About the team –

The SAP Platform team is committed to providing a robust, secure, and highly available SAP ecosystem across Ford Motor Company. Our mission is to empower critical business operations with reliable, scalable, and innovative SAP foundational services.

The SAP Platform team delivers world-class services that our:

Business Units leverage for secure, performant, and compliant enterprise solutions, including core operational needs in After Sales, Manufacturing, and Central Finance. Development Teams utilize for rapid innovation and strategic initiatives, supported by comprehensive SAP BTP development capabilities and architectural guidance. Ford Enterprise relies on for the foundational stability and governance of its corporate backbone, ensuring efficient and effective operations globally.

In this capacity, we provide essential SAP platform services, including SAP BASIS administration, comprehensive security management, expert architectural leadership, SAP BTP development support, and robust governance frameworks.

 

Job Description –

We are currently looking to expand our team with a highly skilled Senior SAP BTP Security & Identity Management Specialist to lead and support our cloud-first security initiatives, with a strong focus on SAP Business Technology Platform (BTP), Identity Authentication Service (IAS), and Identity Access Governance (IAG).

Required Skills & Qualifications –

A degree in Computer Science, Information Security, or a closely related discipline.  Minimum of 8 years of SAP Security experience, with at least 2 years focused on SAP cloud security solutions.  Extensive hands-on experience with SAP Business Technology Platform (BTP) security setup, administration, and best practices.  Proven expertise in implementing, configuring, and managing SAP Identity Authentication Service (IAS).  Demonstrated experience with the implementation and ongoing management of SAP Identity Access Governance (IAG).  Strong understanding of cloud security principles and architecture.  Experience with identity federation protocols such as SAML 2.0, OAuth 2.0, and OpenID Connect.  Familiarity with SAP S/4HANA security concepts and integration points with cloud identity solutions.  Ability to design and implement robust authorization models for cloud applications.  Proficient in troubleshooting complex identity and access management issues in cloud environments.

Preferred Qualifications –

At least a bachelor’s degree in a relevant field. Experience with other enterprise identity providers (e.g., Azure AD, Okta) and their integration with SAP solutions. Knowledge of API security and microservices security within a cloud-native context.  Familiarity with DevOps security practices and security automation.  Strong understanding of audit and compliance requirements for cloud security.  Excellent analytical, problem-solving, and debugging skills.  Ability to work collaboratively across various teams and stakeholders.  Exceptional communication and interpersonal skills, capable of explaining complex security concepts to technical and non-technical audiences.  Fluent in spoken and written English.Experience with other security domains (e.g., identity and access management, data privacy, cyber security frameworks).  Relevant SAP Security certifications (e.g., CCSK, CCSP) or SAP BTP/IAM (e.g., SAP Certified Technology Associate - SAP Cloud Platform) – Nice to have.

About the Role –

As a Senior SAP BTP Security & Identity Management Specialist, you will be a pivotal member of the Ford PS&L SAP Platform services PDO. You will be instrumental in designing, implementing, and maintaining secure access and identity solutions across our SAP cloud landscape, particularly within SAP BTP. This role requires deep hands-on expertise in configuring and managing SAP IAS for central authentication and federation, implementing SAP IAG for unified access governance, and securing BTP services and applications. You will ensure that our cloud security architecture aligns with Ford's compliance standards and best practices, enabling agile development and secure operations in the cloud.

 

Key Responsibilities –

Design, implement, and maintain security solutions within SAP Business Technology Platform (BTP), including subaccount security, instance-based authorizations, and principal propagation.  Configure and manage SAP Identity Authentication Service (IAS) for central user authentication, single sign-on (SSO), multi-factor authentication (MFA), and identity federation for BTP applications and other cloud services.  Implement and administer SAP Identity Access Governance (IAG) for streamlined identity lifecycle management, access request workflows, access risk analysis, and role management across hybrid SAP landscapes (on-premise and cloud).  Integrate BTP applications and services with IAS and IAG for comprehensive identity and access management.  Define and manage BTP role collections, authorizations, and trust configurations to secure access to BTP applications and services.  Collaborate with BTP application development teams to embed security best practices early in the development lifecycle and ensure secure deployment.  Troubleshoot complex identity and access issues across IAS, IAG, BTP, and integrated systems.  Provide expertise in BTP authorization concepts, including role-based access control (RBAC) and attribute-based access control (ABAC) where applicable.  Stay current with SAP BTP security innovations, best practices, and evolving cloud security standards.  Contribute to the development and enforcement of security policies and procedures for cloud environments.  Integration of authorization concepts between S4 HANA and BTP.