SAP Roles & Authorisations Workstream Lead (S/4HANA Public Cloud)

SAP Roles & Authorisations Workstream Lead (S/4HANA Public Cloud) - Contract

Exalto Consulting is supporting a confidential SAP cloud programme to appoint an experienced SAP Roles & Authorisations specialist to lead the workstream end-to-end.

This role is focused on delivery leadership, design governance, quality assurance, and audit-ready documentation. It is not a BAU security operations post and includes a structured handover at contract end.

What you'll do

• Lead the Roles & Authorisations workstream, owning outcomes across the programme
• Provide day-to-day direction to an offshore delivery team responsible for role build, documentation and test evidence
• Assess the current role model and access usage, identify key risks, and recommend rationalisation/standardisation
• Define a target access model across:
  
  • SAP S/4HANA Public Cloud
  • SuccessFactors EC/EC-P
  • SAP Analytics Cloud (SAC)
  • SAP Datasphere
• Ensure designs are persona-based, least-privilege by default, and support controlled approvals and auditability
• Drive the delivery backlog and prioritisation for role builds and access changes
• Support SIT/UAT readiness by ensuring users/roles are provisioned correctly and validated
• Run stakeholder workshops and present design decisions/exceptions through governance forums
• Collaborate with corporate IAM/Active Directory teams (joiner/mover/leaver, groups, SSO concepts) to align SAP roles with wider access controls

Key deliverables

• Workstream plan (milestones, dependencies, RAID)
• As-is access assessment and risk findings
• Target role design standards and naming conventions
• Role mapping Matrix (current target)
• Role catalogues across the platforms in scope
• Access validation approach and persona-based test scripts
• Evidence packs to support sign-off and audit readiness
• Structured handover into BAU/security operations

Experience we're looking for (essential)

• Proven delivery lead experience for SAP Roles & Authorisations on complex programmes
• Strong access model design experience for S/4HANA Public Cloud and connected SAP platforms
• Track record leading offshore-heavy delivery and assuring quality of outputs
• Strong stakeholder management and workshop facilitation skills
• Governance mindset: least privilege, documentation discipline, audit readiness
• Working knowledge of IAM/AD concepts sufficient to collaborate effectively (JML, groups, SSO)

Nice to have

• Experience in regulated environments/public sector
• Exposure to SoD processes/tooling (working with compliance/GRC)
• Experience using SAP Cloud ALM for traceability

Contract overview

• Inside IR35/PAYE
• Hybrid working (details shared at shortlist stage due to confidentiality)
• Rate: £655 per day (Inside IR35/PAYE)
• Start: ASAP, subject to BPSS screening
• Duration: until 30/06/2026 (current view)

If this aligns with your background, please share your CV and a short summary of your recent Roles & Authorisations delivery (platforms in scope, programme scale, offshore delivery model, and audit/governance approach).