Sahil Sachdeva

• Lead end-to-end SAP BTP security implementation, ensuring compliance with enterprise security standards, and regulatory requirements.
• Configure and administer Identity Authentication Service (IAS) and Authorization and Policy Service (APS) for secure user and group provisioning.
• Implement Joule and SAP Landscape Services (SLS) to enable secure, scalable, and resilient identity landscapes.
  Design and enforce role-based access control (RBAC), segregation of duties (SoD), and least-privilege principles across BTP subaccounts.
• Integrate SAP BTP with external identity providers (IdPs), including Calm/Okta SSO and Microsoft Entra ID (Azure AD), for seamless single sign-on (SSO).
• Develop and maintain trust configurations, OAuth2/SAML flows, and token-based authentication for cross-platform applications.
• Conduct security audits, penetration testing, and compliance validation to ensure adherence to GDPR, ISO, and enterprise policies.
• Establish monitoring and alerting mechanisms for suspicious activity, failed logins, and provisioning errors.
• Collaborate with architecture teams to design secure connectivity patterns between BTP services, on-premise systems, and cloud applications.
• Document security implementation guides, reusable templates, and troubleshooting playbooks for operational teams.
• Provide stakeholder-ready communication on risks, mitigations, and compliance posture.
• Drive continuous improvement initiatives in identity lifecycle management, automation, and provisioning flows.
• Monitoring and Logging: Enable audit logs, alerting, and monitoring dashboards for suspicious activity, failed authentications, and integration errors.
• Subaccount Deployment Strategy: Define landscape design (Dev, Test, Prod subaccounts), enforce segregation of environments, and implement transport management with security validations.
• Act as a trusted advisor to customers, helping them understand the Cloud Platform Enterprise Agreement (CPEA) licensing model, and how it aligns with their business and technical objectives.
• Provide direction and mentorship to integration developers, ensuring alignment with SAP BTP security and compliance standards.
• Successfully handled and delivered solutions for more than 10 clients within the last year, ensuring secure SAP BTP deployments, compliance with enterprise standards, and seamless integration with identity providers.

Project Details: IM_CA Infrastructure

Client Description: Krones offers lines for the beverage industry and food producers: process technology, filling technology, packaging machines, all the way through to IT solutions.

Responsibilities:

• Managing the Team of Developers and Integration experts who are working on BTP with the Stack of UI5,CAPm,NodeJs,Xsjs, MTA applications.
• Setup Global Account in BTP.
• Setting up Cloud Foundry & NEO environment setup. Configuring Entitlement(Service Assignment), Space.
• Maintaining Subaccounts in BTP Cockpit.
• User Administration in BTP.
• Role Creation In BTP.
• API Management Setup.
• CI/CD pipeline Maintenance.
• HANA Cloud Administration. HDI Administration
• Setting Up of HANA DB roles
• Configuration of IAS
• Setting up SAML trust between BTP and IAS
• Provision user in IPS
• Connecting various projects via IAS System.
• Setting up ARIBA Security, Roles,Config of EPD/PLM in BTP subaccounts
• Migration of Neo to CF
• Setting up Integration Suite
• Setting up connection in CLoud Connector
• Enable Now Security Setup related to user and roles.
• S4HANA Public cloud Setup for 3 tier Architecture.
• Setting up SAP Cloud ALM to leverage it into Public Cloud.
• Setting Up CBC and its Scopes.
• Setting Up SAP Graph For POC which leverages onpremise ODATA via API.
• Setting up SSO for BTP and other cloud applications via the SAP IAS via SAML or OPENID Trust.
• Setting up automatic role assignment via XSuaa API calls via Identity Provisioning.
• Leveraging Role Design Principles provided by SAP to Design roles and Authorization in Different cloud solutions.
• Setting Up Build WorkZone and the SPACES and PAges for MTA and UI5 Apps.

Project Details: ATLAS RUN Swiss Re, Zurich, Switzerland

Client Description: The Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer. Its global client base consists of insurance companies, mid-to-large-sized corporations and public sector clients. Head quarter of Swiss Re is in Switzerland.

