SUMMARY:

• Confidential has over seventeen years of experience in management, design, and implementation of SAP application security, three years of SAP HANA, two years HANA Finance, eleven years of GRC Access Controls, fourteen years of SAP Audits and Controls, and two years of Fiori.
• Additional experience includes developing security policies, procedures, and assessments of large - scale complex SAP Security Landscapes.
• Currently building a Fiori Application Ruleset and created adding Fiori applications and oData to SoD reports
• Maintain SAP S/4 HANA 1610 database security role and privilege and provision users, roles, privileges, schemas, and repositories using SQL and HANA Studio
• Experience with HANA Live Views, HANA Modeler,and some SAP SLT
• HANA Modeler/ Studio work with developers supporting development processes for SAP BPC optimized for S/4 HANA Finance and embedded in BW Reporting, Fiori, BW 7.5, and BoBJ
• Create Security Access in SuccessFactor, running reports in Employee Central
• Interface SuccessFactor with GRC Access Control HR Triggers
• Created SAP S/4 HANA Finance security requirements, testing procedures, create roles and maintain roles
• Implement Security and Support: HANA Finance, ECC, HCM, IBP, BW, FSCM, Solution Manager, MDM, PL, BPC SRM, EBP. PI, APO CRM, GTS, SCM, SEM, Portal, Adobe Forms, Solman, and NetWeaver
• Create role requirements and test roles for BPC, SRM, PL, MDM, Solution Manager, BoBJ, APO, BW, FSCM, ECC
• Resolve SAP Security authorization issues and administer administration
• Developed BI 7.x Security Plan, maintained Analysis Authorization, and troubleshoot queries
• Deployed and maintained Central User Administration (CUA)
• Experience with Project Prep, Blueprinting, Realization, Final Preparation, and Hypercare
• Lead SoX/SoD workshop taught the teams how to Remediate Risks, Mitigate Risks, and create Controls
• Experienced implementing all Access Control Modules EAM, ARA, ARM, and BRM
• Experienced with MSMP and BRFplus Workflow configuration
• Added Fiori 2.0 applications to GRC Access Control Ruleset
• Implemented seven GRC Access Controls, upgrade GRC 5.3 to GRC 10.1, and one Virsa 4.x to GRC 10.1 upgrade
• Create GRC Access Control implementation and upgrade project plan including managing resources to milestone
• Developed GRC processes to sustain a successful implementation
• Lead ruleset workshops with the business
• Enable out of the box application from Fiori Apps Library
• Fiori create launchpad strategy and implementation
• Fiori Designer create and maintain business catalog and business group
• Fiori application implementation create search connectors, activate SAPUI5 components and OData Services
• Fiori application troubleshoot authorizations and research notes in application library
• Fiori create news application specs and work with developers
• Fiori roles created and maintained front end roles, back end roles, and HANA roles and privileges
• Compliance: Add Fiori applications to ruleset detect Segregation of Duties in Fiori roles and users
• Fiori created Security test strategy, function test strategy, and user acceptance test strategy
• Fiori User and role provisioning strategy and maintenance

PROFESSIONAL EXPERIENCE:

Confidential, Honolulu, HI

Security Lead, Security Architect, Fiori Consultant, and GRC Lead

Responsibilities:

• Create SAP Security Application Strategy, Policy, and Standards for Fiori, BI, XI, ECC, CRM, BoBj, HCM, HANA, and Success Factor
• Create SAP Application Roles and Testing Procedures for BI, ECC, BoBj, HCM, Success Factor, Fiori, and XI
• Blueprint and deploy GRC Access Control
• Create Fiori Catalogs, Fiori Business Groups, and troubleshoot Fiori Tile (applications)
• Add Fiori applications to GRC Ruleset for SoD Detection
• Create Hierarchy structure using scripts
• Lead GRC Ruleset workshops
• Implement, security, and maintain OpenText authorizations
• Developed Role requirements for various BP functions
• Worked with business leads gather Fiori Applications requirements
• Deploy Fiori applications
• Created Fiori Designer Catalogs and Designer Business Groups

Confidential, St. Louis, MO

HANA Security Lead, Security Lead, Fiori Consultant, and GRC Lead

Responsibilities:

