The ideal candidate will have deep expertise in Cloud Identity Services, identity provisioning, authentication frameworks, SAP IDM and SAP Access Control. You will be responsible for protecting mission-critical SAP systems, managing identity integrations, and ensuring compliance through proactive monitoring and root cause analysis.
This role requires a proven ability to configure secure authentication paths, integrate with external Identity and Access Management platforms such as Microsoft Identity Manager, and manage SAP security components in ECC and S/4HANA environments.
Key duties and responsibilities The key duties of the position include:
* Administration and troubleshooting of Identity Management systems including SAP, Azure AD, Microsoft Identity Manager, and other systems.
* Management of secure identity provisioning and de-provisioning across SAP landscapes.
* Implementation of authentication protocols (SAML 2.0, OIDC, OAuth 2.0) and secure authentication in hybrid environments.
* Implementation of SAP Access Control components.
* Designing and enforcing risk-based authentication policies and configuration of policy-based authorizations for SAP applications.
* Integration of multi-factor authentication platforms with SAP.
* Monitoring and mitigation of threats across multiple surfaces, including RFC connections and dormant or orphaned accounts.
* Configuration and maintenance of SAP UI masking and UI logging for sensitive data protection, including log extraction and analysis.
* Leading identification and response to potential security events, including root cause analysis for incidents and documentation of remediation steps.
* Ensuring ongoing system security compliance with Whole-of-Government and internal standards, including supporting Authority to Operate processes, penetration testing, and IRAP assessments of systems.
* Operational support for major incidents.
* Collaboration with cross-functional teams for technology initiatives, system integrations, disaster recovery planning, and end-user support.
* Knowledge sharing, team mentoring, and uplift of technical capability (including documentation of processes, design etc.), and fostering a collaborative and high-performing culture.
The ideal candidate will have the following skills and capabilities:
* Tertiary education in Information Security, Computer Science, or a related field
* Subject matter expertise (equivalent to 10+ years of experience) in SAP cybersecurity-focused roles.
* Expertise in SAP Cloud solutions, including SAP BTP and Cloud Identity Services.
* Proven experience with and/or strong understanding of:
* SAML 2.0, OIDC, OAuth 2.0, SCIM.
* SAP IDM.
* SAP Enterprise Threat Detection.
* SAP Access Control, including HR trigger and UAR customizations.
* SU25, role migration from ECC to S/4HANA.
* SAP UI Logging, UI Masking.
* BTP and SAP Cloud systems Security.
* SIEM tools and incident response procedures.
* managing security in hybrid SAP environments.
* Australian government compliance and security standards (ISM, PSPF, IRAP, ANAO etc.).
* Previous experience in with the technical delivery aspects of ERP implementations, including system configuration, integration, and data migration will be highly regarded.
HOW TO APPLY:
Please submit your resume for consideration via the appropriate link. A cover letter demonstrating your relevant experience may also be reviewed.
Should you wish to discuss, please contact Enrico Manai at quoting reference number: Your interest will be treated in the strictest of confidence.
Diversity, Equity & Inclusion at Hudson
Hudson is committed to helping you find a workplace where you feel respected, supported, and free to thrive. We welcome applications from all backgrounds, identities, and lived experiences—because when different voices come together, amazing things happen. Casual Loading *Please note for all Australian* based contract and temporary roles only, the pay rate is inclusive of mandatory 25% casual loading. This excludes permanent and fixed term roles.