Description:
We are looking for a contractor, who is able to work at Spanish-European time. This position is long-term. Candidates need to be fluent in English.
Tasks and responsibilities:
- Design and propose solutions to secure cloud-based applications like a business app using SAP CAP model and Node.js; implementing authentication and authorizations from these applications;
- Propose secured designs & solutions for SAP cloud-based applications to consume APIs from external systems like corporate identity systems Azure AD, Azure AD B2C and BTP IAS utilizing destinations, connections, etc;
- Design and configure BTP IAS for authenticating internal and external users utilizing corporate identity providers like Azure AD, Azure AD B2C, etc;
- Design and implement IPS to sync application users with SAP BTP;
- Customize user flows and authentication processes to meet specific organizational needs. Implement necessary enhancements based on best practices and organizational feedback;
- Perform testing of the IAS/IPS setup, including performance testing, security testing, and user acceptance testing (UAT) of the implemented authentication/authorizations mechanisms;
- Prepare detailed documentation of the configurations and processes implemented. Conduct training sessions for internal IT teams and end-users to ensure effective use of the identity services;
- Periodically provide status updates and activity summaries to respective teams and/or team lead;
Profile:
- University degree in Business administration, Computer Science, Information systems management or related field;
- +5 years of IT experience;
- +3 years of experience designing and implementing secured applications utilizing SAP BTP cloud identity services. Experience to set up Trust Configuration (SAML or OIDC) & Cloud Identity Authentication in BTP platform level is critical;
- +3 years of hands-on experience with SAP Identity Authentication Service (IAS) and SAP Identity Provisioning Service (IPS) for managing user identities, authentication, and SSO;
- Experience integrating applications programmatically using authentication via APIs. Understanding and experience with SCIM REST APIs to manage users & groups; invite users etc;
- Strong understanding of security concepts in SAP BTP and its integration with other SAP and non-SAP systems and possess hands-on experience in securing applications on SAP BTP cloud foundry;
- Hands-on experience in configuring organization identity provider as the custom identity provider for external & internal users; configuring conditional authentication in IAS based on e-mail domain, user type or user group;
- Hands-on experience in configuring IPS to provision external users into ECC;
- Ability to design and implement secure authentication and authorization processes;
- Good understanding of SAP service layer, BTP configurations like Destinations, connectivity required in the development process;
- Basic knowledge of SAP BTP services like Work Zone, Business Application Studio & how they integrate with/via IAS;
- Strong understanding of general cloud security principles and experience with identity and access management (IAM) principles, SSO, MFA, and user provisioning;
- Fluent in English;