Job summary

Entity:

Technology



Job Family Group:

IT&S Group



Job Description:

You will work with

This role collaborates closely with the Business Teams, ERP Sustain & Operations Team & the ERP Transformation Programme to design and implement best-in-class Identity solutions in SAP. You will work alongside business stakeholders, enterprise architects, functional consultants, and third-party vendors to develop and integrate the solution. This role will work within the Technology DevOps Team and is expected to work in close collaboration with geographically diverse stakeholders including Global Functional and Technical Product Managers and Owners and to collaborate with wider teams within Technology.

Let me tell you about the role

As aSenior Enterprise Technology Engineer (Identity and Access Management)your responsibility will be to oversee the delivery and governance of the access security and compliance elements for core SAP ERP solutions, including ECC, S4HANA, HANA, SAP Ariba, SAP Fieldglass, SAP Analytics Cloud, SAP Fiori, GRC etc. This includes collaborating with stakeholders to articulate the vision for access control, along with the border roadmap and product strategy. Additionally, you will work with a team of highly skilled Enterprise Technology Engineers and Software Engineers to address pain points and develop scalable, secure, and dynamic access models across bp applications. You will play a critical part in the company’s digital transformation efforts to drive operational security and efficiency.

What you will deliver:

Develop and implement comprehensive security strategies for core SAP ERP solutions (e.g. ECC, S4HANA, HANA, SAP Ariba, SAP Fieldglass, SAP Analytics Cloud, SAP Fiori, GRC etc.) that align with organizational security policies and compliance requirements.

Define, implement, and manage access controls and user permissions to ensure appropriate access levels are maintained. This includes overseeing the provisioning, modification, and deactivation of user access based on organizational changes and user role definitions.

Conduct thorough risk assessments for the core SAP ERP solutions (e.g. ECC, S4HANA, HANA, SAP Ariba, SAP Fieldglass, SAP Analytics Cloud, SAP Fiori, GRC etc.), identifying potential vulnerabilities and implementing measures to mitigate risks. This also involves staying updated with the latest security trends and potential threats to the SAP system.

Develops to become the subject matter expert helping to shape the future roadmap of access control by adopting the newest and latest technologies as they emerge.

Works with the business to understand requirements and helps develop and quality assure standards ensuring robust security and development principal adoption.

Contributes to bp’s broader Identity and Access Management products ensuring synergies in solution designs and deployment models.

Ensure that the core SAP ERP solutions systems comply with legal, regulatory, and internal policies. This involves preparing for audits, facilitating the audit process, and implementing recommendations from audit findings.

Respond to and investigate security incidents and breaches, including providing a rapid response to mitigate impacts. Document incidents and develop preventative measures to avoid future occurrences.

Regularly up to date with industry security best practice and collaborate or share internally for improvement

Continuously review and improve security policies, practices, and measures to enhance the security landscape of the SAP systems. This may involve implementing new technologies or processes to strengthen security.

The safety of our people and our customers is our highest priority. The role will advocate and lead in this and promote a culture of security and safety in everything that we do.

Work as part of evolving multi disciplinary teams which may include Software Engineers, Enterprise Technology Engineers, Designers, SecOps, and Product owners to deliver value through the application of specialist skills

Support recommendation of the correct strategic platforms to solve a problem based on business requirements using your expertise

Work with vendors and partners providing market solutions to optimize the usage and value which can be delivered from the appropriate technology platform

Act as a thought leader in the areas of your technology specialism helping to shape forward roadmaps, upcoming features and opportunities to unlock future

Ensure operational integrity of what you build, assuring operational compliance with architectural and security standards, as well as compliance and policy controls refined by Strategy.

Mentor others and become a conduit to connect the broader organization.

What you will need to be successful (experience and qualifications)

Technical Skills we need from you

Experience working with at least one of RBAC/PBAC/ABAC concepts across multiple applications.

Experience in understanding how to interpret and deploy compliance standards across an enterprise.

Proven track record in implementing, configuring, and maintaining authorization security solutions for core SAP ERP solutions (e.g. ECC, S4HANA, HANA, SAP Ariba, SAP Fieldglass, SAP Analytics Cloud, SAP Fiori, GRC etc.). Experience should include security setup, integration with other enterprise systems, and ongoing management.

Experience leading security deployment projects, especially for large-scale on core SAP ERP solutions (e.g. ECC, S4HANA, HANA, SAP Ariba, SAP Fieldglass, SAP Analytics Cloud, SAP Fiori, GRC etc.). Skills in project planning, resource allocation, and timeline management are crucial.

