Lead Architect-SAP Security

Organization: Novo Nordisk Global Business Services (GBS)

Shape the security foundation of a global SAP landscape that supports life-saving medicines reaching millions of patients worldwide.

Your new role

As SAP Security Architect, you will be a key technical leader within our SAP Security function, responsible for defining and driving the SAP security architecture, standards, and governance across a complex, global, and regulated SAP landscape. This is an individual contributor and leadership role with significant scope, influence, and visibility as we continue our S/4HANA transformation journey and expand our SAP Business Technology Platform (BTP) footprint.

Your responsibilities will include:

• Defining and owning the SAP security architecture (on-prem and cloud), including target-state design, standards, reference architectures, and implementation roadmaps across S/4HANA, BW/HANA, HANA DB, Fiori, and BTP
• Leading the design and implementation of SAP authorisation concepts and role-based access control (RBAC) across end-to-end business processes including Finance, Supply Chain, Manufacturing, Quality, HR, BW, ATTP, and GBT
• Driving security-by-design across SAP programs including new implementations, rollouts, upgrades, and S/4HANA transformations
• Designing and implementing SAP BTP security models, including subaccount structure, role collections, XSUAA, and integration with enterprise identity providers
• Leading SAP security controls design and operationalization for internal and external audits including SOX/ITGC, GxP/CSV (Computerized System Validation), and other applicable control frameworks
• Driving Segregation of Duties (SoD) design and remediation, emergency access controls, and continuous control monitoring
• Presenting SAP security posture, risks, and roadmap to senior leadership and the CISO organisation

Your new department

In Enterprise IT & Quality, you will be part of a business area that drives impact across the full Novo Nordisk value chain. We strive to stay close to our stakeholders in the business to ensure we deliver on their needs, helping reach millions of people living with serious chronic diseases. Our focus is on being at the forefront within our three areas: ensuring the highest quality for patients, being a trusted tech leader and an environmentally responsible business.

You will join the SAP Emerging Tech and Authorizations team, responsible for SAP Security architecture and governance across our global SAP landscape. Our SAP environment supports critical business and GxP-regulated processes across Product Supply, R&D, Finance, and HR — making security excellence both a business and a compliance imperative. As we transform our technology landscape, your expertise will be instrumental in ensuring our systems remain secure, compliant, and fit for the future.

Your skills & qualifications

We’re looking for an SAP security expert who can combine deep technical knowledge with strategic thinking and stakeholder leadership. You’ll bring with you:

• 15–20 years of relevant SAP Security experience, including several full lifecycle implementations and global rollouts
• Deep hands-on expertise in SAP authorizations and security administration across key SAP modules (S/4, BW, ATTP, GBT) and business processes
• Strong experience with S/4HANA security, role redesign, and SAP Fiori/Gateway security (catalogs, groups, OData services, authentication patterns)
• Proven track record in SAP audit, security and compliance initiatives such as SoD remediation, SOX, and ITGC controls
• Demonstrated SAP cybersecurity experience including risk assessments, secure configuration, hardening, security logging/monitoring integration, and vulnerability remediation
• Experience designing SAP BTP security models and integrating with enterprise identity providers (IAS/IPS)
• Excellent communication skills with the ability to work with senior stakeholders and translate business requirements into secure, scalable access designs
• Bachelor’s degree in Engineering, Computer Science, or related field
• Fluency in written and spoken English

Nice to have: Consulting background (Big 4 experience highly desirable), SAP GRC Access Control experience, security certifications (CISSP, CISA, CISM, CRISC), experience in regulated GxP environments, and familiarity with SAP security vulnerability management tools (SecurityBridge, Onapsis).

Working at Novo Nordisk

Every day we seek the solutions that defeat serious chronic diseases. To do this, we approach our work with determination, constant curiosity and a commitment to finding better ways forward. For over 100 years, this dedication has driven us to build a company focused on lasting change for long-term health. One where diverse thinking, shared purpose and mutual respect come together to create extraordinary results. In this role, you’ll be at the forefront of our digital transformation, ensuring the security and integrity of systems that directly impact millions of patients globally. When you join us, you’re not just starting a job – you’re becoming part of a story that spans generations.

We commit to an inclusive recruitment process and equality of opportunity for all our job applicants.

At Novo Nordisk, we're not chasing quick fixes – we're creating lasting change for long-term health. For over 100 years, we've been driven by a single purpose: to defeat serious chronic diseases and help millions of people live healthier lives. This dedication fuels our constant curiosity and inspires us to push the boundaries of what's possible in healthcare. We embrace diverse perspectives, seek out bold ideas, and build partnerships rooted in shared purpose. Together, we're making healthcare more accessible, treating and preventing diseases, and pioneering solutions that create change spanning generations. When you join us, you become part of something bigger – a legacy of impact that reaches far beyond today.