Senior Enterprise Architect – Infrastructure, Identity & IT/OT Networking (Cloud)

Join Accenture and help transform leading organizations and communities around the world. The scale of our client engagements and the way we collaborate, operate, and deliver value provides an unparalleled opportunity to grow and advance. Choose Accenture and make delivering innovative work part of your extraordinary career.

Who We Are:

Accenture Cloud First – Infrastructure Engineering. Accenture is a global professional services company with leading capabilities in digital, cloud and security across Strategy & Consulting, Technology, Operations and Industry X—powered by a global network of Advanced Technology and Intelligent Operations centers.

The Work:

Scope spans identity (Active Directory / Entra ID), core infrastructure, and IT/OT networking, with a strong focus on security, resiliency and operability.

Key Responsibilities:

• Hybrid Cloud & Network Advisory: Lead assessments and target‑state blueprints for WAN/LAN/Wi‑Fi/DDI, cloud interconnect and network security; quantify the modernization business case (SD‑WAN/SASE, observability/tooling) and include IaC readiness (repo standards, branching/approvals, policy baselines).
• Infrastructure Assessments — Data Center Modernization & Public Cloud Migration: Execute structured infrastructure assessments of DC estates (compute, storage, network, security, DR), app/data dependencies and TCO/FinOps impacts; produce target‑state options (private/hybrid/public), migration approaches (rehost/re‑platform/refactor), wave plans, cutover runbooks and risk/controls—aligned to landing‑zone patterns and IaC operating practices.
• Hybrid Cloud Landing Zones: Design multi‑cloud landing zones—policy/guardrails, identity integration, ExpressRoute/Direct Connect/VPN, hub‑and‑spoke and firewalling—delivered with IaC/GitOps and compliance‑as‑code; ensure operations, DR and cost controls are built‑in.
• IT/OT Segmentation & Assurance: Govern Purdue L0–L5 zoning and the PCN DMZ (L3.5); enforce firewall rule hygiene and periodic policy audits across plants/sites; maintain communications matrices and remediation backlogs (with IaC‑driven ruleset baselines where feasible).
• Identity & Directory (Active Directory / Entra ID): Architect and harden AD DS (forests/domains, trusts, Sites & Services, replication, DNS integration), GPO baselines and tiered admin (Tier‑0/Tier‑1); integrate Entra ID with landing zones (hybrid identity, Conditional Access, Privileged Access Mgmt); define backup/restore/DR patterns and health monitoring.
• Directory & DDI Health Assessments: Plan and execute periodic health baselines for AD DS and DNS/DHCP/IPAM—DCDiag/RepAdmin replication health, SYSVOL state, FSMO roles, time sync, GPO hygiene, tier‑0 control checks; authoritative DNS/forwarders, secure dynamic updates, aging/scavenging and stale‑record clean‑up. Produce executive & technical reports, prioritized remediation and retest evidence; create runbooks/SOPs and monitoring dashboards.
• Domain Name & Addressing Services (DNS/DHCP/IPAM): Own authoritative DNS and split‑horizon patterns, DHCP design/relay and IPAM governance across DCs, cloud and OT segments; implement change control, policy hygiene and telemetry for DDI; align naming/forwarders with landing‑zone connectivity and security policies.

#LI-EU