Understanding of compliance requirements that impact the procurement and external workforce systems, ensuring that core SAP ERP solutions setups adhere to legal and regulatory standards.

Understanding of Cloud IAM, IoT, Robotic Based Automation and best of bread Cloud based Enterprise Applications.

Understanding of multifactor authentication, Microsoft Active Directory, Azure Active Directory.

Ability to communicate effectively with stakeholders at all levels, including IT teams, security teams, and business unit leaders. This involves translating technical details into business language that is understandable to non-technical stakeholders.

Team player who is willing to speak up and share what they have learned.

Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and prioritization skills.

Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization.

Prior experience in planning, coordination and implementation and the ability to work across teams and functions to execute and deliver.

Aptitude to upskill and learn new technologies based on dynamic requirements.

Ideally has managed direct reports previously including graduates.

Core Skills Expectations :

Agile Core Practices - Understand and apply agile values and principles and core agility practices to the work of the team; including agile mindset and focus on customer, product and team to generate value.

Technical Specialism - The development and exploitation of expertise in any specific area of information or communications technology, technique, method, product or application area.

Configuration management and release - The lifecycle planning, control and management of the assets of an organization (such as documentation, software and service assets, including information relating to those assets and their relationships. This involves identification, classification and specification of all configuration items (CIs) and the interfaces to other processes and data.

Documentation and knowledge sharing - The systematic management of vital knowledge to create value for the organization by capturing, sharing, developing and exploiting the collective knowledge of the organization to improve performance, support decision making and mitigate risks. The development of a supportive and collaborative knowledge sharing culture to drive the successful adoption of technology solutions for knowledge management. Providing access to informal, tacit knowledge as well as formal, documented, explicit knowledge by facilitating internal and external collaboration and communications.

Information security - The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.

Metrics definition and Instrumentation - The development and operation of a measurement capability to support agreed organizational information needs. The planning, implementation, and control of activities to measure attributes of processes, products, and services in order to assess performance, progress, and provide indications and insights to actual or potential problems, issues, and risks.

Service operations and resiliency - The ability to build and operate services and applications at scale with automation to maintain high levels of availability. To do this, a combination of activities are required from the initial design and sizing of the infrastructure, network, and constituent components to determine throughput (# of transactions/requests, users) through to service health metrics, monitoring, alarming, and remediation. Each of these areas will combine human effort (e.g., a human is paged) as well as automated steps and tools to reduce operational burden and overhead.

Source control and code management - The practice of tracking and managing changes to code to help to resolve conflicts when merging contributions from multiple sources. This includes the use of best practices such as using pull requests and trunk based development, running automated testing and static analysis pre-commit, and preventing build breaks through automation/rollbacks.

Testing and Quality Assurance - Measure and maintain a high level of code quality from development through deployment to production. This includes automated and manual testing, including but not limited to: unit testing, static analysis, functional testing, UI testing, load testing, chaos testing. Testing should be done throughout the development lifecycle (agile) rather than being reserved to a specific milestone (waterfall).

Coaching - Uses a blend of formal and informal coaching to build the capability of the team to ensure that performance delivery is sustainable in the longer term and the team are motivated to continue to develop their capabilities.

Collaboration - The ability to collaborate with teams internally and externally to drive activities that support the wider bp strategy. Collaborative leaders enable and empower others to cooperate willingly to achieve positive results. They navigate a varied network of people, inside and outside of bp, to gain insight and ideas. They co-create through collective curiosity, communities and new collaboration tools to discover possibilities so that digital transformation and high performance can thrive at pace. They focus on being customer and user-centric.

Facilitation - Facilitates learning, group activities and group discussions. Uses a range of techniques to guide group sessions to appropriate and useful outcomes, in a constructive and timely manner

Mentoring - Provides a reciprocal and collaborative at-will relationship for the purpose of the mentee’s growth, learning, and career development. Often there is an emphasis on organizational goals, culture, career goals, advice on professional development, and work-life balance.

Essential Skills

8+ Years experience in technology specialism

Demonstrable Knowledge in the application of modern Service Delivery methods - Site Reliability Engineering to traditional ITIL, and understanding of Product Based delivery

Strong Communications skills and a high ‘EQ’ with the ability to operate across complex business environments and stakeholders up to senior executive level

Skills that set you apart

Knowledge of Identity Governance and Assurance solutions e.g. Saviynt, Sailpoint, Ping Identity etc

Broader development experience in one or more object-oriented programming languages (e.g. Python, Go, Java, C/C++)

Project Management experience delivering IT led projects

Broad experience contributing and collaborating to assist design, plan, implement, maintain, and document services and solutions



