Job title: SAP Security & Authorisations Analyst

Salary: TFL Band 3
Location: Pier Walk, North Greenwich
Contract Type: Permanent

Overview of project/role 

The Senior Application Engineer will be accountable for the provision of Level 2 (and where appropriate Level 3) service for TfL's environments (business critical services for TfL e.g. asset management, ERP, commercial off the shelf, in-house developed software, transport maintenance and planning systems, online services etc), ensuring that all services are delivered to the agreed standards, quality and performance. Out of Hours support, support of weekend or out of hours maintenance or release activities will be required for certain applications 

To provide Subject Matter Expertise and ensure that the overall technical architecture is sound, verified and validated against business requirements and alignment with TfL’s IS / IT strategy and enterprise architecture. Provisioning of technical security and authorisations support across the highly complex and technical SAP estate in order to mitigate any risk to the business, loss of service availability, consequential loss of revenue associated with security flaws, issues or breaches.

Key Accountabilities  

1. Responsible for executing support activities to enable fault resolution within the agreed SLAs to ensure the restoration of the services within the team’s portfolio
2. Responsible for developing and delivering recommendations to resolve critical defects and manage wider implications of system faults to ensure the restoration/improvement of the service
3. Assisting in recommending service and process improvements to ensure effective handling and correction of defects in the TfL environments
4. Accountable for resolving incidents and fulfilling Service Requests within SLA targets, which are assigned to themselves, or ensuring they are moved to the correct resolver team
5. Escalating service incidents to a higher severity when appropriate to ensure the on-going security and safety of TfL’s business operation and delivery of service within SLAs
6. Responsible for Technical Knowledge Management, peer to peer training and knowledge handover to Application Engineers.
7. Accountable for assisting Projects and other technical teams to deliver new services / update existing services in their portfolio

Knowledge  

• Preferable: Extensive Industry experience in an Application Support environment
• Working knowledge of ITIL V3 Service Management
• Knowledge of current/emerging technologies and processes employed in Enterprise Wide IT services
• Knowledge of two or more of the following
• Enterprise Resource Planning, Asset Management Systems, Revenue Collection, Document Management, Real-Time Information Systems, Forms Platforms, Operational Support, Reporting, Monitoring Applications, ITSM Toolsets and integration technologies/systems.
• Knowledge of agile project management methodologies.
• Working knowledge of solutions development methodologies.

Skills 

• Excellent oral and written communication skills at a business and technical level.
• Highly skilled at solving and communicating complex problems
• Communicates clearly and is skilled at adapting their communication style to meet the needs of the audience.
• Relevant Business Application technical support skills

Technical:

• The application of security roles, design build and support within an SAP implementation
• Competent in SAP Security and Authorisations (Technical and Analysis)
• SAP Application Experience across SD, MM, PP, WM, QM FICO, BW
• Expert in Governance Risk & Compliance (GRC)
• Comprehensive SAP security and user administration technical experience;
• Decision making experience in security and authorisations;
• Experience using security and authorisation transactions including SU01, SU10, SUIM, SU53, PFCG, and SU24
• Comprehensive SAP license experience
• Central User Administration (CUA) transactions, SCUA, SCUL, SCUM
• Role Administration, to include composite and derived roles
• HR authorisations and structural profiles
• Strong understanding of SAP security and authorisations interaction between the mySAP ERP suite of applications
• SuccessFactors
• Ariba
• Cloud applications, IAS,IAG, IPS

Experience 

• Demonstrable experience of working in a complex multi site environment dealing with business applications and real time implementation systems.
• Proven track record of working within a support or operations environment.
• Well developed experience of issues and incident management and working within agreed SLAs.

Equality, diversity and inclusion 

We are committed to equality, diversity and inclusion. We want to represent the city we serve, which will help us become a more innovative and efficient organisation. Our goal is to make our recruitment as inclusive as possible. We are a disability confident employer who guarantee an interview to any disabled candidate who meets all of the essential criteria. We also use anonymising software that removes identifying information from CVs and cover letters to make the process fair.

Application Process  

• Please apply using your CV. Word format preferred and do not include any photographs or images 

The closing date for applications is 1/2/2026 @ 23:59 

Benefits

 
In return for your commitment and expertise, you will enjoy excellent benefits and scope to grow.  Rewards vary according to the business area but mostly include: 

• Final salary pension scheme  
• Free travel for you on the TfL network  
• A 75% discount on National Rail Season Ticket and interest free loan  
• 30 days annual leave plus public and bank holidays 
• Private healthcare discounted scheme (optional)  
• Tax-efficient cycle-to-work programme 
• Retail, health, leisure and travel offers  
• Discounted Eurostar travel 

EV Salary Sacrifice Scheme