Specialist Identity & Access Management - SAP Security and Controls

Main Responsibilities

Saviynt Access Automation Integrations

o Serve as a trusted authority on Saviynt IGA functionality, configuration, and enterprise integrations, providing guidance to technical and business stakeholders.

o Design and monitor high-quality integrations between Saviynt and systems including ServiceNow, Active Directory, SaaS and PaaS applications, and on-premise target systems.

o Configure, maintain, and enhance identity integrations between SaaS/PaaS applications and SAP Cloud Identity Services, ensuring secure and reliable data flows.

o Support user lifecycle management processes, including joiner, mover, and leaver (JML) workflows and automation.

o Saviynt Risk and Compliance capabilities, including Segregation of Duties (SoD) analysis, Critical Action monitoring, access certifications, and audit evidence generation.

o Direct and participate in unit testing, support end-to-end functional validation of integrations and automation workflows.

SAP Security

o Design, build, unit test, and deploy SAP roles, translating functional business requirements into security technical role designs.

o Demonstrate comprehensive knowledge of various SAP security role types and authorization concepts, such as:

o SAP Analytics Cloud

o SAP Business Technology Platform (BTP)

o SAP Cloud ALM

o SAP Cloud Identity Services

o SAP Datasphere

o SAP HANA Databases

o SAP Integrated Business Planning (IBP)

o Demonstrate a strong understanding user provisioning process in multiple SAP platforms and SaaS and PaaS applications.

o Troubleshoot access issues, analyze authorization failures, and resolve security conflicts.

o Possess hands-on experience with SAP Cloud Identity Services, including user authentication and user provisioning for SaaS and PaaS applications.

Communications, Collaboration and Support

o Collaborate closely with technical, functional, data, risk, and control teams across SAP and IAM initiatives.

o Communicate effectively with both technical and non-technical stakeholders, clearly explaining security concepts, design decisions, and recommendations.

o Manage incoming requirements, competing priorities, and deadlines using strong organizational and planning skills.

o Maintain current process documentation.

Experience

o Minimum 4 years of experience in Identity & Access Management, Application Security, IAM Integrations and SAP Cloud Identity Services

o Minimum 5 years of experience in SAP Application role design

o Experience with SAP Migrations (Brownfield) as well as RISE Migrations a plus

Education/Certification/Designation

o Bachelor's Degree in Computer Science, Information Systems, or an equivalent combination of education and relevant work experience.

Competencies

o Adapt to evolving requirements and unexpected challenges within a fast-paced SAP program environment.

o Communicates with impact across diverse audiences.

o Demonstrates accountability and ownership for deliverables.

o Results-oriented, with a strong focus on quality and timely delivery.

o Ability to manage multiple concurrent assignments of moderate complexity.

o Strong problem-solving skills, applying ingenuity and creativity.

o Detail-oriented with a strong quality mindset.

o Strong time management, prioritization, and organizational skills.

o Works effectively with limited supervision while demonstrating a sense of urgency.

o Demonstrates strong teamwork and collaboration skills, adapting communication style as needed.

Technical Skills/Knowledge

o Application security knowledge across SAP ABAP and Fiori, SAP Cloud Applications, SAP Cloud Identity Services, SAP HANA.

Strong functional and integration knowledge of Saviynt.

o Integration experience with ServiceNow, Active Directory and SSO platforms.

o Experience integrating SAP systems with third-party applications.

o Strong understanding of SOX requirements.

o Knowledge of IAM processes, including user lifecycle management, provisioning, deprovisioning, and recertification.

o Familiarity with IAM tools , and access governance principles.

About CN

CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada's Eastern and Western coasts with the Southern tip of the U.S. through a 19,500 miles rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN is committed to programs supporting social responsibility and environmental stewardship. At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.

About CN

CN is a premium railroad that sustainably generates value for our customers, shareholders, employees, and stakeholders with an unwavering commitment to safety and service. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. CN's network connects Canada's Eastern and Western coasts with the U.S. South through a 20,000-mile rail network. CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN powers the North American economy and is committed to programs supporting social responsibility and environmental stewardship.

At CN, we are dedicated to building North America's safest , most inclusive and sustainable railroad, which includes reflecting the communities in which we operate. Research shows that candidates often don't apply unless they feel they fit the job posting at 100%. To all potential applicants, even if you don't meet every job requirement listed in a posting, we still encourage you to apply. If you require an accommodation for the recruitment process (including alternate formats of materials, accessible meeting rooms or other accommodations), please get in touch with our team at cnrecruitment@cn.ca .

As an equal opportunity employer, qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, and other protected status as required by applicable law.

Please monitor your email on a regular basis as communication to applicants is done via email.

Client-provided location(s): Varennes, Canada

Job ID: CN-17016

Employment Type: OTHER

Posted: 2026-06-19T18:46:45