Job Description

Join Accenture and help transform leading organizations and communities around the world. The scale of our client engagements and the way we collaborate, operate, and deliver value provides an unparalleled opportunity to grow and advance. Choose Accenture and make delivering innovative work part of your extraordinary career.
Who We Are:
Accenture Cloud First - Infrastructure Engineering. Accenture is a global professional services company with leading capabilities in digital, cloud and security across Strategy & Consulting, Technology, Operations and Industry X--powered by a global network of Advanced Technology and Intelligent Operations centers.
The Work:
Blend consulting, advisory and engineering to shape, assure and land architectures across private data centers, hybrid landing zones and public cloud (Azure/AWS/GCP). Review and advise on architectures, implementations and documentation from project inception through post?deployment closure, ensuring designs meet standards and contracted outcomes. Scope spans identity (Active Directory / Entra ID), core infrastructure, and IT/OT networking, with a strong focus on security, resiliency and operability.
Key Responsibilities:

• Hybrid Cloud & Network Advisory: Lead assessments and target?state blueprints for WAN/LAN/Wi?Fi/DDI, cloud interconnect and network security; quantify the modernization business case (SD?WAN/SASE, observability/tooling) and include IaC readiness (repo standards, branching/approvals, policy baselines).
• Infrastructure Assessments -- Data Center Modernization & Public Cloud Migration: Execute structured infrastructure assessments of DC estates (compute, storage, network, security, DR), app/data dependencies and TCO/FinOps impacts; produce target?state options (private/hybrid/public), migration approaches (rehost/re?platform/refactor), wave plans, cutover runbooks and risk/controls--aligned to landing?zone patterns and IaC operating practices.
• Hybrid Cloud Landing Zones: Design multi?cloud landing zones--policy/guardrails, identity integration, ExpressRoute/Direct Connect/VPN, hub?and?spoke and firewalling--delivered with IaC/GitOps and compliance?as?code; ensure operations, DR and cost controls are built?in.
• IT/OT Segmentation & Assurance: Govern Purdue L0-L5 zoning and the PCN DMZ (L3.5); enforce firewall rule hygiene and periodic policy audits across plants/sites; maintain communications matrices and remediation backlogs (with IaC?driven ruleset baselines where feasible).
• Identity & Directory (Active Directory / Entra ID): Architect and harden AD DS (forests/domains, trusts, Sites & Services, replication, DNS integration), GPO baselines and tiered admin (Tier?0/Tier?1); integrate Entra ID with landing zones (hybrid identity, Conditional Access, Privileged Access Mgmt); define backup/restore/DR patterns and health monitoring.
• Directory & DDI Health Assessments: Plan and execute periodic health baselines for AD DS and DNS/DHCP/IPAM--DCDiag/RepAdmin replication health, SYSVOL state, FSMO roles, time sync, GPO hygiene, tier?0 control checks; authoritative DNS/forwarders, secure dynamic updates, aging/scavenging and stale?record clean?up. Produce executive & technical reports, prioritized remediation and retest evidence; create runbooks/SOPs and monitoring dashboards.
• Domain Name & Addressing Services (DNS/DHCP/IPAM): Own authoritative DNS and split?horizon patterns, DHCP design/relay and IPAM governance across DCs, cloud and OT segments; implement change control, policy hygiene and telemetry for DDI; align naming/forwarders with landing?zone connectivity and security policies.

#LI-EU
Qualifications:

• Bachelor's degree in Computer Science, Information Technology or related field.
• 12+ years' experience across infrastructure and cloud architecture; 7+ years leading enterprise?scale designs and reviews across private data centers and Azure/AWS/GCP.
• Minimum 10 years' experience in infrastructure architecture and security with IT and OT focus, including Purdue segmentation and L3.5 DMZ.
• Deep hands?on expertise in Active Directory / Entra ID (forests/domains, trusts, OU/GPO, DNS/DHCP, tiered admin) and identity integrations with cloud landing zones.
• Proven delivery of secure cloud landing zones (policy/guardrails, logging/monitoring), IaC (Terraform/Bicep/ARM) and automation using PowerShell.
• Experience implementing PAM (e.g., CyberArk) and zero?trust patterns for Tier?0/Tier?1 assets.
• Relevant certifications: CISSP, CCNP (or equivalent), TOGAF 9/10, Azure Network Engineer Associate, Azure Solutions Architect Expert; other major cloud architect certifications (Microsoft/AWS/GCP).

