SAP Security Lead

About BridgeBio

BridgeBio is a biopharmaceutical company founded to discover, create, test, and deliver transformative medicines to treat patients who suffer from genetic diseases and cancers with clear genetic drivers. We bridge the gap between remarkable advancements in genetic science in academic institutions and the delivery of meaningful medicines to patients.

Founded in 2015, the company has built a portfolio of 20+ drug development programs ranging from preclinical to late-stage development in multiple therapeutic areas including genetic dermatology, precision oncology, cardiology, endocrinology, neurology, pulmonology, and renal disease, with two approved drugs.

Our focus on scientific excellence and rapid execution aims to translate today’s discoveries into tomorrow’s medicines. We have U.S. offices in San Francisco, Palo Alto, and Raleigh, with small satellites in other parts of the country. We also have international offices in Montreal, Canada, and Zurich, Switzerland, and are expanding across Europe.

Who You Are

We are actively seeking a seasoned SAP Security Lead to architect and manage the security framework for our SAP S/4HANA Private Cloud Edition, Fiori, Business Technology Platform (BTP), and Cloud Identity Access Governance (IAG). As part of our RISE with SAP journey, this role is central to driving security strategy, governance, and compliance to ensure our SAP environment remains secure, scalable, and aligned with industry best practices.

Experience in a GxP-validated environment is essential to meet the compliance and security requirements across our SAP ecosystem. In this role, you will have the opportunity to make a direct impact on BridgeBio’s secure digital foundation, supporting innovations in genetic medicine and patient safety.

Responsibilities

Access Control and Advanced User Management:

• Design and oversee the SAP authorization framework, emphasizing role-based access control, user and role types, and roles/activity groups across SAP S/4HANA Private Cloud, Fiori, BTP, and Cloud IAG.
• Advise and manage SAP Identity and Access Control and integration with overall IAM & SSO architecture.
• Apply advanced knowledge of SAP’s private cloud security model to manage user administration, ensuring appropriate levels of access while adhering to segregation of duties (SoD) standards.
• Collaborate with SAP and third-party vendors to ensure user access configurations align with SAP’s best practices for Private Cloud Edition and are optimized for a cloud-based environment.

Compliance and Regulatory Adherence (GxP Validated Environment):

• Define, implement and maintain SAP security policies and procedures to support compliance with SOX, GxP, GDPR, and life sciences industry standards.
• Develop metrics and dashboards, reporting on the effectiveness of policies, procedures and controls for all SAP Security platforms.
• Use SAP tools for access control, risk analysis, and remediation (RAR), applying SoD mitigation strategies specific to private cloud deployment.
• Ensure audit readiness and establish protocols for continuous access review and regulatory compliance specific to SAP’s Private Cloud Edition.

Security Architecture and Solution Design in Private Cloud:

• Serve as a security solution architect, defining SAP security strategies for a private cloud environment.
• Assess and address security risks specific to SAP’s Private Cloud Edition, implementing scalable solutions that adhere to cloud security principles.
• Work closely with cloud operations teams to ensure secure configurations and compliance within the SAP private cloud infrastructure.

Project Leadership and Security Governance:

• Lead SAP security tasks across full lifecycle projects, ensuring projects meet both security and compliance needs in a validated environment.
• Establish governance processes for role-based access control and SAP’s Cloud IAG.
• Partner with project teams and consultants to embed SAP security standards in new implementations and upgrades.

Risk Management and Incident Response:

• Implement a risk management framework for SAP private cloud security, identifying potential threats and defining response strategies.
• Serve as the escalation point for SAP security incidents, conducting root-cause analysis and coordinating remediation.
• Actively monitor SAP security alerts and vulnerabilities, enhancing incident response processes tailored to cloud-based SAP architecture.

Cross-functional Collaboration and Influence:

• Foster a security-first culture by engaging with cross-functional teams and embedding security best practices into daily operations.
• Act as a trusted advisor to business and IT stakeholders on SAP security compliance in a cloud-based environment.

Education, Experience & Skills Requirements

• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• 8+ years of experience in SAP Security, with a strong background in S/4HANA Private Cloud Edition, Fiori, BTP, and Cloud IAG.
• Experienced in SAP GRC (Access Control and Process Control) design and implementation for Security.
• In-depth knowledge of SAP’s authorization concepts and security policies.
• Demonstrated capability to serve as a security solution architect, defining cloud security solutions.

Preferred Skills:

• SAP Security certifications in S/4HANA Private Cloud, Fiori, and BTP.
• Experience with life sciences or pharmaceutical industry regulatory frameworks and security standards.

What We Offer

• Patient Days to hear from individuals living with the conditions we are seeking to impact.
• A culture inspired by our values: put patients first, think independently, be radically transparent, every minute counts, and let the science speak.
• A de-centralized model that enables our program teams to focus on advancing science and helping patients.
• A collaborative, fast-paced, data-driven environment.