:
- Firewall (FW) management
- Web Application Firewall (WAF)
- Understanding of secure connectivity concepts (e.g. Cloud Connector, reverse proxy, API protection)
- Cloud & Platform Security Experience with SAP BTP security architecture
- Understanding of cloud-native security principles (Zero Trust, least privilege)
- Knowledge of multi-tenant architectures and isolation mechanisms
- Regulatory & Compliance Knowledge
- Familiarity with German EnWG and unbundling requirements (highly desirable)
ISO 27001 / ISMS processes
- Audit and compliance frameworks (KRITIS, SOC, etc.)
- Ability to translate regulatory requirements into operational controls
- Delivery & Coordination Skills
- Strong experience in service delivery management (ITIL-based)
- Ability to manage offshore teams and coordinate across time zones
- Experience in stakeholder management (onshore/offshore model)
- Strong incident, change, and problem management skills
- Strong communication skills (English mandatory, German a plus)
- High level of ownership and accountability,
- Ability to work in complex, regulated environments
- Structured and audit-oriented mindset
- Experience with SAP IAG Access Risk Analysis (ARA)
- Knowledge of automation tools / job schedulers in SAP environments
- Exposure to DevSecOps practices
- Experience in energy/utilities sector

Additional Information:
- The candidate should have minimum 9 years of experience in SAP Identity and Access Management.
- This position is based at our Mumbai office.
- A 15 years full time education is required.15 years full time education

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.

Visit us atwww.accenture.com

Equal Employment Opportunity Statement

We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, militaryveteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicablelaw. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.