114 272
18 394
SAP Security Lead Miejsce pracy: Kraków Recruitment for We are seeking an experienced SAP Identity Lead to manage and implement comprehensive Identity and Access Management frameworks across our SAP Applications landscape consistently and efficiently. This role leads identity security initiatives, ensuring compliance and integrating identity governance (IGA) across all SAP business applications. It is crucial for protecting SAP system integrity and confidentiality, aligning with both internal policies and external regulations, and integrating Identity and Access Management processes and teams. Your responsibilities Manage SAP GRC Access Control configurations to enforce Segregation of Duties policies, perform risk assessments, and orchestrate multi-level role approval workflows. Design and maintain SAP role hierarchies and organisational structures with accurate job code mappings to support scalable access governance and compliance requirements. Design and implement robust role-based access controls for various user groups, tailored to their job functions and responsibilities. Manage user provisioning, de-provisioning, and access lifecycle across all SAP systems. Configure, execute and drive custom build UAR workflow and document compliance findings. Monitor and audit all emergency/firefighter access to verify business justification, enforce automatic expiration, and prevent unauthorised privilege escalation. Conduct regular security audits, risk assessments, and SoD analysis to identify vulnerabilities and proactively mitigate risks within SAP environments. Define and Manage authorisation concepts and roles for SAP S/4HANA (Fiori), S/4 HANA Public cloud, SAP Concur, SAP SuccessFactors, SAP DRC, SAP EWM, IAS User groups, SAP BTP, SAP CXs, ensuring alignment with business requirements and best practices. Configure identity connectors for SAP systems (GRC, ECC, S/4HANA, CRM, BPC, BW). Design provisioning workflows and approval matrices in IGA platforms. Establish synchronisation between on-premises AD/Entra ID and SAP user repositories. Collaborate closely with Local IT and business teams to develop and execute security strategies that support the organisation’s objectives and digital transformation initiatives. Provide technical support and troubleshooting for users encountering authorisation and access issues, ensuring timely resolution and minimal disruption to business operations. Document security processes, procedures, and changes in line with audit and regulatory requirements. Employer requirements 5–10 years of SAP Security experience across ECC, S/4HANA, GRC, CRM, BPC, and BW, including authorisations, role design, SoD, and firefighter access. Expert in SAP RBAC, role design, and role maintenance. Strong knowledge of SoD analysis, configuration, and remediation. Hands-on experience with SAP GRC Access Control, EAM, and risk analysis tools. Working knowledge of SailPoint or comparable IGA platforms (Saviynt, Okta, etc.). Experience integrating SAP with identity systems (connectors, data sync, APIs). Familiarity with IT security frameworks (ISO 27001, NIST). Strong analytical, problem-solving, and cross‑functional communication skills. Experience with audits, compliance activities, and reporting. Ability to stay current with SAP security notes, patches, and regulatory changes. Bachelor’s degree in computer science, Information Technology, or a related field. SAP Product Expertise: Demonstrable hands-on experience with SAP GRC, ECC, SAP S/4HANA and Fiori systems, including their security and authorisation concepts. Exposure to IGA platforms. Knowledge of API-based integrations and modern IAM architectures Optional SAP Certified Associate: Authorisations and Compliance (CSAC2102 or equivalent) SAP Certified Specialist: SAP GRC Authorisations and Compliance