Technical Competencies:

• Hybrid Cloud architecture & landing zones -- Governance and policy/guardrails, identity integration (Entra ID/AD), hub?and?spoke and mesh topologies, ExpressRoute/Direct Connect/VPN interconnect, cloud firewalling, routing, and compliance?as?code patterns across Azure/AWS/GCP.
• Active Directory Domain Services (AD DS) & Entra ID -- Forest/domain and trust design; Sites & Services, replication topology, SYSVOL health; GPO baselines and privileged access tiering (Tier?0/Tier?1); hybrid identity patterns (sync/federation, Conditional Access); backup/restore/DR and operational monitoring.
• Domain Name & Addressing (DDI: DNS/DHCP/IPAM) -- Authoritative and split?horizon DNS, secure dynamic updates, DNSSEC where applicable; DHCP design/relay and high?availability; IPAM governance, subnet lifecycle and address hygiene; aging & scavenging, stale?record cleanup and DDI telemetry.
• Infrastructure?as?Code (IaC) & GitOps -- Terraform/Bicep/ARM (and CloudFormation where relevant); modular registries, versioning, policy?as?code gates, CI/CD promotion (dev ? test ? prod), automated validation, drift detection, secrets management, and change approval integration.
• Network protocols & security controls -- Routing, switching, BGP/EVPN, TLS/IPsec; firewalls, IDS/IPS, WAF; policy hygiene and change governance with repeatable, auditable ruleset baselines.
• Resilient/scalable network designs -- HA/FT designs across DC/edge/cloud; redundancy, fast failover, diverse paths; disaster recovery runbooks and tested RTO/RPO for critical paths (including identity and DDI services).
• Industrial/OT networking & IT/OT integration -- Purdue L0-L5 zoning, PCN DMZ (L3.5), mission?critical plant connectivity; SCADA/ICS protocol awareness and secure inter?zone communications.
• Segmentation & zero?trust patterns -- Macro/micro?segmentation in DC and cloud (NSG/NVA policies, SASE/ZTNA), identity?aware access, and least?privilege enforcement across users, services and workloads.
• Challenging environments & connectivity -- Remote/harsh sites, wireless/satellite links, ruggedized equipment; offline?first considerations and resilient backhaul, with monitored SLAs.
• SD?WAN, virtualization & access control -- SD?WAN (application?aware steering, path conditioning), network virtualization/overlay fabrics, NAC/802.1X; traffic engineering (QoS, shaping, prioritization) across hybrid paths.
• Observability & performance engineering -- Streaming telemetry/flow/synthetic tests; SLO design and error budgets; correlated dashboards for network, identity and DDI; proactive anomaly detection (AIOps) and RCA playbooks.
• Automation & orchestration -- Ansible/Python for config and day?2 ops; Netmiko/ncclient and NAPALM/pyATS (or equivalents) for validation; gen?AI?assisted multi?vendor config translation and pre?deployment checks.
• Security & compliance by design -- Alignment to CIS/NIST/ISO/ISA?62443; privileged access management, key/cert lifecycle; immutable logs and evidence packs baked into pipelines for audit?ready changes.

Professional Skills:

• Excellent written and oral communication for executive and engineering audiences.
• Strong stakeholder management and consulting presence; ability to influence and lead across functions.
• Analytical, structured problem solving with attention to detail and measurable outcomes.
• Strong organization and multi?tasking; comfortable with rapid context switching across engagements.

Workstyle & Travel:
Hybrid role. On?site assessments at plants and data centers as required (typically 25-40%); occasional after?hours cutovers for critical changes.
About Accenture We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.At Accenture, we see well-being holistically, supporting our people's physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We're proud to be consistently recognized as one of the World's Best Workplaces(TM).Join Accenture to work at the heart of change.
Visit us at
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.

Skills Required