SUMMARY:

• SAP Security - SAP R/3 4.0, 4.6B, 4.7 (100/200/Enterprise), ECC 6.0, eXchange Infrastructure (XI/PI), NetWeaver Portal 6.0/7.0-7.3, SRM 4.0/7.0, MDM, SCM 4.0/5.0, CRM 4.0/7.0, BW/BI 2.0/3.1/3.5/7.0, Business Objects, Biller Direct, Vistex, BizRights Approva, SuccessFactors, Virsa 2.0/4.0, GRC 5.0/5.3/10.1, IdM, BPC, GTS and NWDI implementations including up to 173 countries and 400,000+ users, with various SSO strategies,
• Strong organizational, interpersonal and achievement skills
• Corporate, Federal, Municipal and Department of Defense clients
• Acute learning and analytical abilities, including strong intellectual pursuit
• Constant awareness of systems and personnel efficiency
• Experience with large variety of software-all Microsoft products (including Active Directory and Exchange server), Crystal Reports, Netware, Infinium, Infra, Lotus Notes, SQL, Symantec, WinRunner, Rev-Trac, RightFax, IBM WebSphere, Tivoli, Sabrix, Sybase, Vendavo, Test Director and HP Quality Center
• 16+ years in 24 implementations, including - AA, AP, AM, AR, BPC, EC-CS, FI-CO, GL, GTS, HCM (all sub-modules), IdM, LO, MM, PP, PS, SD, WMS, XI|PI, Solution Manager, SCM, SRM, CRM, Web Channel, Interaction Center, Web UI, Biller Direct, Portal/Java Security, GRC (Access Controls/SPM, RAR, CUP, ERM/ Compliance Calibrator, Access Enforcer, Role Expert and Firefighter ) and post implementation administration, maintenance and Audit
• Blueprint, Design and development of enterprise Security structure-Role design and creation, Organizational Structure analysis, Org Unit/Job/Position/User based architectures, Structural (PD) Authorizations, Analysis Authorizations, policies and procedures
• Profile Generator (PFCG) experience, creating Roles and Authorization Objects and SU 24 detailed troubleshooting
• Security using hundreds of various security objects, including Profit and Cost Centers, Document Types, Organization Units, Sales Organizations, Channels, Company Codes, Business Partners, etc.
• Architect and designer of enterprise-level BW Reporting and Query structure, including Roles
• Analysis of ABAP code for effective usage and insertion of authorization checks, implicit and explicit user exits (SE37, SE38, SE80). eCATT design and execution for automated ID creation for Table Loads of 15,000+ entries error free
• Single Sign-On (SSO) - strategy, design and implementation
• Central User Administrator (CUA)-setup and maintenance of up to 25 instances and up to 53 clients, including RFC troubleshooting
• STMS (Transport System) proficiency, including transport strategy
• Assistance for Functional Teams in planning and executing Functional implementation Organizational Structure analysis, Job-based architecture, policies and procedures
• Designed and implemented Segregation of Duties, SOX and Audit processes and procedures
• Initiated, directed and designed creation of Custom Tables, procedures and programs for Help Desk and HR
• Trained Auditors and Help Desk staff in 10 countries on 5 continents
• Managing, training and teaming with offshore SAP Security/Basis/ABAP/Functional resources in 15 countries on 5 continents
• Developed and implemented enterprise-wide SD Security, retiring 7 legacy systems
• Advised Configuration Managers in AP, AM, BC, GL, CRM, SRM, SCM, CO, PP, MM, WM, BI, PY, HR, FI/CO and EC-CS for functional feasibility

PROFESSIONAL EXPERIENCE:

Confidential

Senior Security Consultant

Responsibilities:

• Security consultant for BPC, HCM, FICO, GRC, Solution Manager
• 36,000+ production users for SAP applications above
• Demo implementation of GRC 10.1 Access Controls
• Completed Security review in anticipation of GRC 10.1 Access Controls to determine preparation tasks and developed a demonstration installation
• Performed security review for unaddressed risks in SAP and user security adherence
• Developed security strategy (Spool/Query/Table/Program restrictions)
• Advised on integration with other SAP instances, including BW.
• Led security requirements gathering with process teams
• Refined and implemented security strategy and design
• Created/modified roles
• Developed CUA proposal
• Developed Structural Authorization proposal
• Researched user exits, SAP Notes, BAdIs, BAPIs to fulfill business requirements for security restrictions
• Proposed functional solutions
• Performed user administration tasks
• Remedy and HP Quality Center participation for testing and issue resolution
• 3 go-lives including HyperCare support

Confidential

Security Team Lead

Responsibilities:

