Job Posting SAP Business Technology Platform (BTP) Security Architect Manager

At JTI we celebrate differences and everyone truly belongs. 46000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.

To make a difference with us all you need to do is bring your human best.

What will your story be Apply now!

Learn more:

Please apply until January 30 2026

Department: D&IT

Location: Taguig City Philippines

Role: Permanent

SAP BusinessTechnology Platform (BTP) Security Architect Manager

In this role you will be designing and maintaining access model and governance related business processes based on information from stakeholders and identified needs. You will design and implement controls manage partners/vendors ensure stakeholders satisfaction and promote an information security culture driven by risk considerations.

We are seeking an SAP Business Technology Platform (BTP) Manager with deep specialization in Security Identity Management and Access Governance to join our Identity and Access Governance team. The ideal candidate will be responsible for defining implementing and maintaining secure access models across our SAP BTP (mainly) and rest of SAP cloud landscapes ensuring alignment with corporate compliance and SAP best practices.

You will collaborate closely with SAP Basis IT Security Functional (BTS) and Internal Controls teams to establish governance frameworks role-based permissions and integrations with SAP Cloud Identity Services.

As an SAP BTP Security Architect Manager you will be responsible for:

• BTP Security Architecture & Strategy:

  • design and maintain the BTP security architecture including subaccount structure trust configuration and connectivity to Identity Providers (IdPs).

  • define and document security standards and governance models for multi-tenant SAP cloud environments.

  • implement and optimize Identity Authentication (IAS) and Identity Provisioning (IPS) services.

• Access & Role Management:

  • design and maintain a sustainable BTP to facilitate maintenance of authorizations in the JTI SAP BTP landscape. (develop and maintain role-based access control (RBAC) and attribute-based access control (ABAC) model).

  • act as interface between the different stakeholders (Business IT Compliance/Legal teams) to ensure alignment on the access design and the implementation plan.

  • manage SAP Cloud security parameters and access including administrators developers and integration users.

  • coordinate with compliance teams to ensure adherence to SoD (Segregation of Duties) principles.

  • look for improvement opportunities via automation of internal processes or leveraging existing system functionality.

  • manage and transfer knowledge by designing training materials training SAP security staff and other stakeholders.

  • support integration with Identity and Access Management solutions (Identity IIQ/SailPoint preferred).

• Governance & Compliance:

  • define and implement SAP cloud security and Access Governance policies procedures and standards in alignment with enterprise IT security frameworks.

  • design and implement new controls ensuring SAP BTP and cloud systems remain available transactional integrity is guaranteed data sensitivity and confidentiality requirements are met and risks are considered.

  • support audit activities by providing documentation logs and risk assessments.

  • implement security monitoring and reporting using Security Bridge SAP Cloud ALM Audit Logs and Security Analytics tools.

• Integration & Automation:

  • integrate SAP BTP with SAP Identity Access Governance (IAG) SAP Cloud Identity and on-premises SAP systems (S/4HANA BW/4HANA etc.).

  • automate user lifecycle management and access provisioning through APIs and scripting.

  • collaborate with DevOps teams to embed security into CI/CD pipelines.

• Advisory & Enablement:

  • provide expert advice on BTP security topics to project teams and business stakeholders.

  • deliver training sessions and internal knowledge transfer on BTP access management.

Requirements:

• 5 years of experience in SAP Security and Identity Management.

• 3 years hands-on experience with SAP BTP (Neo & Cloud Foundry environments).

• Strong understanding of SAP Cloud Identity Services (IAS IPS) and SAP Identity Access Governance (IAG).

• Experience configuring trust relationships OAuth2 SAML and XSUAA authorizations.

• Knowledge onBTP cockpit administration subaccount hierarchy and entitlement management.

Are you ready to join us Build your success story at JTI. Apply now!

Next Steps:

After applying if selected please anticipate the following within 1-3 weeks of the job posting closure: Phone screening with Talent Advisor > Assessment tests > Interviews > Offer. Each step is eliminatory and may vary by role type.

At JTI we strive to create a diverse and inclusive work environment. As an equal-opportunity employer we welcome applicants from all backgrounds. If you need any specific support alternative formats or have other access requirements please let us know.