The Architect II is responsible for providing end‑to‑end security architecture leadership for a major initiative, encompassing both SAP and non‑SAP systems within the project scope. This role serves as the primary security architecture owner for the project, ensuring that all solution components are designed, integrated, and delivered in a secure, compliant, and resilient manner.

The Architect II partners closely with project leadership, application teams, infrastructure teams, vendors, and security stakeholders to design and implement large-scale integrated solutions, with a strong emphasis on SAP environments while maintaining full responsibility for adjacent platforms, integrations, cloud services, infrastructure, and networks that support the project.

PRIMARY DUTIES AND RESPONSIBILITIES

Project‑Focused Architecture Ownership

• Acts as the dedicated security architect for an assigned project, responsible for security architectural decisions across SAP and non‑SAP components.
• Defines and maintains the end‑to‑end security architecture for the project, including applications, integrations, infrastructure, cloud services, identity, and security controls.
• Ensures architectural designs align with enterprise security standards while meeting project-specific functional, timeline, and delivery constraints.
• Serves as the primary point of accountability for security posture and technical risk within the project.

SAP & Non‑SAP Solution Design

• Reviews and governs SAP and non‑SAP architectures to ensure secure interoperability across the full solution landscape.
• Ensures consistent application of security principles across SAP modules, supporting systems, middleware, and enterprise platforms.

Security Architecture & Risk Management

• Identifies, documents, and manages project-specific security risks, threats, and architectural gaps impacting confidentiality, integrity, or availability.
• Performs security architecture reviews, threat modeling, and design assessments for all components within the project scope.
• Recommends and drives implementation of compensating controls and architectural changes to mitigate identified risks.
• Ensures the project complies with internal security policies, regulatory requirements, and applicable industry standards.

Infrastructure, Cloud & Network Security

• Reviews project-specific infrastructure and network architectures, including on‑prem, cloud, and hybrid environments.
• Ensures secure connectivity, segmentation, encryption, and network controls are implemented across SAP and non‑SAP systems.
• Partners with infrastructure and cloud teams to ensure project environments meet security, resiliency, performance, and availability requirements.

Identity, Access & Data Protection

• Ensures consistent and secure identity and access management across SAP and non‑SAP applications within the project.
• Ensures data protection requirements-classification, encryption, key management, and retention-are embedded into the project architecture.

Delivery, Implementation & Integration

• Works hands-on with project teams during design, build, and deployment phases to ensure architectures are implemented as designed.
• Supports resolution of security issues discovered during development, testing, and deployment.
• Assists with root-cause analysis of project-related security issues and recommends improvements to prevent recurrence.
• Supports automation of vulnerability scanning, configuration validation, and security monitoring for project systems.

Governance & Stakeholder Engagement

• Represents security interests in project governance forums, design reviews, and milestone checkpoints.
• Communicates security decisions, risks, and trade-offs clearly to project leadership, business stakeholders, and technical teams.
• Coordinates with enterprise architecture and security governance teams to ensure project alignment without impeding delivery.

Collaboration

• Collaborates with other domain architects (enterprise, cloud, data, network) as needed while retaining overall project security architecture ownership.

GENERAL SECURITY & IT ARCHITECTURE REQUIREMENTS (PROJECT SCOPE)

• Experience delivering end‑to‑end security and IT architecture for large projects or programs, not just advisory reviews.
• Strong understanding of solution architecture principles, including secure-by-design and defense-in-depth.
• Experience designing architectures across applications, infrastructure, cloud, networks, and integrations.
• Working knowledge of cloud security architectures (e.g., AWS or Azure) as they relate to project deployments.
• Familiarity with IAM, PAM, encryption, logging, and monitoring architectures within a project context.
• Ability to balance security, delivery timelines, and practical implementation constraints.
• Strong documentation, communication, and stakeholder management skills, with a focus on execution and delivery.

PREFERRED SAP SECURITY SKILLS AND TOOLS

• SAP S/4HANA and SAP S/4HANA RISE security infrastructure architecture and implementation experience.
• Experience in SAP GRC (Governance, Risk, and Compliance) for access control and risk management.
• Knowledge of SAP Fiori security and role-based access controls.
• Experience with SAP HANA database security, encryption, and secure configuration.
• Familiarity with SAP Cloud Platform and integration security best practices.
• Experience with SAP user provisioning, identity management, and authorization concepts.
• Knowledge of SAP security audit tools, vulnerability scanning, and automation solutions.

Impellam Group and its brands are equal-opportunity employers committed to diversity and inclusion. All qualified applicants will receive consideration without regard to race, color, religion, gender, sexual orientation, pregnancy or maternity, national origin, age, disability, veteran status, or any other factor determined to be unlawful under applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application, interview process, pre-employment activity, and the performance of crucial job functions.

If you require additional disability considerations, modifications, or adjustments please let us know by contacting HR-InfoImpellamNA@impellam.com or fill out this form to request accommodations.