The SAP security team is responsible to reduce the cyber risk on the SAP landscape, which supports a significant number of critical business applications. It is organised in 4 main streams:
- Hardening : Application of security guidelines to reinforce hardening of SAP environment (operating system, database layer, application layer ) including network architecture
- Monitoring : Implementation of monitoring capabilities in SAP landscapes (covering from operating system layer to application layer) and proposing remediations. Management of a dedicated tool (SAP Enterprise Threat Detection) for the SAP application layers.
- Access Control : Reinforce SAP access control from a security point of view applying standards. Identify and remediate the critical risks and defining the security recommendations for access management
- Foundations & Future developments : Drumbeat the deployment of security foundations and provide support to new and existing projects to secure the SAP architecture (Review of ARD, under the lead of DSD), and provide support on deployment of SAP standards.
What you will be doing:
The SAP Security Architect is responsible for the design solution to SAP Security, technical changes and the product roadmap in line with Enterprise Architecture guidelines and Airbus Security Framework. You will also provide guidance for operational validations. You will ensure the timely delivery of project commitments, and subsequent services concerning SAP security.
You will be working alongside peers elsewhere in the team, and Digital product managers across various domains to improve security, therefore, taking people with you is a key and crucial success factor in this role. More precisely you will work with the Product Manager in charge of the Security for SAP.
Your main tasks and responsibilities will include:
-
Develop and maintain the organisations SAP security architecture, ensuring it aligns with industry best practices and meets regulatory requirements.
-
Define and promote technical, network and security standards within the scope of SAP solutions whether on premise or in the cloud.
-
Ensures the integration of standards and optimization of SAP GRC modules (e.g., Access Control, Process Control, Risk Management, Audit Management).
-
Generate and analyze GRC reports for compliance monitoring and audit purposes.
-
Support internal and external audits related to SAP security.
-
Develop and implement incident response procedures for SAP security breaches.
-
Collaborate with security operations centers (SOC) and incident response teams.
-
Architect and manage SAP identity and access management solutions, including single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM).
-
Ensures the integration of SAP security with enterprise-wide IAM systems.
-
Develop the guidelines for user provisioning, de-provisioning, and access reviews processes.
-
Stay up to date with the latest SAP security trends, vulnerabilities, and emerging threats.
-
Conduct regular assessments and audits to identify security gaps and recommend remediation actions.
-
Collaborate internally with the teams focused on Build and RUN activities.
-
Collaborate with cross-functional teams to assess security risks, develop strategies, and implement solutions to mitigate risks.
-
Manage and enhance the security infrastructure, including firewalls, intrusion detection systems, and secure remote access solutions.
-
Implement and manage zero trust principles and technologies across the organisations network.
-
Support security incident response efforts, including investigating and resolving security incidents in a timely manner.
-
Provide guidance and support to IT teams and end-users on SAP security best practices.
-
Develop and deliver training and awareness programs to educate employees on SAP security.
-
Being the link between IT governance, innovative solutions and new initiatives (inside/outside airbus)
-
Technologies trends monitoring and sharing knowledge with the team (Information & Knowledge management)
This role will involve some travel for business and as such you must be able to travel accordingly.
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Companys success, reputation and sustainable growth.
Qualification & Experience
-
Graduate/Post Graduate with 10+ years of experience in IT Security , Cyber or equivalent field with SAP expertise .
-
Experience and deep knowledge of SAP systems (for example SAP ERP, S/4HANA, SAP Business Warehouse, SAP HANA, SAP BTP, SAP Business Objects , etc.) and their architecture, landscape design and infrastructure needs.
-
Deep knowledge in network and security standards and solutions applicable to SAP infrastructures and applications on premise and cloud.
-
Solid experience in endpoint security architecture design and implementation.
-
Strong knowledge of security principles and technologies, including SAP Security, EPP, EDR, Encryption, Firewalls, IDS/IPS, VPNs, and secure remote access.
-
Familiarity with zero trust concepts, principles, and technologies.
-
Excellent understanding of security frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR).
-
Strong project management skills, including the ability to manage multiple projects concurrently.
-
Excellent communication skills, both written and verbal, with the ability to effectively interact with technical and non-technical stakeholders.
-
Strong problem-solving and analytical skills.
-
Relevant certifications such as CISSP or CISM are highly desirable.
-
Experience in security advisory or consulting roles is a plus.
Success Metrics
Success will be measured in a variety of areas, including but not limited to
-
Bring innovative cost effective solutions
-
Achieve the customer satisfaction
-
Agile mind-set, collaborative way of working.
-
Consistently ensure the on-time delivery and quality (first-time-right) of the projects.
