Identity & Access Management Architect (SAP & Microsoft ecosystem)

About the Role

As an IAM Architect, you are responsible for the company-wide identity and access architecture, with SAP as the central backbone, integrated with Microsoft AD / Entra ID and data platforms.

You design a secure, scalable, and compliance-driven IAM landscape – strategically, across systems, and in close alignment with senior management.

The role is not focused on operational execution, but on architecture, governance, and strategic decision-making.

Your Responsibilities

IAM Architecture & Strategy

• Ownership and continuous development of the enterprise-wide IAM target architecture
• Definition of architectural principles, standards, and guidelines for:
• Identity
• Authentication
• Authorization
• Reference: imWJ2noivaRsiyzOxtD3l97LdFqJgT96xcO_hLUxXMaoUFDLmP7uMSaUuiFAyYCL

• Development of SAP-centered IAM concepts aligned with security and compliance requirements

SAP as IAM Backbone

• Architecture of identity and role concepts across complex SAP landscapes (e.g. S/4HANA, BTP, SuccessFactors)
• Ensuring consistent user lifecycle management (Joiner / Mover / Leaver)
• Governance of role and authorization models in close alignment with business processes

Microsoft Identity Integration

• Architecture and governance of Microsoft AD / Entra ID as central identity providers
• Design of secure integration patterns between SAP and Microsoft Identity Services:
• Single Sign-On (SSO)
• Federation
• Provisioning
• Harmonization of Conditional Access, authentication, and role assignments across platforms

Data & Platform Integration

• Definition of IAM standards for data platforms and non-SAP applications
• Ensuring consistent identity and authorization models across all systems
• Supporting data governance through well-designed access concepts

Governance, Security & Compliance

• Acting as the architectural authority for IAM-related decisions
• Reviewing solution designs from internal teams and external partners
• Ensuring compliance with:
• Security policies
• Audit requirements
• Regulatory standards

Strategic Interface Role

• Translating business and compliance requirements into scalable IAM architectures
• Close collaboration with:
• Cybersecurity
• SAP teams
• Data & Analytics
• IT management
• External partners
• Supporting strategic initiatives such as:
• S/4HANA transformations
• Cloud migrations
• M&A activities
• Platform modernization

Your Profile

Professional Qualifications

• Several years of experience in IAM architecture within complex enterprise environments
• Deep expertise in:
• SAP authorization concepts
• SAP Identity Management
• Strong knowledge of Microsoft AD / Entra ID, including:
• Identity governance
• Conditional Access
• Federation
• Experience with data platforms (e.g. Databricks, Snowflake, Azure Data Lake)
• Knowledge of common IAM standards and protocols:
• SAML
• OAuth 2.0
• OpenID Connect
• SCIM
• Experience working at management and enterprise level

Personal Strengths

• Strong conceptual and analytical skills
• Ability to communicate complex topics clearly and effectively
• Structured, independent working style with high quality standards
• Very good German and English skills

Role Scope & Delineation

This position is strategic and architectural in nature.

• No operational execution or administration
• Focus on:
• Design
• Governance
• Decision-making
• Implementation is carried out by specialized delivery teams