Job Description

Implements strategic cybersecurity initiatives, driving the development and enforcement of security policies, risk management processes, and incident response protocols. Leads security projects and operational processes that enhance organizational resilience against cyber threats. Directs security activities within projects, overseeing teams responsible for risk assessments, threat mitigation, compliance, and infrastructure protection. Works on complex security challenges, requiring an in-depth evaluation of emerging threats, regulatory requirements, and business impact, often adapting traditional security models to develop innovative defensive strategies. Communicates with and influences management, offering insightful cybersecurity recommendations, strategic guidance, and risk mitigation plans. Strengthens relationships with internal and external stakeholders.

THE OPPORTUNITY:

Join our forward-thinking team as a SAVIYNT Architect responsible for designing, implementing, and optimizing Identity Governance and Administration (IGA) solutions using the Saviynt Security Manager (SSM) platform. This role requires a blend of SAVIYNT and SAP Security skillset. The architect will collaborate with security, IT, compliance, and business teams to deliver end-to-end identity lifecycle management, access governance and application onboarding.

WHAT WE'RE LOOKING FOR:

1. Architecture & Design

• Develop and maintain the overall Saviynt solution architecture aligned with enterprise IAM strategy.
• Design end-to-end workflows for identity lifecycle management, provisioning, access requests, and certifications.
• Architect integrations between Saviynt and HRMS, Active Directory, Azure AD, SAP, cloud systems, and custom applications.

2. Implementation & Configuration

• Lead Saviynt configuration includes workflows, rules, roles, analytics, dashboards, connectors, and access policies.
• Design and build custom Saviynt connectors using REST APIs, JDBC, and SCIM where needed.
• Configure SoD (Segregation of Duties) controls, risk models, and automated remediation rules.

3. Governance & Compliance

• Ensure Saviynt meets regulatory standards such as SOX, GDPR, HIPAA, ISO 27001, and internal controls.
• Implement and optimize access governance, certification campaigns, and risk scoring models.
• Establish and enforce IAM standards, policies, and best practices.

4. Technical Leadership & Collaboration

• Work closely with security teams, application owners, and infrastructure teams to onboard new applications and improve IAM posture.
• Provide deep technical guidance to developers, analysts, and support personnel.
• Lead troubleshooting efforts for complex Saviynt issues and performance concerns.

SAP Security Administration Responsibilities

User & Role Administration

• Create and maintain SAP users (SU01, SU10).
• Build and modify single, composite, and derived roles in PFCG.
• Assign roles based on functional team requirements and access principles.

Authorization Troubleshooting

• Investigate and resolve authorization issues using SU53, SUIM, ST01, and STAUTHTRACE.
• Validate authorization objects, field values, and Associated access logic.

SAP Risk & GRC Management

• Perform SOD analysis in SAP GRC or Saviynt.
• Maintain firefighter/EM access and review logs.
• Support periodic access review cycles and audit requests.

CERTIFICATIONS: Saviynt Certifications (e.g., Saviynt IGA Professional, Saviynt Cloud PAM).

EXPERIENCE: 8+ years of IAM experience with at least 4+ years hands-on Saviynt experience.

THOSE NECESSARY TO PERFORM THE JOB COMPETENTLY:

• Bachelor’s degree in computer science, Information Security, Engineering, or related field (Master’s preferred).
• Proficiency with:
  • Directory services (AD, Azure AD)
  • Cloud platforms (AWS, Azure, GCP)
  • REST/SOAP APIs, SQL, JavaScript, JSON
• Experience implementing IGA, PAM, and access governance capabilities.
• Deep understanding of identity lifecycle management, RBAC/ABAC, SoD, and compliance frameworks.
• Strong analytical, problem-solving, and communication skills.

PREFERRED QUALIFICATIONS:

Experience with SailPoint, Okta, or other IAM tools.

HOW YOU WILL THRIVE AND CREATE AN IMPACT:

In the Saviynt Architect role, you can deliver impact by designing secure, scalable IAM architectures, streamlining identity lifecycle processes through automation, and strengthening governance with effective SOD controls and risk‑based policies. I will ensure seamless integration across enterprise systems, enhance user experience through optimized workflows, and collaborate closely with security, IT, and compliance teams to align Saviynt capabilities with organizational needs. You can focus on continuous improvement and operational efficiency which would support a stronger, more compliant identity ecosystem.

Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Avantor is proud to be an equal opportunity employer.

Why Avantor?

Dare to go further in your career. Join our global team of 14,000+ associates whose passion for discovery and determination to overcome challenges relentlessly advances life-changing science.

The work we do changes people's lives for the better. It brings new patient treatments and therapies to market, giving a cancer survivor the chance to walk his daughter down the aisle. It enables medical devices that help a little boy hear his mom's voice for the first time. Outcomes such as these create unlimited opportunities for you to contribute your talents, learn new skills and grow your career at Avantor.

We are committed to helping you on this journey through our diverse, equitable and inclusive culture which includes learning experiences to support your career growth and success. At Avantor, dare to go further and see how the impact of your contributions set science in motion to create a better world. Apply today!

EEO Statement:

We are an Equal Employment/Affirmative Action employer and VEVRAA Federal Contractor. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state/province, or local law.

If you need a reasonable accommodation for any part of the employment process, please contact us by email at recruiting@avantorsciences.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.

Privacy Policy:

We will use the personal information that you have submitted to us in order to consider your application for the relevant role.

Your privacy is important to us. Please click here for our Privacy Policy which explains the purposes for which we will use your personal information and the ways in which we will handle and retain your information. It also explains the rights you have in relation to your information, and how to contact us with any queries or requests.

3rd party non-solicitation policy:

By submitting candidates without having been formally assigned on and contracted for a specific job requisition by Avantor, or by failing to comply with the Avantor recruitment process, you forfeit any fee on the submitted candidates, regardless of your usual terms and conditions. Avantor works with a preferred supplier list and will take the initiative to engage with recruitment agencies based on its needs and will not be accepting any form of solicitation