SAP Security Architect

We can't find the internet

Attempting to reconnect

!

Attempting to reconnect

SAP Security Architect

💻 Ework Group - founded in 2000, listed on Nasdaq Stockholm, with around 13,000 independent professionals on assignment - we are the total talent solutions provider who partners with clients, in both the private and public sector, and professionals to create sustainable talent supply chains.

With a focus on IT/OT, R&D, Engineering and Business Development, we deliver sustainable value through a holistic and independent approach to total talent management.

By providing comprehensive talent solutions, combined with vast industry experience and excellence in execution, we form successful collaborations. We bridge clients and partners & professionals throughout the talent supply chain, for the benefit of individuals, organizations and society.

🔹 For our Client from pharmaceutical industry we are looking for SAP Security Architect🔹

Our SAP landscape underpins critical business and regulated processes globally — spanning Finance, Supply Chain, Manufacturing, Quality, and R&D. As we continue our S/4HANA transformation journey and expand our SAP Business Technology Platform (BTP) footprint, we are looking for an exceptional SAP Security Architect to lead and own our end-to-end SAP security strategy, architecture, and governance.

If you are an expert in SAP security, authorisations, and SAP cyber risk management with a proven track record of deg enterprise-grade SAP security architectures across S/4HANA, BW/HANA, HANA DB, Fiori, and BTP — we want to hear from you.

---

The position

As a SAP Security Architect, you will be a key technical leader within our SAP Security function, responsible for defining and driving the SAP security architecture, standards, and governance across a complex, global, and regulated SAP landscape. You will work closely with senior stakeholders, cybersecurity leadership, compliance teams, and SAP programme teams to ensure our SAP environment is secure, compliant, and fit for the future.

This is a individual contributor and leadership role with significant scope, influence, and visibility across the organisation.

• ✔️SAP security architecture & strategy
• • Define and own the SAP security architecture (on-prem and cloud), including target-state design, standards, reference architectures, and implementation roadmaps.
• Drive security-by-design across SAP programs (new implementations, rollouts, upgrades, and S/4HANA transformations).
• Engage with technical and compliance SMEs, business stakeholders, and vendors to shape direction and delivery outcomes.
• Present SAP security posture, risks, and roadmap to senior leadership and the CISO organisation.
• ✔️Authorisation design & implementation (core)
• • Lead the design and implementation of SAP authorisation concepts and role-based access control (RBAC) across end-to-end business processes (e.g., Finance, Supply Chain, Manufacturing, Quality, HR, BW, ATTP, GBT).
• Establish and govern role design methodology (business roles, derived roles, org-level strategy, SU24 governance, naming conventions, firefighter strategy).
• Streamline and govern role lifecycle processes (intake, build, testing, approvals, transport, periodic review, and recertification).
• Govern change management and transport security processes to ensure integrity of the SAP security landscape.
• ✔️S/4HANA, Fiori & modern UX security
• • Secure SAP Fiori front-end and SAP Gateway (catalogs/groups/spaces/pages concepts, OData service authorisations, UI/service hardening).
• Design secure authentication and SSO patterns (SAML2/OAuth2, SNC/Kerberos, MFA integration where applicable).

✔️SAP BTP security (cloud)

• Design and implement SAP BTP security models (subaccount structure, entitlements, role collections, XSUAA, destinations, Cloud Connector considerations).
• Integrate SAP BTP with enterprise identity providers and SAP cloud identity services (IAS/IPS) and define secure onboarding patterns.
• Define API security standards and integration security patterns for SAP Integration Suite, PI/PO, and other middleware components.
• ✔️BW/HANA & HANA DB security
• • Own security design for BW on HANA / BW/4HANA (analysis authorisations, data access controls, authorization-relevant objects).
• Design HANA database security (users/roles, privileges, schemas, auditing, encryption options, secure connectivity patterns).
• ✔️Governance, Risk & Compliance (GRC), audits & controls
• • Lead SAP security controls design and operationalization for internal/external audits (SOX/ITGC and other control frameworks), including evidence readiness and remediation plans.
• Drive Segregation of Duties (SoD) design and remediation, emergency access controls, and continuous control monitoring.
• Partner with cybersecurity