• HANA Finance role design, test, and creation
• Fiori resolve Fiori performance issue and created a development role strategy
• Fiori Application requirement creation and documentation
• Fiori Application library enable and troubleshoot Fiori application
• Worked with business leads gathering Fiori Applications requirements
• Fiori created strategy adding Fiori application to GRC Ruleset detect SoD conflicts
• Fiori Designer group Fiori application to Business Catalogs, Business Groups, and Business Roles
• Fiori updated SU24 settings preventing critical object from being misconfigured while creating back end roles
• HANA 1610 Security Lead maintained HANA roles and privileges support development BPC, BW, BoBJ, and Fiori
• HANA 1610 design maintain user, roles, and privileges
• GRC Access Control Deployed Risk Analysis and Emergency Access
• GRC Access Control lead ruleset workshop and enhance out of the box ruleset
• BW, IBP, BPC troubleshoot HANA Views, queries and analysis authorization issues
• Created BoBJ security for users, groups, folder structure, and access levels

Confidential, Houston, TX

HANA Security Lead, Fiori Lead, and GRC Lead

Responsibilities:

• Took over a struggling GRC Access Control 10.1 implementation
• Implemented all modules in GRC Access Control 10.1
• Created the ruleset with the Business
• Created remediation strategy
• Redesigned security roles to exclude SoD Conflicts and creating Mitigating Controls

Confidential, Falls Church, VA

Responsibilities:

• Assist with internal HANA test environment
• Troubleshoot HANA SHINE issues
• Troubleshoot FIORI functional issues
• Create Requirements documentation for GreenLight implementation
• Created test scenarios and testing strategy for GreenLight

Confidential, Bellevue, WA

Responsibilities:

• Redeployed SAP AC 10.1 installation
• Resolved Connection issues and rule set issues
• Created MSMP and BRF plus settings integrating with SAP NetWeaver Identity Management

Confidential, Fort Worth, TX

Responsibilities:

• Re-installed GRC AC 10.1
• Lead SAP Security role (HCM and ECC) redesign requirement workshops
• Developed and tested SAP ECC and HCM Roles with the business leads
• Lead GRC rule set workshops
• Created GRC Access Control training documentation
• Troubleshoot and resolve plug in issues
• Assisted basis with GRC software installation
• Knowledge transfer with Basis, the Business, and GRC Owners
• Updated security policy and procedures
• Created testing schedule and lead the Security Role Testing
• Reduced SoD with the Security Role Redesign
• Review and review SoX Audit Findings
• Troubleshoot CUA issues

Confidential, Antonio, TX

Responsibilities:

• Upgrade Virsa 4.x to GRC Access Control 10.1
• Created training material introducing the business to Risks and Mitigation
• Troubleshoot and resolve plug in issues
• Assisted basis with GRC software installation
• Trained the SoX committee how to review SoD Conflicts and develop a mitigating strategy
• Reviewed existing SoD matrix and transitioned the existing Risks to new Rule-set
• Lead Rule-Set workshops
• Documented and implemented process to support Rule-set
• Set Mitigation strategy with Internal Audit and the Business
• Transitioned existing Controls (Non SoD ) to SAP

Confidential, Falls Church, VA

Responsibilities:

• Integrated NetWeaver IdM 7.2 / VDS with HCM
• Create BPPs
• Provision users to SAP Landscape
• Create SAP BPC 10.1 Roles and troubleshoot SAP BPC authorization issues
• Mass create roles and users
• Mass change roles and users
• Mass create derived roles

Confidential

Responsibilities:

• Integrated Netweaver IdM 7.2 with HCM and Active Directory
• Apply best practices to Identity Center
• Clean up existing Identity Center (Repository, Identity Store, VDS, and Jobs) and apply Best Practices
• Deploy Password Self Service for HCM
• Provisioning to HCM and Active Directory
• Create a test environment with consists of VMWare ESXi and OVF images

Confidential, Chicago, IL

Responsibilities:

• Developed a Single Sign On PoC project plan and test environment
• Integrated Kerberos with SAP GUI and SPNEGO for Java
• Integrated ABAP SNC and MS Active Directory
• Configured Secure Login Library and Secure Login Client
• Account mapping Identity Provider to Service Provider

Confidential, Philadelphia, PA

Responsibilities:

