SAP IDM / IAM Support Lead (L2/L3) – SAP Security & HANA

Location: St. Paul/Maplewood, MN (Hybrid – 3 to 4 days onsite)

Job Summary

We are seeking an experienced SAP Identity Management (IdM) Support Lead with 10–14 years of experience to lead end?to?end L2 and L3 IAM support operations and architect secure, scalable identity lifecycle solutions across SAP and enterprise platforms.

This role is hands?on and operational, with responsibility for identity governance, system integrations, access controls, and regulatory compliance across complex SAP landscapes. The position operates in a hybrid work model, day shift, with no travel required.

Experience

• 10–14 years of experience in SAP Identity Management / IAM / SAP Security

• Proven leadership of L2 & L3 production support environments

Required Skills (Top Priority)

• SAP Identity Management (IdM) – Administration & Support

• SAP Security (including SAP HANA Security)

• Identity Lifecycle Management (Provisioning, De?provisioning, Access Recertification)

Additional Required Technical Skills

• SAP IDM repository, dispatcher, and runtime engine configuration

• SAP HANA Security (roles, privileges, users, authorization concepts)

• SAP ECC, S/4HANA, EWM, TM, SAP Gateway integrations

• LDAP / Active Directory integration

• HR?driven provisioning workflows

• Single Sign?On (SSO): SAML 2.0, OAuth

• API and connector?based integrations

• SAP GRC and third?party system integrations (e.g., Salesforce, Vendavo)

Key Responsibilities:

IAM Support & Operations

• Lead end?to?end L2 and L3 support for SAP Identity Management platforms.

• Troubleshoot and resolve complex IAM production issues, ensuring high system availability and performance.

• Manage incident, problem, and change activities related to identity and access systems.

Identity Architecture & Lifecycle Management

• Architect and maintain identity lifecycle workflows, including:

? User provisioning and de?provisioning

? Role assignments and access requests

? Access reviews and recertification campaigns

• Design and enforce identity governance frameworks, including Segregation of Duties (SoD) policies.

System Integration & Administration

• Integrate SAP IdM with SAP and non?SAP systems using connectors and APIs.

• Administer IDM repositories, runtime engines, dispatchers, and connected identity stores.

• Configure and maintain LDAP / Active Directory and downstream application integrations.

• Manage and support SSO solutions using SAML 2.0 and OAuth standards.

Security, Compliance & Governance

• Ensure IAM solutions comply with regulatory and audit requirements including SOX, GDPR, HIPAA, and ISO 27001.

• Conduct periodic access reviews, privilege audits, and recertification campaigns.

• Partner with internal audit, risk, and compliance teams to support audits and remediation efforts.

Documentation & Knowledge Management

• Develop and maintain:

? Functional and technical specifications

? Process flows

? Operational runbooks and SOPs

• Ensure documentation supports knowledge transfer and operational continuity.

Certifications (Preferred / Required)

• SAP Certified Technology Associate – SAP Identity Management

• CISSP (Certified Information Systems Security Professiona