Associate Director-SAP Security & Authorizations

Key Responsibilities

Strategic Leadership & Direction

• Define and drive the SAP Security & Authorizations strategy in alignment with the SAP & Ecosystem and Enterprise platform priorities.
• Provide subject matter leadership to senior stakeholders, including input into CXO-level discussions on risk, controls, and security design to future proof our SAP security landscape.
• Support the head of the unit in shaping a scalable, global operating model for SAP security services.
• Lead and develop a high-performing global team with a span of 10-12 members, fostering collaboration, accountability, and continuous improvement.

Quality, Compliance & Risk Management

• Ensure SAP security controls support a robust, audit-ready environment, aligned with internal policies and external regulatory expectations (e.g., SOX and relevant GxP considerations).
• Own and govern the Segregation of Duties (SoD) framework, ensuring effective risk identification, mitigation, and monitoring.
• Partner with Quality, Platform Risk & Compliance, and Internal Audit teams to proactively manage risks and address findings.
• Apply a risk-based and pragmatic approach to balancing compliance with business needs.

Architecture & Secure Design

• Define and maintain the SAP authorization and role design framework across S/4HANA, Fiori, BTP platform and other SAP solutions.
• Ensure security and compliance are embedded by design in all SAP initiatives.
• Provide oversight of integration with enterprise identity and access management (IAM) capabilities (e.g., SSO, MFA, identity provisioning).
• Guide secure architecture decisions across SAP cloud and hybrid environments, including SAP BTP and SaaS platforms.

Operational Excellence

• Oversee end-to-end access lifecycle management, ensuring efficient, compliant, and user-centric processes.
• Drive standardization, simplification, and automation across SAP security operations.
• Manage escalations, complex authorization issues, and security incidents with clear ownership and resolution.
• Define and monitor KPIs and service levels to ensure continuous improvement.

Stakeholder Collaboration

• Collaborate closely with business stakeholders, product teams, SAP functional experts, SAP architects, SAP design authority and information security teams.
• Translate complex security topics into clear, actionable insights for business and IT leaders.
• Contribute actively to enterprise transformation programs, ensuring security and compliance are integrated from the outset.

Qualification & Requirements

Qualifications & Experience Required

• 15+ years of experience in SAP Security & Authorizations, combining leadership and deep technical expertise.
• Strong knowledge of S/4HANA, ECC, and SAP Fiori security models.
• Proven experience with SAP GRC Access Controls and SoD frameworks is an advantage.
• Experience working in a global, matrixed organization.
• Ability to engage with senior stakeholders, including exposure to executive-level discussions.
• Solid understanding of compliance and quality-driven environments, including SOX and GxP-relevant controls.
• Experience integrating SAP with enterprise IAM solutions (e.g., SailPoint, Entra ID/Azure AD, SSO, MFA).

Preferred

• Experience in life sciences or other regulated industries.
• Exposure to SAP BTP security and Cloud identity services.
• SAP certifications in Security or GRC.

Leadership & Behavioural Competencies

• Strong executive communication and stakeholder management skills
• Ability to operate effectively between strategic and hands-on levels
• Pragmatic approach to risk, compliance, and business enablement
• Drives simplicity and continuous improvement in complex environments
• Builds trust through accountability, transparency, and delivery

Benefits