Hiring.fm
TeliaCompany

SAP Roles & Authorizations Expert

Vilnius Full time

Hiring: SAP Roles & Authorizations expert (Access management)

We’re looking for a SAP Roles & Authorizations expert to join us at Telia!

I am Olegas Matiušovas, Hiring Manager, and I am leading SAP Platform Services team of Telia Group IT.  I am looking for strengthening our SAP Platforms technical team and bringing in SAP Roles & Authorizations expert to help us out with all the exciting work we do! If you have experience managing SAP ABAP roles and authorizations or SAP BTPEA IAM hands-on practice – we need you.

This role will be responsible for end‑to‑end ownership of SAP security, roles and authorisations, and access management across on‑premise and cloud SAP landscapes, including SAP BTP (BTPEA), ensuring secure, compliant, and efficient user access through strong governance, identity integration, and expert support of operations, projects, and audits.

SAP Roles & Authorizations expert role have to ensure robust and scalable access governance across the SAP landscape by defining and enforcing secure role designs, managing privileged and standard access, integrating cloud and on‑premise identity solutions (including SAP BTP), and maintaining compliance with security, audit, and segregation‑of‑duties requirements while supporting business operations across the Nordic countries (Sweden, Finland, Norway and Denmark).

The role will require close collaboration with Solution Architects, Product Owners, functional SAP teams, security, integration teams, and external partners, as well as coordination with the IT Service Manager for the relevant responsibility area.

What you’ll do

  • Own the design, implementation, and continuous optimisation of SAP roles and authorisation concepts across on‑premise and cloud SAP systems (e.g. S/4HANA, BW, BTP, CloudALM).
  • Build and maintain complex PFCG roles (single, composite, derived), authorisation objects, and role hierarchies aligned with business and security requirements.
  • Manage end‑to‑end user lifecycle processes: provisioning, de‑provisioning, role assignments, privileged access, and periodic access reviews.
  • Act as the primary escalation point for complex authorisation issues and critical access‑related incidents.
  • Lead SAP security governance activities, including Segregation of Duties (SoD), risk analysis, remediation, and preventive controls.
  • Configure and operate SAP GRC Access Control (or equivalent), including access request workflows, firefighter / emergency access management, and reporting.
  • Support internal and external audits by preparing evidence, explaining SAP security controls, and driving remediation actions.
  • Ensure compliance with internal security policies, regulatory requirements, and industry standards.
  • Design and support SAP cloud identity and access integrations (e.g. SAP IAS/IPS, Azure AD, SSO, user synchronization).
  • Ensure consistent access and security controls across hybrid SAP landscapes.
  • Collaborate with IAM and cybersecurity teams on enterprise identity strategies and security improvements.
  • Handle day‑to‑day access‑related incidents and service requests in line with agreed OLAs, including root cause analysis and documentation.
  • Actively support SAP projects and enhancements, including role redesign, security architecture input, UT/SIT/UAT support, and go‑live stabilisation.
  • Drive continuous improvement of SAP security, access management, and governance processes.
  • Define standards, best practices, and documentation for SAP roles and security.
  • Mentor junior team members and act as an SAP security thought leader within the organisation.
  • Work according to ITIL practices, SAP security standards, and agile delivery frameworks (e.g. SAFe), using tools such as ServiceNow and JIRA.

What will help you thrive in this role

  • 5+ years of hands‑on experience in SAP Security, Roles & Authorisations, and Access Management.
  • Expert‑level knowledge of SAP authorisation concepts and role design methodologies.
  • Strong experience across both SAP on‑premise systems and SAP cloud solutions.
  • Deep practical experience with SAP GRC Access Control (or similar tools), including SoD analysis and firefighter processes.
  • Hands‑on experience with SAP BTP (BTPEA – SAP BTP Enterprise Agreement) access management, including user and role administration across global subaccounts and environments.
  • Experience with identity and access management integrations (SSO, Azure AD, SAP IAS/IPS).
  • Strong analytical and problem‑solving skills with a security‑first, risk‑aware mindset.
  • Excellent communication skills, able to explain complex security topics to technical teams, auditors, and business stakeholders.
  • Ability to work independently, take ownership, and influence decisions at senior stakeholder level.
  • Fluent in English (written and spoken).
  • Willingness to participate in on‑call duty (24/7 service coverage) and support business‑critical incidents outside regular working hours when required.

Join us to shape smarter living for people, businesses, and the planet

At Telia, we’re a team of 15 000 colleagues across the Nordics and Baltics, passionate about technology and connectivity. As a Top Employer and Sustainability Leader, we drive change with large-scale, impactful projects while building a sustainable, inclusive world.

Here, you can grow your skills, lead meaningful projects, and thrive in a supportive, diverse environment. Whether you’re taking your first step or your next, Telia is a place to grow, belong, and make a real impact.

What we offer

At Telia, we care about your well-being, growth, and sense of belonging:

  • Additional health insurance and pension plans
  • Workation: work from anywhere in the EU for up to 30 days per year
  • Extra vacation days based on tenure (up to 5 additional days)
  • Discounts on Telia services, including free home internet
  • Partner offers and discounts (SPA, cafes, events)
  • Telia Kids Club: summer camps for employees’ children
  • Company-supported sports activities (yoga, basketball, running)
  • Free on-site charging stations for electric vehicles – available for both work-related and personal use and more.

Monthly salary range for this position - 4300 - 6400 Eur (gross) + annual performance bonuses. Although it may vary depending on your skills and experience.

Ready to make better happen?

We look forward to receiving your application by April 4, 2026. Please note that we might close the position earlier if we find the right candidate, so don’t wait too long to apply!

If you’re selected for the next stage, you’ll be contacted by our Hiring Manager.  Background and reference checks will be part of the process.

Want to know more about this role? Please reach out to Olegas Matiušovas at olegas.matiusovas@teliacompany.com

Equal opportunities

At Telia, we recognize talent by professional skills and growth potential. We champion diversity, ensuring every individual’s needs are met, regardless of disability, gender, age, nationality, sexual orientation, or social status. Together, we’re dedicated to fostering an inclusive work environment where your uniqueness is our strength.

Join us and let’s make better happen - together!

More about our culture: www.telia.lt/karjera

Related Jobs

Personal Carer

UnitingCareQld
Noosa Community Care
Part time

Salesforce Technical Architect

Salesforce
India - Hyderabad
Full time

Collision Body Shop Estimator

Hendrick Automotive Group
Gwinnett Place Honda Collision Center
Full time

Caregiver Personal Care Aide PCA

Elara
Buda, TX - General Area
Part time

Personal Carer Domestic

UnitingCareQld
Cooroy
Part time

Beverage Delivery Specialist (CDL Required) – Great Falls, MT

Admiral Beverage
Great Falls
Full time