SAP BTP Security Architect (m/f/d)

We are seeking an experienced SAP BTP Security Architect to design, implement, and govern secure identity, access, and compliance frameworks for SAP solutions running on SAP Business Technology Platform (BTP). The role is critical to enabling AI-driven use cases in SAP while ensuring robust security, regulatory compliance, and enterprise-grade identity management.

Key Responsibilities

• Identity & Access Management
• Design and implement SAP Identity Authentication Service (IAS) and Identity Provisioning Service (IPS) architectures
• Integrate SAP BTP with corporate IdPs (Azure AD, Entra ID, AD, LDAP, SAML, OAuth2, OpenID Connect)
• Configure Single Sign-On (SSO), MFA, Conditional Access, and Trust configurations
• Manage user lifecycle, role mapping, and automated provisioning/de-provisioning across SAP systems Security & Compliance
• Implement and govern SAP Cloud Identity Services (CIS) best practices
• Define security standards for BTP applications, APIs, AI services, and integrations - Support compliance requirements (ISO 27001, GDPR, SOC, internal security policies)
• Conduct security reviews, risk assessments, and audits for SAP BTP landscapes BTP & AI Enablement
• Secure AI-enabled SAP services (e.g., SAP AI Core, AI Launchpad, Joule, custom AI apps on BTP)
• Ensure secure access to APIs, data, and AI models using OAuth2, XSUAA, and service bindings
• Collaborate with SAP architects, AI teams, and developers to embed security by design Operations & Governance
• Monitor and troubleshoot authentication, provisioning, and authorization issues
• Establish identity governance, access reviews, and logging/monitoring strategies
• Create security documentation, standards, and operational runbooks