Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : SAP Identity and Access Management, Business Transformation
Good to have skills : NA
Minimum
7.5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As an experienced SAP IAG & RISE Architect and You will be responsible for implementation, administration, and support of SAP Identity Governance solutions across SAP and integrated enterprise applications. The role focuses on identity lifecycle management, access governance, compliance support, and operational excellence in complex SAP landscapes. Also responsible for securing SAP platforms and underlying infrastructure across on-premise, cloud, and hybrid environments. The role focuses on platform hardening, vulnerability management, compliance support, and security operations, working closely with SAP Basis, Cloud, Network
Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Architect and lead SAP Identity Governance & Administration (IAG) solutions (SAP IAG Cloud, SAP IDM, SAP GRC AC).
- Define end-to-end identity lifecycle management (Joiner–Mover–Leaver) for SAP and connected applications.
- Design and enforce Role-Based Access Control (RBAC) and SoD models across ECC, S/4HANA, BW, BTP, SuccessFactors, Ariba, and SAC.
- Lead IGA strategy, roadmap, and future-state architecture aligned with Zero Trust principles.
- Implementation & Integration
- Lead SAP IGA implementations, rollouts, and upgrades across global landscapes.
Integrate SAP IGA with:
- SAP systems (ECC, S/4HANA, BW, BTP)
- Non-SAP apps (Workday, ServiceNow, Entra ID)
- Directories (AD, Azure AD / Entra ID, LDAP)
- SAP IAG & Security Operations
- Lead implementation and support of SAP Identity Access Governance (IAG), SAP BTP, and Fiori security
- Oversee user provisioning, de-provisioning, and access modifications across SAP systems.
- Manage role design, maintenance, and authorization troubleshooting.
- Ensure timely resolution of access-related issues and incidents.
- Guide the team on best practices for SAP security operations.-
- Access Governance & Compliance
- Execute access risk analysis (SoD) and support mitigation activities.
- Perform access certifications, periodic reviews, and audit evidence preparation.
- Ensure compliance with SOX, GDPR, and internal security policies.
- Maintain SAP security documentation, SOPs, and role design guidelines.
- Define and enforce SoD rulesets, risk matrices, and governance frameworks aligned with business and regulatory requirements.
- Lead remediation initiatives for identified access risks and track closure of audit findings.
- Establish and monitor Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for access governance.
- Drive periodic review of critical access, privileged users, and sensitive transactions.
- Oversee emergency access (Firefighter) reviews, logging, and compliance reporting.
- Collaborate with internal and external auditors to ensure smooth audit execution and timely closure of observations.
- Ensure proper segregation and control over business roles, technical roles, and composite roles.
- Support regulatory and compliance assessments, including control design and effectiveness testing.
- Maintain risk documentation, control narratives, and audit trails within IAG/GRC tools.
- Drive continuous improvement of governance processes through automation and standardization.
- Provide advisory to business and IT teams on risk-aware access design and compliance requirements.
- Ensure alignment of SAP security controls with enterprise security policies and frameworks.
- Integration & Enhancements
- Support integration of SAP IAG with SAP systems (ECC, S/4HANA, BW,BTP,Fiori)
- Directories (AD, Entra ID / Azure AD)
- Cloud & Hybrid Security Support
- Support security controls for SAP hosted on Azure / AWS
- Partner with SAP Basis teams to ensure secure system configurations and patching.
Professional & Technical Skills:
- Must To Have Skills: Proficiency in SAP Identity and Access Management, Business Transformation.
- Experience in risk assessment and mitigation strategies related to cloud environments.
- Hands-on experience with SAP IAG or SAP GRC Access Control
- Hands-on experience with SAP S4 BTP ,HANA and Fiori
- Hands-on experience with supporting SAP systems in production environment
- Strong understanding of SAP authorization concepts
- Role design and remediation
- Identity lifecycle management
- Experience supporting SAP ECC and S/4HANA systems.
- Exposure to SAP on cloud platforms (Azure / AWS).
Additional Information:
- The candidate should have minimum 7.5 years of experience in SAP Identity and Access Management.
- This position is based at our Mumbai office.
- A 15 years full time education is required.
- Bachelors and above degree in Computer Science, Information Technology, MIS, Engineering / Bachelor or college degree in related field or equivalent work experience (Full time).
- The candidate should have minimum 10+ years in Strong understanding of IAM concepts, RBAC, access privilege, and governance & SAP CIS
- SAP Security or IAM certifications.
- SAP Certified Associate – Security Administrator
15 years full time education
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.
Visit us at www.accenture.com
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.