Job Description
Senior Security & Authorization Engineer
We are looking for a Senior Security & Authorization Engineer with a strong focus on SAP role design and authorization concept development within SAP S/4HANA and SAP BTP
Working closely with the CORE S/4HANA Program and its Security & Authorization Team, this role centers on designing, building, and maintaining authorization concepts and role structures that align with business needs, compliance requirements, and operational realities.
The ideal candidate brings deep expertise in SAP authorization and identity management, and is comfortable leveraging modern AI-powered tools to work more effectively.
Your Tasks and Responsibilities
1. Authorization Concept & Role Design
- Design, develop, and maintain authorization concepts and role structures within SAP S/4HANA and SAP BTP.
- Ensure alignment with:
- business requirements
- compliance standards
- operational needs
- Support compliance with standards such as GxP and ICS/GISC
2. Role Lifecycle Management
- Lead the end-to-end lifecycle of SAP roles, including:
- requirements gathering
- concept design
- role build
- testing
- ongoing maintenance
3. User Administration & Process Improvement
- Manage and continuously improve user administration processes and authorization-related procedures across SAP S/4HANA and SAP BTP.
- Ensure sustainable and efficient authorization governance.
4. Program Collaboration
- Collaborate closely with the CORE S/4HANA Program and its Security & Authorization Team
- Ensure authorization requirements are effectively integrated into:
- program initiatives
- project activities
- release cycles
5. Identity Management
- Administer and develop identity management processes using:
- SAP Cloud Identity Services (IAS/IPS)
- SailPoint IDNOW
- Pathlock Cloud
6. Compliance & Governance
- Support compliance and governance activities, including:
- security assessments
- audits
- authorization risk evaluations
- segregation of duties ( SoD) controls
7. Advisory & Subject-Matter Expertise
- Act as a key point of contact for authorization and role design inquiries across IT Operations and business teams.
- Provide expert guidance on best practices and risk-based authorization decisions.
8. Continuous Improvement & Innovation
- Stay current on SAP S/4HANA and SAP BTP authorization best practices, including SAP’s embedded AI capabilities
- Leverage AI-powered tools such as ChatGPT, Claude, Copilot, or similar to enhance delivery quality and efficiency.
Who You Are
- Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent work experience.
- 8+ years of experience in SAP Security & Authorization, with a strong focus on:
- role design
- authorization concept development
- SAP S/4HANA
- SAP BTP
- Experience in a regulated ( GxP) environment is highly desirable.
Technical Expertise
- Deep knowledge of:
- SAP authorization concepts
- role design methodologies
- authorization best practices in SAP S/4HANA and SAP BTP
- Hands-on experience with:
- SAP Cloud Identity Services (IAS/IPS)
- SailPoint IDNOW
- Pathlock Cloud
Compliance & Delivery
- Strong understanding of:
- GxP
- ICS/GISC
- Segregation of Duties (SoD)
- Experience working in DevOps and Agile environments.
AI & Modern Tooling
- Comfortable using AI-powered tools such as ChatGPT, Claude, Copilot, or similar as part of the daily workflow.
Communication & Collaboration
- Excellent problem-solving and communication skills.
- Experience in international or cross-cultural teams is highly desirable.
Certifications
- Security certifications such as CISSP, CISM, or CISA are a plus.
Languages
- Fluent in English (required)
- Spanish is a plus
- Portuguese and German are additional advantages
Período de aplicación:
10 AL 30 DE JUNIO
Código de referencia:
870751
División:
Enabling Functions
Ubicación:
Mexico : Ciudad de México : Ciudad de México
Área funcional:
Tecnología de la información
Grado de posición:
VS 1.2
Tipo de empleo:
Permanente
Tiempo de trabajo:
FULL TIME - HIBRIDO