Responsibilities:

• Setting Up of HANA DB roles
• Configuration of IAS
• Setting up SAML trust between BTP and IAS
• Provision user in IPS
• Connecting various projects via IAS System.
• Setting up ARIBA Security, Roles,Config of EPD/PLM in BTP subaccounts
• Setting up Global Accounts
• Setting up Directories for Projects in BTP
• Migration of Neo to CF
• Setting up Integration Suite
• Setting up connection in CLoud Connector

Project Details: Toyota CANADA

Client Description-Toyota Canada Inc. (TCI) is the distributor of Toyota and Lexus sedans, coupes, sport utility vehicles (SUVs), and trucks in Canada. TCI's head office is located in Toronto, Ontario. It has regional offices located in Vancouver, Calgary, Montreal, and Halifax and parts distribution centres in Toronto and Vancouver.

Responsibilities:

• Reduced time-to-market for new features by utilizing DevOps practices in the software development lifecycle.
• Developed scalable, high-performance applications to support business growth and improve user experience.
• Established best practices for coding standards within the team, resulting in more consistent code quality across projects.
• Provided technical expertise during project planning stages, contributing valuable input on technology selection and implementation strategies.
• Helped creating Multiple apps for the business running in CANADA.
• Creation of Application roles in SAP CLOUD PLATFORM/CLOUD FOUNDARY/NEO & SAP BTP.
• Creation of audit policies in HANA 1.0,HANA 2.0.
• Creating runtime role in HDB container.
• Code commit in GIT/AZURE DEVOPS.-Managing security access on Azure DEVOPS(VSTS or Git code).
• Creation of synonym for use in XSA to access classical db Schema.
• Organization-Space creation, service creation, role assignment of SPACES.
• Creation of API's in API Management in Neo & cloud foundry.
• Cloud Connector setup.

Project Details: ATLAS Swiss Re, Zurich, Switzerland(Onsite)

Client Description: The Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer. Its global client base consists of insurance companies, mid-to-large-sized corporations and public sector clients. Head quarter of Swiss Re is in Switzerland.

Responsibilities:

• Implemented extended app advanced version of HANA along with the ABAP GIT and Azure DevOps.
• Creation of Application roles in XS-Advanced and XSA Cockpit & Cockpit 2.0.
• Creation of audit policies in HANA 1.0,HANA 2.0 ,XSA (SYSTEM DB) User creation from System db or directly in XSA Cockpit & XS- Advanced.
• Creating design time roles in HANA development workbench. Creating runtime role in HDB container.
• Code commit in GIT.
• Managing security access on Azure devops(VSTS or Git code) POC on ABAP GIT for transport the ABAP code.
• Guiding developers to use HANA modelling via Webide instead of using HANA studio.
• Creation of synonym for use in XSA to access classical db Schema.
• Integration with SERVICE-NOW.
• Organization-Space creation, service creation, role assignment of SPACES

Project Details: ATLAS Swiss Re, Zurich, Switzerland

Client Description: The Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer. Its global client base consists of insurance companies, mid-to-large-sized corporations and public sector clients. Head quarter of Swiss Re is in Switzerland.

Responsibilities:

• Worked on SAP User Administration.
• Assigning roles to the new users for S4/HANA, BW and HANA.
• Creation of Application roles in XSA and XSA Cockpit & Cockpit 2.0. Working on HANA with MDBC concept. End user Support for HANA cloud applications. Creation of audit policies in HANA 1.0,HANA 2.0 ,XSA.
• Handled tickets for assisting users with access problems, locked users, resetting

Project : Project Details: Service Operation & Reporting (SORT) Swiss Re, Zurich, Switzerland

Responsibilities:

• Handled tickets for assisting users with access problems, locked users, resetting passwords, role modifications, creating OSS ID. Part of the Security team in interacting with functional teams to set and resolve the authorization object level data and problems in various modules (FI/CO, HANA, BW)·
• Using XITING and PFCG, managed roles - derived single/composite roles, authorization objects/ fields·
• Troubleshooting authorization problems by analyzing user trace (ST01) and authority check (SU53) ·
• Worked on documenting all the critical accesses and authorizations for audit purpose.
• Creating HANA DB roles, analytical privileges. Defining Audit policies & created queries to monitor the same. Monitoring and Developing BW HANA Authorization with traction like RS2HANA_CHECK, RS2HANA_VIEW, RS2HANA_ADMIN Schema mapping in HANA. Creating roles and spaces in HANA cloud and WEBIDE/XSA