Architecte SAP security

Overview

Hybrid
Depends on Experience
Contract - W2
50% Travel

Skills

SAP ABAP
SAP
SAP HANA
SAP BI
SAP ERP
SAP Security
Scripting
SAP HCM
SAP Fiori
eCATT
SAP PFCG
Customer Engagement
Authentication

Job Details

Title : Architecte SAP security / Architecte de securite SAP
Lieu/ Location : Mode hybride doit etre en presentiel 2-3 jour par semaine au bureau du client Montreal Hybrid
Duree/ Duration: Jusqu'au 31 decembre 2025, 40h par semaine / Until Dec 31th 2025, 40h per week

Le candidat doit posseder les qualifications suivantes :
Au moins 5 ans d'experience avec l'autorisation SAP dans des environnements tels que ECC, Solution Manager, BW, Hana, GRC et Fiori. Plus specifiquement :
SAP ABAP et Fiori

o Gestion des utilisateurs, y compris SNC (SU01, SU10, EWZ5)
o Roles de securite (PFCG), Master/Derived et autorisations
o Catalogues Fiori, groupes Fiori et leur gestion au sein des roles de securite
o Gestion des roles de securite via les transports (Solution Manager ChaRM)

Applications cloud (BTP, IBP, SAC, Datasphere, Workzone, ABAP on Cloud, Cloud ALM, Signavio, EnableNow, Vertex)

o Clientes et privileges de securite (role, collections de roles, groupes, etc.)
o Gestion des utilisateurs et des Clientes dans BTP Cloud Foundry, Space et SAP HANA Cloud
Cloud Identity Services
o Comprehension des mecanismes d'authentification et de provisionnement des applications connectees
o Gestion des utilisateurs
o Groupes d'utilisateurs

Base de donnees HANA

o Gestion des utilisateurs
o Roles de securite (catalogue, referentiel)

Description du poste :
Le specialiste en securite SAP agit en tant qu'expert sur le projet SAP S4 HANA. Il concClient, developpe et met en uvre les roles, conformement aux procedures etablies et aux meilleures pratiques. Il participe a la collecte des exigences, aux tests, a la documentation, au transfert de connaissances, au contenu de la migration et a l'execution des taches.
Il/Elle participera au support en dehors des heures de bureau et le week-end, si necessaire.
Responsabilites du poste :

  • Concevoir, creer, tester et deployer les roles SAP avec les droits associes, en traduisant les exigences fonctionnelles en conception technique.
  • Traiter les demandes d'Clientes SAP et s'assurer de l'obtention des autorisations appropriees. Attribuer les roles pour autoriser l'Clientes aux environnements informatiques securises.
  • Integration de projets impliquant SAP, AD, le portail et les applications cloud, en les connectant a notre outil IGA (Saviynt).
  • Collaborer avec les parties prenantes pour definir les exigences necessaires a l'integration de nouveaux systemes ou applications SAP aux outils et processus IAM.
  • Soutenir la mise en uvre de la securite SAP pour les nouvelles implementations et mises a niveau.
  • Fournir une assistance technique pour les problemes lies aux autorisations SAP.
  • Appliquer et garantir le respect de toutes les normes informatiques appropriees (par exemple, securite, architecture, methodologie de livraison de projet, SOX, etc.)
  • Creer et tenir a jour une documentation precise des processus.


Experience professionnelle dans le domaine de la gestion des identites et des Clientes (IAM) avec une application de gouvernance des identites telle qu'IBM Security Identity Manager (ISIM), Saviynt, SailPoint, etc.
Bonne comprehension des concepts et des meilleures pratiques de gestion des identites et des Clientes, avec une experience pratique (par exemple : provisionnement/deprovisionnement, SSO, gestion des Clientes privilegies, separation des taches).
Competences et aptitudes generales :

  • Oriente resultats et capacite a livrer des produits de qualite dans les delais.
  • Capacite a gerer simultanement plusieurs missions de taille moyenne.
  • Capacite a resoudre des problemes grace a son ingeniosite et sa creativite.
  • Souci du detail.
  • Bonnes competences en gestion du temps.
  • Capacite a hierarchiser les demandes importantes.
  • Capacite d'organisation.
  • Capacite a reflechir et a agir sous pression.
  • Capacite a travailler avec une supervision limitee et a faire preuve d'un sens aigu de l'urgence.
  • Capacite a resoudre des problemes de securite complexes grace a la recherche et au travail d'enquete technique.
  • Excellentes competences en travail d'equipe et en collaboration. Adaptabilite au public.

Atouts :

  • Experience de la securite des autorisations SAP RH
  • Scripts eCATT



The candidate must have the following qualifications:
Minimum of 5 years of experience with SAP authorization in environments such as ECC, Solution Manager, BW, Hana, GRC, Fiori. More specifically:
SAP ABAP & Fiori

  • User Management, including SNC (SU01, SU10, EWZ5)
  • Security roles (PFCG), Master/Derived and authorizations
  • Fiori Catalogs, Fiori Groups and their management within security roles
  • Management of security roles using transports (Solution Manager ChaRM)

Cloud applications (BTP, IBP, SAC, Datasphere, Workzone, ABAP on Cloud, Cloud ALM, Signavio, EnableNow, Vertex)

  • Security access/privileges (Role, Role Collections, Groups, etc.)
  • User and access management in BTP Cloud Foundry, Space and SAP HANA Cloud

Cloud Identity Services

  • Understanding of the Authentication and provisioning mechanisms of connected applications
  • User Management
  • User Groups

HANA Database

  • User Management
  • Security roles (catalog, repository)

Job description:
The Specialist SAP Security acts as a subject matter expert on the SAP S4 HANA project, designing, developing, and implementing roles, while following established procedures and best practices. The specialist participates in requirements gathering, testing, documentation, knowledge transfer, cutover content and task execution.
The resource will participate in after hours and weekend support when necessary.
Role Responsibilities:

  • Design, build, test and deploy SAP roles with associated entitlements, translating functional requirements into technical design.
  • Process SAP access requests and ensure appropriate approvals have been granted. Assign roles to permit access to secured IT environments.
  • Project integration involving SAP, AD, portal, cloud apps, connecting them to our IGA tool (Saviynt).
  • Work with stakeholders to gather requirements needed for new SAP systems or applications integration within the IAM tools and processes.
  • Support the implementation of SAP security for new implementations and upgrades.
  • Provide technical assistance for issues related to SAP authorizations.
  • Apply, and ensure compliance with all appropriate IT standards (e.g. Security, Architecture, Project Delivery Methodology, SOX etc.)
  • Create and maintain accurate process documentation.


Work experience within the IAM domain using an Identity and Governance application such as IBM Security Identity Manager (ISIM), Saviynt, SailPoint, etc.
Good understanding of Identity & Access Management concepts and best practices with hands-on experience (ex: Provisioning/De-Provisioning, SSO, Privileged Access Management, Segregation of Duties)
General Skills and Competencies:

  • Results oriented individual with an ability to deliver quality product in a timely manner.
  • Ability to handle multiple and moderately sized assignments simultaneously.
  • Competent at problem-solving through ingenuity and creativity.
  • Detail oriented.
  • Good time management skills.
  • Ability to prioritize between many important requests.
  • Ability to organize.
  • Ability to think and act under pressure.
  • Ability to work with limited supervision and exhibit a solid sense of urgency.
  • Ability to solve complex security issues through research and technical detective work.
  • Strong teamwork and collaboration skills. Can adapt to the audience.

Assets:

  • Experience with SAP HR authorizations security
  • eCATT scripts
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.