What are the responsibilities and job description for the SAP Authorization & Security Architect - Americas position at RealREPP?
HOT JOB IN SPARTA, TN - WILL RELO
SAP Authorization & Security Architect – Americas
Department: IT Applications / Enterprise Platforms
Reports to: Director, SAP Platform Services / Enterprise Applications
Location: Sparta, TN
Travel: 10% to 20%
$128k 10% bonus
Position Summary
Regional SAP Security Architecture
SAP Authorization & Security Architect – Americas
Department: IT Applications / Enterprise Platforms
Reports to: Director, SAP Platform Services / Enterprise Applications
Location: Sparta, TN
Travel: 10% to 20%
$128k 10% bonus
Position Summary
- The SAP Authorization & Security Architect – Americas is responsible for the target design, architecture, standardization, and continuous improvement of SAP authorization and security models across the Americas region.
- This role acts as the regional design authority for SAP security and works in close alignment with the global SAP/security function to ensure that regional solutions are consistent with global standards, control requirements, and enterprise architecture principles.
- The role provides architectural leadership across SAP ECC, S/4HANA, Fiori, and selected integrated enterprise applications and interfaces. It translates business, compliance, and transformation requirements into scalable authorization concepts that are secure, supportable, and audit ready.
- The role also serves as the key regional expert for the use of SIVIS to support role analysis, compliance transparency, authorization quality, and continuous improvement of the SAP security landscape.
Regional SAP Security Architecture
- Define and maintain the target SAP authorization architecture for the Americas.
- Establish architecture standards for single roles, composite roles, derived roles, organizational-value design, and privileged access structures.
- Design scalable and supportable role concepts that align with least privilege and need-to-know principles.
- Ensure SAP security architecture supports both operational stability and future transformation requirements.
- Review and approve complex or high-risk authorization designs.
- Act as the primary Americas interface to the global SAP/security role.
- Translate global authorization standards, governance rules, and control expectations into regional deployment models.
- Represent the Americas region in global design reviews, template discussions, control decisions, and security-related transformation governance.
- Identify and escalate regional exceptions, conflicts, and design trade-offs requiring global alignment or approval.
- Ensure regional solutions remain aligned with enterprise-wide audit, compliance, and cybersecurity expectations.
- Lead the SAP security architecture workstream for major transformation initiatives, including S/4HANA migrations, plant integrations, template rollouts, organizational redesigns, and system consolidations.
- Define the authorization conversion and redesign approach from ECC to S/4HANA.
- Architect Fiori security concepts, including backend role alignment and launchpad access structures.
- Ensure security and authorization design are embedded in blueprinting, fit-gap, testing, cutover, and post-go-live stabilization.
- Support project teams with secure-by-design decisions that balance standardization and business usability.
- Lead or co-lead regional use of SIVIS / Pointsharp for SAP authorization analysis, compliance checking, and role optimization.
- Use the platform to assess authorization quality, identify weaknesses in the authorization concept, and support remediation and redesign efforts.
- Support the use of tool-driven compliance checks and reporting to improve control transparency and audit readiness.
- Leverage the platform’s capabilities to support emergency access design, authorization review, and S/4HANA-related preparation activities where applicable.
- Partner with the global SAP/security role and internal stakeholders to standardize regional usage, reporting outputs, and governance expectations for the toolset. Pointsharp describes these capabilities in its SAP authorization management, compliance check, emergency access, and S/4HANA-preparation materials.
- Architect segregation-of-duties-aware role concepts in line with internal control and audit requirements.
- Define mitigating-control patterns for unavoidable access conflicts.
- Support periodic access review design, privileged access governance, firefighter concepts, and role recertification frameworks.
- Provide architectural support for internal and external audit activities related to SAP access and security controls.
- Ensure that role concepts and security designs are documented to a standard that supports sustainable governance and audit traceability.
- Define authorization and security design principles for SAP-connected applications and interfaces, including integrated enterprise systems, RFC users, background users, and technical accounts.
- Partner with SAP Basis, Cybersecurity, and IAM teams to ensure that identity lifecycle, provisioning design, and access control models are aligned.
- Support secure integration of SAP with regional and global platforms without compromising control integrity or supportability.
- Act as the senior technical escalation point for complex authorization and security design issues.
- Review deliverables from external service providers and implementation partners for architectural consistency and quality.
- Coach analysts, administrators, and project teams on role design standards, documentation expectations, and sustainable support models.
- Drive standardization, simplification, and continuous improvement of the SAP authorization landscape across the region.
- Contribute to the reduction of external dependency by strengthening internal architectural knowledge and design discipline.
- Bachelor’s degree in Information Systems, Computer Science, Business Administration, Accounting, or a related discipline.
- 7 years of SAP authorization and security experience.
- Deep hands-on expertise in SAP ECC and/or S/4HANA authorization concepts.
- Strong experience in SAP role architecture, authorization objects, organizational-value-based design, and access governance principles.
- Experience designing SAP security solutions in audit-sensitive and compliance-driven environments.
- Experience supporting large transformation programs, preferably including ECC to S/4HANA migration.
- Strong ability to operate in a matrix organization with regional and global stakeholders.
- Excellent written and verbal communication skills with both technical and business audiences.
- Experience working in a global-regional SAP security operating model.
- Hands-on experience with SIVIS / Pointsharp or a comparable SAP-focused authorization governance, compliance, or role management platform. Pointsharp positions SIVIS within its SAP IGA and authorization management offering.
- Experience with SAP Fiori security architecture.
- Experience with SAP GRC Access Control or similar governance and risk tooling.
- Experience in manufacturing, supply chain, multi-plant, or multi-entity environments.
- Exposure to SAP modules such as FI/CO, MM, SD, PP, WM/eWM, CS, or related functional domains.
- SAP security certification, CISA, CISSP, or similar credentials.
- We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.*
Salary : $128,000