IAM Operations - AM/Manager

The IAM Manager will: • Oversee and guide the internal IAM team within the broader IAM function, with a strong focus on managing IAM activities in SAP Cloud environments, particularly SAP S/4HANA Public Cloud and BTP. Ensure effective management of IAM activities and alignment with best practices. • Act as an escalation point for complex identity and access management issues, providing subject matter expertise, guidance, and resolution. • Manage IAM capabilities, playbooks and documentation and work with business stakeholders to implement continuous improvements. • Lead the design and implementation of Business roles, personas, and authorisations within SAP S/4HANA Public Cloud, ensuring compliance with best practices and regulatory requirements. • Work with SAP, SailPoint and other relevant vendors to address additional IAM requirements. • Manage the user provisioning and de-provisioning processes, including onboarding, role assignment, access granting, and the secure removal of access for departing employees or role changes. • Oversee design and configuration of IDAM solutions/processes around IAG/SailPoint/Okta to support SAP and non-SAP applications. • Coordinate the administration and governance of SAP IAG for access management and compliance across SAP systems. • Design and configure mitigating controls aligned with SOD & SA matrix rules in IAG/SailPoint. • Conduct regular access reviews and audits to ensure compliance with internal policies and external regulations. • Maintain and keep SoD rule sets up to date, incorporating changes in business processes, roles, and regulations. • Own IAM processes to ensure they align with existing security controls and policies. • Previous experience harmonising RACMs in alignment with FCM format. • Collaborate with IT and business teams to define and implement Role-Based Access Control (RBAC). Prior experience You must: • Minimum 5+ years of professional experience working in the IAM field and supporting services underneath: ? An operational IAM security role; or ? SAP IGA role • Have extensive experience in SAP GRC PC/FCM implementation on the Functional side. • Have extensive experience in SAP/Cloud SAP-IAG module. • Understand Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions and support requirements aligned with these solutions. • Knowledge of security concepts and technologies in the wider Identity and Access management space (Logical Access Controls, LDAP ,RBAC, Authentication solutions, PKI concepts, etc.) • Hands on experience and knowledge in enabling IAM controls securing digital products/solutions in the Cloud (e.g. in AWS, Azure and Google); • Be able to demonstrate the ability to adapt communication style to explain technical concepts to different people within an organisation whether advising stakeholders, directing teams, or sharing experiences. • Experience of successfully working in a fast paced, customer service/regulated environments, delivering high quality information security services • Be calm in challenging situations, able to navigate through complex security problems to find the root cause and a balanced outcome. It would be advantageous if you can demonstrate some, or all of: • Professional presentation with strong people skills at all levels across the firm. • Able to gain credibility with senior staff and the trust of all staff. • Any technical security certification (e.g. CISSP, CCSP, AWS, SAN GIAC, Azure, GCP).