SAP Security Architect

Security Architect - Roles and Authorizations Specialist

• Location: London - Hybrid

We are seeking a highly skilled Security Architect with specialised expertise in roles and authorisations across both SAP and Non-SAP systems, focusing on the SAP S/4HANA Public Cloud Professional Services Edition. This role is critical for designing, building, and implementing roles, Privileged Access Management (PAM) solutions, and Identity and Access Management (IAM) strategies within a complex cross-platform ecosystem.

Required Skills & Qualifications:

Relevant security certifications (eg, CISM, CISSP, SAP Security Certification) preferred.

• Experience:
  • 5+ years of experience in SAP security architecture with a focus on roles and authorisations, including S/4HANA Public Cloud.
  • Proven experience in designing and implementing IAM and PAM solutions for SAP and integrated Non-SAP systems.
  • In-depth understanding of SAP GRC and its transformation to SAP IAG in S/4HANA Public Cloud.
• Skills:
  • Strong knowledge of SAP security architecture, including S/4HANA, Fiori, and SAP BTP.
  • Expertise in RBAC, SoD, and GRC tools.
  • Proficiency with SAP IAG and security controls in cloud environments.

• Hands-on experience with SAP Fiori security and authorisations.
• Specific hands-on experience with IAG module in Public Cloud.
• Knowledge of Zero Trust security models and their application in cloud environments.

1. Security Design and Architecture:
   • Update and implement a comprehensive roles and authorisation framework for SAP S/4HANA Public Cloud and integrated Non-SAP systems.
   • Lead the migration of Legacy ECC GRC security configurations to the new SAP IAG platform, ensuring modern security standards alignment.
   • Establish secure integration between SAP S/4HANA Public Cloud and SAP BTP, considering best practices for identity and authorisation management.
2. Governance, Risk, and Compliance (GRC):
   • Oversee the transformation from ECC-based GRC to IAG for the Professional Services Public Cloud, developing new authorisation concepts and SoD controls.
   • Ensure that security solutions meet audit, regulatory, and compliance requirements for SAP and Non-SAP environments.
3. Roles & Authorisations Management:
   • Develop, implement, and manage RBAC models for SAP S/4HANA and integrated systems.
   • Perform role and user access reviews and ensure proper management of privileged accounts across all platforms.
4. Privileged Access Management (PAM):
   • Implement and manage PAM solutions, ensuring secure management of privileged accounts.
5. SAP Business Technology Platform (BTP) Integration:
   • Design secure access management strategies for applications and services on the SAP BTP.
6. Security Operations and Continuous Improvement:
   • Perform regular security audits and risk assessments to identify vulnerabilities or gaps in role and authorisation management.
   • Act as a subject matter expert in security and authorisation concepts, providing training and guidance on best practices

This role is pivotal to the organisation's security posture as it transitions to the SAP S/4HANA Public Cloud. The Security Architect will ensure that roles, authorisations, and access management systems are built to support both current and future business needs while maintaining the highest security standards.