• SAP FICO integration Security Team lead.
• Generalist for BPC, CRM, GTS, HCM, SRM, GRC, Solution Manager, CUA, Portal, Vistex and HANA
• 500+ users for China
• 25,000 production users for SAP applications above
• Developed security strategy and designed security implementation
• Advised on integration with other SAP instances, including BW, Led security requirements gathering with process teams
• Developed and implemented security model
• Developed security procedures
• Developed security role testing procedures
• Developed testing documentation
• Determined resource requirements and costing estimates
• Designed SAP security architecture
• Collected requirements for refining existing GRC 10.1 ruleset
• Designed and created 4,598 roles
• Performed all SoD analyses and remediations for 4,598 roles using GRC 10.1
• Designed or advised on all custom authorization objects
• Resolved complex issues involving functional (FICO) configuration
• Advised functional process teams on required configuration
• Trained client security resources

Confidential

Senior SAP Security consultant

Responsibilities:

• SAP HCM/Payroll and FICO Integration Security Team lead and sole security consultant.
• 20,000+ users
• Developed security strategy and designed security implementation
• Lead security requirements gathering with process teams
• Developed and implemented Position-based security model
• Developed security procedures
• Designed SAP security architecture
• SuccessFactors integration
• Developed and implemented structural authorizations strategy
• Built structural authorizations
• Directed ABAP developers to create function modules for Forms and custom relationships
• Created roles and users
• Supervised/assisted/trained client resources on all security procedures
• Developed Integration Test procedures
• Trained, directed and monitored the client security team in Security Role Integration Testing (4 phases)

Confidential

Senior SAP Security consultant

Responsibilities:

• SAP NetWeaver 7.1, BW 7.0/BOBJ, Enterprise Portal, AA, AP, AR, CO, FI, HCM, MM, SD, WM
• Completed security re-design strategy and implementation
• Managed integration with proprietary IdM solution
• Led/managed complete role re-build
• Developed security procedures and policy manual
• Integrated federal security policies and procedures, including NIST 800-53, FISMA and the IRS IRM
• Developed the approved Security project plan
• 3,000+ users (internal and external)
• Single Sign On implementation
• Developed preparation and implementation plan for GRC 10.0
• Initiated develop of customer-specific controls matrix for GRC 10.0
• Led security requirements gathering with process teams
• Created roles, custom security objects, security parameters and users
• Trained client resources to assume SAP security tasks from implementation partner

Confidential

Senior SAP Security consultant, VA

Responsibilities:

• SAP NetWeaver 7.1, FI/CO, GRC 10.0, HCM (including Payreoll, ESS/MSS), SRM 7.0, BW 7.3, BOBJ 4.0, PI, IdM, SRM-MDM, SUS/ROS/LAC, NWDI and Enterprise Portal.
• Designed/architected security strategy and implementation
• Developed Security blueprint
• 220,000+ users (internal and external)
• Single Sign On implementation
• Initiated customer-specific controls matrix for GRC 10.0
• Developed implementation project plan for GRC 10.0
• Installed and configured GRC 10.0 in sandbox
• Contributed to security procedures development and publication
• Led security requirements gathering with process teams
• Created roles, custom security objects and users
• Profit Center/Cost Center security restrictions
• Created and executed CATT scripts
• Trained client resources
• Led security coordination efforts with internal/external auditors

Confidential

SAP Security Lead Consultant

Responsibilities:

• FICO, HR/PY, ESS and MSS Security Team lead.
• Developed Security blueprint
• 3,500+ users (internal)
• Single Sign On implementation
• Profit Center/Cost Center security restrictions
• Developed security strategy and designed security implementation
• Developed security procedures
• Designed SAP security architecture, including structural authorizations
• Created roles and users
• Supervised/assisted/trained client and offshore resources on all security procedures
• Assisted in security requirements gathering with process teams
• Ensured SoD analyses were developed and implemented
• Reviewed prior HR implementation

Confidential

SAP Security Consultant - Team Lead

Responsibilities:

• OTC (Order To Cash or Requisition To Pay) Security Team lead for internal IBM “Blue Harmony” Project.
• 400,000+ users (internal and external)
• Developed Security blueprint
• Assisted with Single Sign On implementation
• ECC 6.0 (FI-CO, HR, ESS, CE 7.1, Biller Direct), BI 7.0, CRM 7.0, EPC (EP 7.1), GRC 5.3 (SuperUser Privilege Mgmt-SPM, Risk Analysis and Remediation - RAR), PI, Cognos, IBM WebSphere, NWDI, Sabrix, Vendavo, Upside, FileNet, Alloy, Tivoli, Rev-Trac
• Developed security strategy and designed security implementation
• Developed naming conventions for all security objects
• Developed Security procedures
• Managed code and configuration customizations for security
• Assisted with Audit and Sox compliance implementation GRC 5.3
• Designed Structural Authorization Strategy
• Developed Profit Center/Cost Center security restrictions
• Assisted process teams in translating processes to security requirements
• Member of QA team for all Process Definitions
• Supervised/assisted offshore resources
• Created roles, users, custom authorization objects, including ABAP code reviews and user exit implementations

