Morton Salt is an iconic company with a strong heritage and a bright future. Since 1848, we have been improving lives and enhancing everyday moments – at home, at work and virtually everywhere in between. We help unlock the flavors in food, make roads and sidewalks safer, improve the water in baths, pools, and homes, and keep businesses and industries running. We are a dedicated team who constantly strives to do better together, and we are passionate about building a sustainable future for our company, the communities in which we operate, and the world around us. By joining our team, you will contribute to producing and delivering every form of salt that enhances everyday life.
Job Summary
The SAP Identity and Access Management Engineer will be responsible for the compliant design implementation and administration of our SAP Ecosystem. Creating and maintaining roles within both SAP On-premise systems and SAP Cloud environments, administering users in both SAP and non-SAP Systems. Designing and improving security and business processes to be compliant and efficient.
Duties and Responsibilities
- Support the existing Morton SAP on premise systems including ECC, HCM, SCM, BW and CRM, the existing Morton SAP Cloud systems including Identity Access Governance, Identity Services (IAS and IPS), Concur, Ariba, Commerce Cloud, C4C and BTP and the non-SAP systems that are part of the Morton Employee Identity lifecycle such as Microsoft Active Directory and Azure Entra ID.
- Design and implement secure SAP authorization roles based on the principle of least privilege.
- Maintain role documentation to ensure users, approvers and reviewers understand the access available.
- Regularly review and update roles to reflect changes in business processes and system functionality.
- Investigate and resolve user access issues related to authorizations and permissions.
- Work with application, process and functional owners and users to understand and address access request needs.
- Maintain clear documentation of user access issues and resolutions within our ticketing tools.
- Configure and manage SAP's integration with SSO solutions (Azure, SAP Secure Login Service, SAP Identity Authentication Service).
- Collaborate with Infrastructure teams and application owners to ensure seamless and secure SSO experience.
- Other duties as assigned.
Knowledge, Skills, and Abilities
- Bachelor's degree in Information Technology, Business Administration, Information Systems or a related field.
- Ability to communicate and articulate effectively, both orally and in writing, to present complex concepts and ideas to IT development teams and business counterparts.
- Strong analytical and problem-solving skills to effectively identify and resolves issues.
- Ability to manage multiple conflicting priorities in a professional manner, good planning and organizing skills
- Ability to interact with business users, technical teas and third parties.
- Working in distributed team environments, initiative-taking, and self-directed
- Required:
- Deep knowledge of SAP Security and Role Design principles including Master-Derived roles, Composite roles, Business Role Concept, authorization objects and system traces.
- Experience in supporting designing new roles based on business requirements or redesigning existing roles based on updated requirements.
- Experience in remediating segregation of duties conflicts via role design changes
- Experience in leading and coordinating projects with various stakeholders and priorities in order to design, build and deploy security solutions to the enterprise
- Demonstrated experience with large Enterprise ERP implementations in the areas of technical design specification, development, testing, deployment and support.
- Experience using Microsoft Office products, including Outlook, Excel, PowerPoint, Visio.
- Travel, domestic and international, up to 25%
- Advantageous:
- Speaking / Writing in Spanish and French are desirable.
- Hands on experience with SAP Identity Access Governance or Cloud Identity Services
- Knowledge of SAP Datawarehouse tools BW, DataSphere, SAP Analytic Cloud (SAC) is a plus.
- Familiarity with S4/HANA architecture, features, and migration strategies.
- Working knowledge of Single Sign on authentication methods such as SAML2.0 and OAuth
At Morton Salt, we work best when we work as a team, when we treat one another with dignity and respect, and value the unique contributions of others. We are committed to equal employment opportunity and prohibit discrimination and harassment based on race, national origin, sex, religion, color, disability, marital status, protected veteran status, sexual orientation, gender identity, gender expression, genetic information, citizenship, or any other characteristic protected by law.