SUMMARY:

• 15 years of expertise in SAP Security - ECC, BI/BW, SCM and PI.
• 7 years of expertise in SAP Governance Risk & Compliance - ECC, BI/BW, SCM and PI.
• Expertise in Access controls, Security & privacy rule, Risk management and System audit.
• 4 years of experience as GRC Architect, Internal Control Architect and Internal Audit Advisor (single point of contact for KPMG and PWC audits).
• Expert in configuring and implementing the GRC 10.1 tools; Access Risk Analysis (ARA), Access Request Management (ARM), Business Role Management (BRM), and Emergency Access Management (EAM).
• Implementation, Maintenance and Rollout expertise in; SAP ECC (SD, MM, PM, FI-CO and HR), BW/ BI, SCM, PI & Enterprise Portal.
• Expertise in SAP - Security and GRC in SAP versions ECC (6.0 and 5.0), BI (7.0 and 3.5), SCM 7.0 & GRC 10.1 and 5.3.
• Expertise in Security upgrades to ECC 6.0 from 4.7C, BI 7.0 from BW 3.5 & Portal 7.0 from 6.0.
• PoC experience in S/4 HANA-GRC 10.1 migration.

PROFESSIONAL EXPERIENCE:

Confidential, Bakersfield, CA

Sr. SAP GRC Consultant

Environment: SAP ECC 6.0 & GRC 10.1.

Project Description

• Migration of SAP GRC Access Control 5.3 to GRC 10.1
• Implement all 4 components EAM, ARA, ARM, and BRM and plug-in with the satellite system ECC and integration with LDAP for user authentication.
• Document the cutover plan, and coordinate with Release management team for successful implementation.
• Team up with business and super/end users to render business requirements blue print.
• Design and build seamless Integration between SAP Enterprise Resource Planning modules (Order to Cash, Procure to Pay, Record to Report, Plant maintenance and Human Resources), Business Intelligence, Supply Chain Management, Process Integration, Enterprise Portal and SAP Governance, Risk and Compliance.
• Design and build SAP Governance, Risk and Compliance 10.1 processes like Access Risk Analysis (ARA), Access Request Management (ARM), Business Role Management (BRM) and Emergency Access Management (EAM).
• Implement industry specific role-building process to cater business guidelines and adhere to the controls requirement set forth by the internal audit/controls teams.
• Establishing workflow and creating artifacts with workflow details adhering to strict Sarbanes Oxley (SOX) regulations and Segregation of duties (SOD) check.
• Plot process controls to outline risks and there by evaluate, test & re mediate them.
• Amend/Create user profiles to meet new customer/industry requirements by Password management, Managing authorizations & authorization objects.
• Effectuate security for SAP Governance Risk and Compliance Tool.
• Orchestrate/Conduct demonstration of system capabilities and features with customer's leadership team.
• Defect management using client's proprietary quality control system.

Confidential, IA

Sr. SAP Security & GRC Onsite Lead

Environment: SAP ECC 6.0, SRM 7.0 and BI 7.0, GRC 10.1.

Responsibilities:

• Security Maintenance and Support in SAP ECC (SD, MM, PM, FI-CO and HR), BW/ BI, SRM.
• Expertise in elements of SAP Authorization Concepts, User Master Record maintenance and mass user administration through SU10.
• CHARM Administration.
• HANA Security.
• Internal Development and Internal Audit Compliance.
• Working with functional and end-users to translate business requirements into technical specifications.
• Amending/ creating user profiles to meet new user requirements, Password management, Managing authorizations & authorization objects.
• Managing defect management using HP Quality Control Tool.
• Ensure new role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/controls teams.
• Developing Security for Solution Manager and Espree Access Management.

Confidential, Winston Salem, NC

Sr. SAP Security & GRC Lead

Environment: SAP ECC 6.0, SCM 7.0, PI and BI 7.0, GRC 10.1.

