We are seeking a SAP S/4 Security & Compliance Technical Resource to architect and govern SAP security design, access controls, and compliance frameworks across a highly regulated, multi-entity environment. This role will ensure secure, scalable, and audit-compliant access management aligned with enterprise cybersecurity and regulatory standards.

This is a senior technical governance role combining SAP security architecture expertise with regulatory compliance leadership

Key Responsibilities

Security Architecture & Best Practices

• Design and govern SAP S/4 security architecture aligned to clean-core and least-privilege principles.
• Establish global security standards, naming conventions, and role design methodologies.
• Drive standardization of role templates across global deployments.
• Participate in design authority reviews to ensure security-by-design principles.

User Profiles & Role Design

• Design and maintain SAP S/4:
  • Role-based access controls (RBAC)
  • Composite and single roles
  • Derived roles
  • Organizational-level restrictions
• Align roles to enterprise structure (company codes, plants, sales orgs).
• Ensure segregation of duties (SoD) compliance.
• Support mass user provisioning and lifecycle management.

Single Sign-On (SSO) & Identity Integration

• Design and support SSO integration using:
  • SAML
  • Azure AD / enterprise IAM platforms
  • SAP Identity Authentication Service (IAS)
• Integrate SAP S/4 with enterprise identity and access management (IAM) tools.
• Enable secure authentication across hybrid and cloud landscapes.
• Support multi-factor authentication (MFA) strategies where applicable.

Access Controls & Compliance

• Implement and govern:
  • Segregation of Duties (SoD) frameworks
  • GRC Access Control integration
  • Firefighter / emergency access procedures
  • User access reviews and certification processes
• Ensure compliance with:
  • SOX
  • ITGC controls
  • NIST / CMMC (where applicable)
  • Internal cybersecurity standards
• Support audit preparation and remediation activities.

Regulated Industry Alignment

• Ensure SAP S/4 security design supports:
  • ITAR / export control considerations (if applicable)
  • Data segmentation requirements
  • Controlled access to sensitive financial and operational data
• Maintain audit traceability and documentation standards.
• Collaborate with Cybersecurity, Compliance, and Internal Audit teams.

Transport & Governance Oversight

• Ensure secure transport of roles and authorization objects across environments.
• Validate access controls during system refreshes and client copies.
• Participate in release governance and cutover readiness.
• Maintain detailed documentation for audit and compliance traceability.

Basic Qualifications

• Bachelor’s Degree in Information Systems, Cybersecurity, Computer Science, or related field.
• 8–12&43; years SAP Security experience.
• 2&43; full lifecycle SAP implementations (minimum 1 S/4HANA).
• Experience operating in a regulated or SOX-controlled environment.

Required Expertise

• Deep SAP S/4 security configuration experience.
• Strong expertise in:
  • Role design & authorization objects
  • User profile administration
  • Segregation of Duties analysis
  • SAP GRC Access Control
• Hands-on SSO configuration and IAM integration experience.
• Strong understanding of access control governance frameworks.
• Experience in audit remediation and compliance reporting.

Preferred Qualifications

• Aerospace & Defense or highly regulated industry experience.
• Experience in global template harmonization or carve-out programs.
• Familiarity with SAP BTP security models.
• Exposure to cloud identity integration strategies.

Leadership Competencies

• Governance-oriented and detail-driven.
• Strong collaboration across Cybersecurity, Compliance, and IT teams.
• Executive-level communication and stakeholder engagement capability.
• Ability to balance security rigor with operational enablement.

AERO26