• Design and implement SAP Identity Authentication Service (IAS) and Identity Provisioning Service (IPS) architectures • Integrate SAP BTP with corporate IdPs (Azure AD, Entra ID, AD, LDAP, SAML, OAuth2, OpenID Connect) • Configure Single Sign-On (SSO), MFA, Conditional Access, and Trust configurations • Manage user lifecycle, role mapping, and automated provisioning/de-provisioning across SAP systems • Implement and govern SAP Cloud Identity Services (CIS) best practices • Define security standards for BTP applications, APIs, AI services, and integrations • Conduct security reviews, risk assessments, and audits for SAP BTP landscapes • Secure AI-enabled SAP services (e.g., SAP AI Core, AI Launchpad, Joule) • Ensure secure access to APIs, data, and AI models using OAuth2, XSUAA, and service bindings

• AECOM is seeking a seasoned Cyber-Physical System (CPS) Security & Resiliency growth leader to establish and grow our Cyber-Physical System Security & Resiliency team. • This role builds the firm’s capability to help clients strengthen and modernize cyber-physical environments through integrated security, risk, and resilience strategies. • Establish the CPS Security & Resilience Team as a source of top and bottom-line growth within the Energy Practice. • Strengthen client confidence and executive trust in AECOM’s ability to manage modern infrastructure risk. • Establish a repeatable, scalable CPS capability that integrates with existing AECOM services. • Position AECOM as a trusted consultant on the convergence of infrastructure, automation, AI, and physical consequence. • Establish governance, risk, and resilience models for the integration of AI and advanced analytics into CPS/OT and CPS/IT environments, with explicit focus on physical consequence, system safety, and operational continuity.

• Establish the CPS Security & Resilience practice for the Power sector • Develop and execute go-to-market, recruitment, and top- and bottom-line growth strategies for the CPS Security & Resiliency workstream • Support strategic pursuits and key accounts from the cyber-physical resiliency lens, where CPS risk influences project outcomes or client confidence. • Engage client executives, boards, and regulators on system-level risk, resilience, and governance. • Act as a strategic partner to leadership on infrastructure resilience, reliability, and operational risk • Advise clients on cyber-physical risk and resiliency implications of AI-enabled grid modernization, automation, DER integration, advanced protection schemes, and digitally enabled control environments • Oversee and guide the development of reusable tools, templates, frameworks, and best practices for CPS Security & Resiliency Advisory & Enterprise Alignment • Partner closely with Advisory leadership to align CPS services with broader operational, digital, and risk advisory offerings • Coordinate with existing IT, OT, and cyber resources across AECOM to avoid duplication and fragmentation • Work closely with senior leadership to shape AECOM’s CPS Security & Resilience offerings and expand market presence • Lead project workstreams while teaching and mentoring junior staff • Support capture and proposal activities, including developing scopes of work, methodologies, and strategic content • Build and maintain strong client relationships to identify new opportunities and ensure successful delivery • Serve as a bridge between technical specialists and executive-level client discussions

• Establish the CPS Security & Resilience practice for the Power sector • Develop and execute go-to-market, recruitment, and top- and bottom-line growth strategies for the CPS Security & Resiliency workstream • Act as a strategic partner to leadership on infrastructure resilience, reliability, and operational risk • Oversee and guide the development of reusable tools, templates, frameworks, and best practices for CPS Security & Resiliency Advisory & Enterprise Alignment • Work closely with senior leadership to shape AECOM’s CPS Security & Resilience offerings and expand market presence • Lead project workstreams while teaching and mentoring junior staff • Serve as a bridge between technical specialists and executive-level client discussions