Responsibilities:

• Migration of SAP GRC Access Control 5.3 to GRC 10.1
• Configuration of all 4 components EAM, ARA, ARM, and BRM and plug-in with the satellite systems such as ECC, BI, SCM and integration with LDAP for user authentication.
• Experience working with functional and end-users to translate business requirements into technical specifications.
• Involve in conducting Quarterly Internal Audit and Annually External Audit for Audit with all area managers to re-validate roles and user profiles.
• Work with the business and project teams in developing functional specifications as related to security concerns.
• Document the cutover plan, and coordinate with Release management team for successful implementation.
• Provide weekly status to PMO & Stakeholders.
• Designed, configured and used Access Controls (Super User Privilege Mgmt, Compliant User Provisioning, Risk Analysis and Remediation with Risk Terminator, and Enterprise Role Mgmt).
• Worked on all Internal Development and Internal Audit Compliance.
• Day-to-Day use of GRC Compliance Calibrator, Firefighter for identifying SOD’s and to handle to sorts of emergency situations.
• Experience in Amending/ creating Security profiles to meet new user requirements, Password management, Managing authorizations & authorization objects.
• Experience in Profile Generator - PFCG (Roles, Composite Roles, Derived Roles, Customizing Roles).
• Worked on Change Management and Security SAP recommended system landscape Approval processes for change management Auditing system change options and client change options Roles and responsibilities for change management
• Created and modified Single roles, Composite roles and derived roles by using Profile Generator.
• Worked with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Worked with functional team leads to define the new transactions.
• Re-designed all SAP roles and implemented a common security policy for all SAP landscapes.
• Experience in Controlling Transaction Codes, Tables and Programs by Auditing the protection of transaction code execution, direct table access, direct program execution and developer access.
• Defect management in HP QC.
• Work with SAP Service Development team, to solve complex integration issues.
• Collaborate with offshore teams for effective project delivery.
• Conduct the demo and training sessions with leadership, functional and various business groups.
• Motivated Technology expert quick at learning new technologies.

Confidential, Pleasanton, CA

Sr. SAP Security & GRC Lead

Environment: Software Database: Oracle 10g

Tools: GRC, HP Open View service desk 4.5 client, SM7, QA SAS.

O/s: HP-UX

Software: SAP ECC 6.0 and BI 7.0, GRC 5.3.

Responsibilities:

• Worked on all Internal Development and Internal Audit Compliance.
• Day-to-Day use of GRC Compliance Calibrator, Firefighter for identifying SOD’s and to handle to sorts of emergency situations.
• Running GRC in Simulation mode and Detail mode before amending any changes to user access.
• Secured roles by Company Code, Plant, Cost Center, Profit Center and Purchasing Organization as well as work with Audit team to resolve SOX/ SOD related issues.
• Reviewed and analyzed SOD (Segregation of duties) issues in conjunction with Internal Audit Department.
• Designed, configured and used Process Controls to identify risks; evaluate, test & remediate controls.
• Configured & trained Firefighter usage to the SOD cleanup impacted users.
• Established workflow and created documents with workflow details (created technical and functional specifications for each work detail) with in SOX regulations and SOD check.
• Conducted monthly meetings with the Business unit leads in identifying & resolving the Segregation of Duties (SODs) analysis and documented for auditing purposes.
• Revamped existing activity groups to make them compliance with SOX and SOD conflicts.
• Re-designed all SAP roles and implemented a common security policy for all SAP landscapes.
• Experience in Profile Generator - PFCG (Roles, Composite Roles, Derived Roles, Customizing Roles) and Special Authorization Components.
• Experience in applying Access Control and User administration (password Rules, special users, Authorization Administration) and Central User Administration (CUA) configuration
• Experience in Controlling Transaction Codes, Tables and Programs by Auditing the protection of transaction code execution, direct table access, direct program execution and developer access.
• Worked with BI team to analyze the authorization object values for BI end user reporting roles.
• Involved in creating BI 7.0 analysis custom authorization objects & roles through RSECADMIN as per Business users, Key users and BW developer requests.
• Experience in PFCG & RSECADMIN transactions for creating, maintaining roles and authorizations in assigning authorization values to the BW Custom objects.

Confidential, San Clara, CA

Sr. SAP Security Consultant

Environment: Database: SQL Server 2005

O/s: Windows 2003

Software: SAP ECC 5.0, XI, BW

Responsibilities:

• Involved in collecting Requirements, Planning, Design, Implementation, Testing, Acceptance, Maintenance & Sign-off procedures.
• Design and implement several new corporate policies in accordance to standards in relate to SAP Application Security.
• Strong in enforcing consistent Security policies, processes and procedures as laid out by the client requirements for User Administration, User Authorization/ Roles assignment, User Authentication & Right of approvals.
• Building Security roles using the SAP Authorization Concept using Profile Generator tool (PFCG) and transported settings to all clients, setup security for the Key users, End users, Developers & etc.
• Experience in tool SU24 for maintenance of authorization objects/ keys in transactions base.
• Experience in creation of mass generation of roles and user assignments using CATT & ECATT Scripts.
• Having wide experience with Compliance Calibrator (VIRSA) tool for SOD Analysis such as User level, Role level, Authorization object level etc.