Confidential

Senior SAP Security Consultant (Independent)

Responsibilities:

• Senior Security Consultant for P2P Project, Upgrade, Business Objects and BI projects (14,000 users)
• Team Lead for Bell Helicopter
• Developed security strategy and designed security implementation
• Audit, SOX, ITAR and DFAR compliance
• NetWeaver issues troubleshooting, including Single Sign ON
• Create Roles, Users and Authorization Objects
• Develop SAP Security processes and procedures for SAP Security Team
• Approva BizRights administration
• Profit Center/Cost Center security restrictions
• CUA strategy and development
• Provided training for all Textron SAP Security Team members
• BI 7.0 implementation, including creation of Analysis Authorizations. Bex Analyzer
• Initial implementation of EP 6.0(all FI-CO), Requisition To Pay, SRM 4.0

Confidential

Senior Consultant

Responsibilities:

• Senior SAP Security Consultant
• Create Roles and Authorization Objects
• Initial implementation of ECC 6.0, BI 7.0 and EP 6.0
• Develop SAP Security processes and procedures for SAP Security Team, ABAP, Batch Processing, Interfaces, Conversions and Tables
• Refine Security strategy for 5 phase release schedule from 200 user prototype to 80,000 user base of all installations
• Audit, SOX, ITAR and DFAR compliance
• Define CUA parameters
• Develop provisioning strategy for development and production
• Write CATT scripts for user go-live Ids
• Develop Security Workplan for all tasks from initial development to post go-live support

Confidential

SAP Security Team Lead

Responsibilities:

• SAP Security Lead for Confidential SCM Programme
• Develop Security Strategy and designed security implementation for 4 phase release from limited target of 250 users to full global base of 80,000 Users
• ECC 6.0 FI/CO and HR MiniMaster with BI 7.0, EP 6.0 and PI (XI) for data interfaces.
• Maintain and advise on CUA
• Profit Center/Cost Center security restrictions
• Assist with business case for SAP GRC 5.0(Virsa) including Access Enforcer, Role Expert, Compliance Calibrator and Firefighter
• Work with Security infrastructure architect to determine impact of IAM choices on SAP security, including User ID Format
• Develop Role Design and Testing Strategy for all SAP applications
• Determine naming conventions for Roles, Profiles, and Authorization Groups (Users, Tables, Programs, Batch Jobs, Print Spools)
• Investigate User Exits and develop custom Authorization Objects

Confidential

SAP Security Team Lead

Responsibilities:

• Security Strategist - Develop the SAP Security Strategy for initial North American ECC 6.0 and SAP GRC 5.1 implementations and upgrade from BW 3.0 B to BI 7.0, Bex
• Develop SAP Security Implementation Method and Design - User (based upon Role in Avnet) with intent to migrate to actual Position based Security when HR modules are implemented in 2008
• Developed Security blueprint
• General Security Operations Review and recommendations for User and Role creation and Maintenance, Team Structure, access maintenance
• Audit and SOX compliance
• Recommend SAP GRC processes and implementation method
• FI/CO, FSCM, SAP GRC 5.1 (Access Enforcer, Role Expert, Compliance Calibrator, Firefighter) and BI 7.0 implementation - Accounts Payable, Accounts Receivable, Asset Management and General Ledger

Confidential

SAP Security Architect

Responsibilities:

• Analysis and re-design of Transport system review and recommendations for SAP Security landscape, processes, procedures and team structure
• CUA and SAP-GUI troubleshooting
• Procedural analysis of all processes
• Project Management eRecruitment, FI-CO, HR and Learning Solution implementations

Confidential

Application Product Manager

Responsibilities:

• Enterprise Portal 6.0.BW 3.5 and CRM 4.0 Implementation
• Collect requirements and assist Functional Teams to define access
• Developed Security blueprint
• Profit Center/Cost Center security restrictions
• Developed security strategy and designed security implementation
• Create Roles and Authorization Objects
• Designed Portal security (EP 6.0)
• Write and publish policy and procedure
• Supervised/assisted offshore resources
• Integrate Business Warehouse with CRM SECURITY.
• Design and Troubleshoot Portal Security
• Develop audit recommendations

Confidential

SAP Security Team Lead

Responsibilities:

• Security Blueprint and Solution Architecture of SAP Enterprise Portal 6.0/Mainframe
• Use Case Review
• Process/data Flow Analysis

Confidential

Senior SAP Security Consultant (Independent)

Responsibilities:

