About the role
Role Summary
The Assistant Manager – SAP Basis & Security is responsible for leading the administration, security, and governance of SAP systems across hybrid (cloud and on-premises) environments. The role ensures system stability, secure access management, compliance with audit requirements, and seamless integration across SAP applications including S/4HANA, BTP, Ariba, SuccessFactors, and MDG.
This position combines technical leadership, operational ownership, and governance accountability, aligned with enterprise-scale SAP landscapes and cybersecurity standards.
Key Responsibilities
1. SAP Basis Administration & Operations
- Lead SAP system administration for S/4HANA and related platforms, including monitoring, performance tuning, and troubleshooting
- Manage transports, system refreshes, upgrades, patches, and kernel updates
- Monitor system health, batch jobs, logs, interfaces, RFCs, and database performance
- Coordinate with infrastructure, cloud, and database teams to ensure availability and SLA compliance
2. SAP Security & Authorization
- Design and maintain SAP roles and authorization structures aligned with least privilege and SoD principles
- Manage user provisioning, role assignments, and authorization troubleshooting
- Conduct user access reviews, emergency access (firefighter), and remediation activities
- Provide audit evidence, access reports, and compliance documentation
3. SAP GRC & Access Governance
- Configure and support SAP GRC modules (ARA, ARM, EAM, BRM)
- Manage SoD rules, risk analysis, mitigation controls, and workflows
- Support SAP IAG for cloud-based access governance across SAP SaaS applications
- Lead periodic access certifications and audit remediation activities
4. SAP Cloud Security (BTP, IAS, IPS, Work Zone)
- Administer SAP BTP subaccounts, role collections, destinations, and trust configurations
- Configure IAS for SSO, identity federation, and authentication policies
- Manage IPS for user and role provisioning across SAP systems
- Support Work Zone access control and launchpad content configuration
5. SAP Application Security (MDG, Ariba, SuccessFactors)
- Manage security and access controls across SAP MDG, Ariba, and SuccessFactors
- Ensure secure integration between SAP S/4HANA and cloud systems
- Support role design, provisioning, and access troubleshooting for business users
6. Identity & Integration Security
- Design and implement SSO using SAML 2.0, OAuth, and IAS/IPS integration
- Manage authentication flows across SAP ecosystem (S/4, BTP, SaaS apps)
- Troubleshoot federation, certificates, tokens, and login failures
7. Compliance, Audit & Operations
- Ensure adherence to internal security policies, audit requirements, and cybersecurity standards
- Support audits with system logs, access controls, and compliance evidence
- Participate in incident, change, and problem management processes
- Prepare technical documentation and operational procedures
Required Skills & Experience
- Strong experience in SAP Basis & Security administration
- Expertise in SAP S/4HANA authorization and role design
- Hands-on experience with SAP GRC Access Control and/or SAP IAG
- Experience in SAP BTP security, IAS, IPS, and SSO configurations
- Knowledge of integration security (RFC, OAuth, SAML, certificates)
- Strong understanding of SoD, audit controls, and compliance frameworks
- Experience supporting hybrid SAP environments (cloud + on-premise)
Preferred Qualifications
- SAP certifications (Basis, Security, GRC, or BTP)
- Experience in large-scale SAP transformation programs
- Knowledge of SAP Cloud ALM or Solution Manager
Soft Skills (Assistant Manager Level)
- Leadership mindset with ability to guide teams and vendors
- Strong stakeholder communication (business, cybersecurity, and IT)
- High ownership and accountability for critical systems
- Ability to manage incidents under pressure
- Proactive risk identification and continuous improvement focus
Education
- Bachelor’s degree in IT, Computer Science, Engineering, or related field
Experience Required
- 8–10+ years in SAP Basis & Security
- Strong hands-on experience with SAP S/4HANA and SAP cloud security
- Experience in GRC/IAG implementation is highly preferred