Confidential, Wilmington, DE

Sr. SAP Security Lead

Environment: Database: DB2

O/s: HP - UX 10.2.0.2

Software: SAP ECC 6.0

Responsibilities:

• Analyze changes and Consolidate roles for the Go-Live.
• Check for all new transactions and its related Security Objects.
• Supported the upgrade to ECC 6.0 through Sandbox, Development, QA and Production upgrades.
• Check custom security objects are intact and are assigned to right roles
• Identify the impact of New Service Packs and make necessary changes to the Security Roles
• Upgrade all the security Roles, Test and Move to Production
• Check for Security Profile Parameters that effect the new system
• Ensure new role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/controls teams.
• Responsible for the developing roles, Composite Roles and derived roles using the Profile Generator (PFCG) and Risk Terminator (Virsa).
• Configuration of Compliance Calibrator, Creating Business Process, Functions and Risks in Virsa’s CC.
• Configuring and Setting up FireFighters in Production systems.
• Assisted Sarbanes Oxley Compliance - SAP System Audit and documentation of significant Processes and controls.

Confidential, San Jose, CA

SAP Security Consultant

Environment: Database: DB2

O/s: AIX 5.2

Software: R/3 4.7 Enterprise Edition

Responsibilities:

• Responsible for all aspects of SAP Security administration, creating Project Process and Support Documentation. Gathered Security information from several teams and prepared Authorization Matrix.
• Data modeling with BI objects in BI 5.0 version. Involved in building several InfoCubes, Inventory cubes, Standard & Transactional Data Store Objects, Multi-Provider and InfoSet.
• Delivered the reports using BEx tools to development & testing team to check the Security performance functionality.
• Built traces from Trace tool for testing the Security functionality check up and Analyze missing authorization & troubleshoot authorization problems in BI 7.0 through ST01, RSRT, RSUDO, RSRTRACE, RSECAUTH, RSECADMIN & BEx Analyzer.
• Transported the BI Security authorization objects for Development, Testing & Production system environments.
• Liaise with audit professionals to develop, establish and implement Security developments.

Confidential

SAP Security & BASIS Lead

Environment: ERP: SAP Ver 4.7

Database: DB2.

Tools: CMIS Web Enterprise.

O/s: IBM AIX 5.2, Windows XP

Responsibilities:

• Involved in creating and maintaining role/ profile, changes to existing roles by adding new authorization objects and values, and deletion of roles using Profile Generator PFCG.
• 3 development, Test/Quality and production servers. Maintenance of Spool administration.
• Defining & configuring batch jobs in SAP as well as scheduling basis background jobs to reorganize various logs like ABAP dumps, Spool requests, Job logs, and Batch-input sessions.
• Monitoring & Maintenance of R/3 database like Free Space statistics, critical indexes etc.
• Setting up OSS connectivity to SAP-AG and addressing issues related to basis activities.
• Created Transaction codes for the programs and ran the transactions
• Configured Profile Generator and transported settings to all clients, setup security for the developers.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• User maintenance (User creation/deletion/lockdown/activation/Password management).

Confidential

SAP Engineer

Environment: (with skill versions)

Software

Database: Oracle 8.1.7 & 9i

Tools: IBM Tivoli Maestro, HP CRM tool Clarify & HP Open View service desk 4.5 client.

O/s: HP Unix, Windows XP

Responsibilities:

• Analyze and create Batch job Trigger, Batch job spills to production window.
• Business critical Batch job scheduling, monitoring, recovering, composing using IBM Tivoli Maestro application on HP UNIX servers and SAP.Involved in monthly MTP Move activities.
• Configuring printers in SAP and SAP Printer spool maintenance and Transport Administration.
• Maintenance and Monitoring ALE, Inbound & Outbound IDOC types and rectification based on error status.
• System Monitoring and performance checking for all the three HP regions of AP, EMEA and AM.