• HR Structural Authorizations implemented with SAP as Implementation Partner
• Create Roles and Authorization Objects
• Profit Center/Cost Center security restrictions
• Supported SAP 4.7 Enterprise via SAPGUI for HR/PY, FI/CO, APO, SEM, CRM, ESS/MSS, BW 3.1 and NetWeaver Portal Security implementations and go-lives
• Virsa (GRC) Segregation-of-Duties and Sarbanes-Oxley Compliance Tool implementation
• RBE (Reverse Business Engineering) Tool implementation
• 3-Tier Segregation of Duties/Role Design Approach for FI-CO, HR, CRM and APO
• Implementation Partner: SAP

Confidential

Security Team Lead

Responsibilities:

• Produced Security portion of Blueprint
• Implemented Security for SAP 4.7 Enterprise for HR/PY, eRecruiting and FI/CO, eXchange Infrastructure and NetWeaver Portal 6.0.
• Create roles, Authorization Objects and user IDs for programmers, configurers, end users, programs, data loads and Query creation and assignments.
• Implemented WorkFlow and Time Management.
• Performed Client Copies and managed Transport System
• Planned and designed Structural Authorization (PD) Security Architecture.
• Developed and published Security Policies
• Supervised/assisted offshore resources.
• Wrote CATTs for automated ID creation and Role assignments.

Confidential

SAP Security Team Lead

Responsibilities:

• Implementation of Security for SAP 4.6B and BW 2.0B via web and SAPGUI.
• Maintenance of SAP 4.0 system
• Create roles and authorization objects and user Ids for programmers, configurers, end users and Query creation and assignments in BW and R/3
• Planned, designed and co-coordinated Job-based Security Architecture
• Developed Security Policies. Report creation/implementation, design of standards, policies, and procedures
• Profit Center/Cost Center security restrictions
• Wrote CATTs for automated ID creation and Role assignments
• Maintained CUA through creation, deletion and addition of various clients and instances
• Created custom InfoObjects and Authorization Objects in all clients.
• Worked with Bex Analyzer, Bex Explorer and BW Administrative Workbench.
• Designed and implemented BW Queries. Troubleshot any authorization issues.
• Performed administration and maintenance of AS/400, Clarify, Sybase, Netware and Remote Access (SecurID) systems.
• Workflow for HR, MM, Requisition To Pay
• Modules personally polled for business requirements, designed, tested and built included:
• Customized every Authorization Object in the FI-CO, SD, MM and BW modules. Worked closely with the SD Team in creating custom transactions and reports to supplement the SAP-supplied SD functionality. Submitted Notes for EC-CS, GL, BW and MM that were included in later Support Packages.
• Analyzed numerous Reports, Transaction Programs and errors with both ABAP and Basis Teams. Determined where authorization checks should, or should not, be. Examined code for table references to use in Authorization issues. Worked with Basis to perform Transports and client copies and refreshes (Basis) so that change requests were imported and exported in the appropriate order and to all indicated clients and that configuration and authorization changes were not lost when fresher data was required.
• Developed Business Process Plans for all implemented functionality in the environment. These BPP’s were the basis for later testing and tracking knowledge bases. Corporate standards were based upon those of Confidential & Touche and SAP's Best practices and were followed diligently through all implementation phases during all Security tasks.
• Created and maintained BW Reporting Objects for custom Authorization and Reporting Objects that were required in the implementation using the hierarchical corporate Cost Center Structure. Worked closely with the Finance and BW Teams to design a scalable, flexible Security Model that became the accepted enterprise standard. Developer and implemented SAP OSS Notes that enabled several wildcard functions to be included in BW v3.0.
• Consulted on approaches for importing R/3 Structures directly to construct the BW Hierarchies. These were maintained by monthly downloads from the R/3 Instance.
• Designed the Workbook Structure for the BW Implementation Team and modified the Roles (RSA1) as new Reports and analytical areas were added.
• Defined and maintained SAP Activity Groups, User Profiles and Authorizations/Systems access privileges from start (polling Business for needs), refining into BPPs for activities and processes, translated these into Transaction Groupings and Roles (PFCG), customized Transaction Authorizations using SU24 to fit Business requirements. Constructed Central. User Administrator for Sandbox Development, Quality Assurance, and Training instances for R/3 and BW (eight instances), containing 40+clients. Systems interfaces to ESS, (web site), Web Reporting for BW, IXOS web printing, Nortel Clarify trouble-ticket interface, AS/400 Infinium interface.
• Involvement with Internet-based Security Protocols to design and build Roles and access for User and system access.
• Performed IT forensic tasks on all applications, as needed.
• Coordinated preventative, monitoring and investigative efforts with Audit, Compliance and Risk Management units
• Developed and implemented a detailed Role-based intranet/extranet and Internet Security access structure integrating corporate policy, and identified which objects and Authorizations needed to be utilized. Implemented these access structures for Employee Self Service (ESS), Manager's Desktop (MSS) and Business Warehouse Reporting, involving a VPN and RADIUS servers.