Our Calgary based client is seeking an experienced SAP S/4 HANA Cybersecurity Architect to join their project immediately for a 1 year contract, with possibility of an extension. This will be a fully remote work setting.

Key Responsibilities:

• Design comprehensive cyber security architecture for the S/4HANA landscape (including ERP, databases, interfaces, cloud infrastructure, and SAP BTP components). Produce reference architecture and security design patterns that address how all components interact securely, ensuring consistency across projects. This includes network zone segmentation, secure integration patterns, and data flow diagrams delineating trust boundaries.
• Embed Secure-By-Design in the Program: Work closely with SAP project teams from the planning phase onward to embed security into solution designs. Review project designs (extensions, integrations, migrations) and ensure they follow secure-by-design principles (least privilege, defense in depth, secure defaults, etc.). Influence solution architects and developers to make design choices that reduce risk (for example, using secure APIs, avoiding hard-coding secrets, etc.).
• Collaborate with GRC and audit teams to ensure that implemented architectures satisfy frameworks like SOX, TSA pipeline security directives, FERC standards, and applicable data privacy.
• Integrate S/4HANA and SAP Fiori with corporate Single Sign-On solutions using SAML 2.0 and/or OpenID Connect. Leverage Identity Provider (IdP) platforms like Okta or Azure AD to achieve central authentication (potentially using SAP Cloud Identity services as a bridge).
• Implement robust security architecture covering identity management, application security, data protection, cloud infrastructure, zero-trust, and compliance, enabling the S/4HANA implementation to proceed with minimized risk and aligned with industry best practices (e.g. NIST CSF, ISO 27001).
• The architect’s work will prevent the common risks of ERP cloud migrations (data breaches, compliance gaps, misconfigurations) by proactive design and oversight.
• Bridge the gap between the Company’s business strategy and secure technology solutions by crafting robust cybersecurity architectures and designing a transformation roadmap at the solution and enterprise level to ensure secure adoption of Cloud-based architecture.

• Bachelor’s degree in Computer Science.
• Security certifications like CISSP, CISM, or cloud security certs (CCSP, Azure Security Engineer, AWS Security Specialty) are highly desirable, as they indicate a solid foundation.
• Knowledge of industry controls and key regulatory bodies (e.g., CER, TSA, FERC, SOX)
• Experience with security assessments, penetration testing methodologies, and threat modelling.
• Experience in Zero Trust Architecture (ZTA), Identity and Access Management (IAM), encryption, and data protection.
• Knowledge of Cloud security, Hosted Services security, SaaS/PaaS security models, and Cloud-based security frameworks.
• Cloud Security Knowledge: Demonstrated experience securing solutions on cloud platforms (preferably Azure and AWS).
• Designing network security architectures (VPC/VNet, subnetting, NACLs/security groups, VPN/ExpressRoute connectivity).