• Blueprint HCM Roles and gathered requirements with functional leads
• Created HCM SAP Security Roles
• Created testing strategy, policy, and procedures
• Secured HCM data including background jobs, interfaces, and print jobs
• Deployed Structural Security
• Create and tested HCM Roles (ESS, MSS, Payroll, Benefits, Organizational Management etc)
• Designed Portal Architecture to include Active Directory groups for provisioning roles
• Created the PI security and role strategy
• Emergency Access Management
• Access Request Management
• Analyze Risk Analysis
• Business Role Management
• Developed the User Provisioning Strategy (On / Off Board Process) and Landscape to include HR Triggers
• Integrated HCM with GRC AC 10
• Integrated SAP Portal with ABAP systems
• Resolved Data Source Issues
• Automated ESS, MSS, and SAP Common Role Provisioning strategy to positions in HCM
• Created ruleset and processes to support the ruleset
• Deployed Password Self Service
• Configured MSMP Workflow Settings, completed post installation steps using SPRO and NWBC
• Developed the Rue Set (include custom Tcodes, Functions and Risks)
• Set the Mitigating Control Strategy

Confidential, Cleveland, Ohio

Responsibilities:

• Integrated GRC Access Control 10.0 and NetWeaver IdM 7.2, VDS, HCM, ECC and BI
• Troubleshoot the web services between VDS and GRC Access Control 10.0
• Created User Provisioning processes, strategies, and project plan for SAP IdM 7.2 and GRC Access Control 10
• Configured IDM to Provision to ECC, SAP, HCM, BI, Active Directory, and Exchange
• Blueprint and deployed Compliant User Provisioning, Risk Analysis, Enterprise Role Management and Super Privilege Management
• Developed GRC Access Control 10 deployment methodology
• Lead ruleset development workshops which included documenting ongoing maintenance and processes
• Created the Mitigating Control Strategy
• Lead SoD workshops and mitigating control workshops
• Redesigned SAP Security Roles
• Created policy and procedures to sustain on going compliance

Confidential, Provo, Utah

Security Architect, SAP Netweaver IdM 7.2 Consultant

Responsibilities:

• Developed the Audit Response Team and trained the team how to interpret the SoD conflicts, audit findings, validate the findings and develop Controls
• Trained the Audit Response Team and employees regarding Control Deficiencies, Significant Deficiencies, and Material Weaknesses
• Developed solutions for Control Deficiencies and prevented Significant Deficiencies
• Created Internal Controls preventing audit findings from resurfacing
• Upgraded GRC AC 5.3 to GRC AC 10.0
• Upgraded Virsa 4.x to GRC AC 10.0
• Implemented User Provisioning with GRC Access Control 10
• Developed and maintained the GRC Rule Set to include custom transaction
• Provide Internal Audit with GRC RAR training (Rule set) and remediation training
• Educate the client regarding SAP NetWeaver IdM, GRC Access Control, and User Provisioning
• Redesign SAP Security Process to accommodate SAP NetWeaver IdM and GRC Access Control
• Redesigned FI, SD, SCM, and HCM roles resolving role SoD issues
• Developed an Audit Committee and set strategies for resolving Audit Findings
• Review GRC Access Control installation and assist with various stakeholders taking ownership

Confidential

Security Architect, IdM Architect, and Approva Consultant

Responsibilities:

• Provide ECC, BI, and HCM security support
• Maintain direct and indirect role assignment
• Analyzed Approva SoD reports and resolved SoD conflicts
• Recommend process enhancements to support an implementation of IdM
• Analyze Data Integrity and proposing a clean up effort issues for SSO and IdM
• Reviewed Security Policy and Procedures improving User Provisioning
• Analyze SoD tools Approva and GRC Access Controls and present the Pros and Cons

Confidential, Middleton, WI

SAP Security Lead

Responsibilities:

• Developed SAP Security strategy, processes, policy, and procedures
• Manage Security tasks and resources according to the implementation Project Plan
• Designed, developed, tested, and implemented ECC 6.0 Security
• Deployed Single Sign On (Kerberos) integrated with AD and SAP(ABAP and Java)
• Implemented CUA and administered users
• Created security process and procedures which will be integrated with a future installation of SAP NetWeaver Identity Management

Confidential, Norwalk, CT

IDM / GRC Consultant / Security Consultant

Responsibilities:

• Developed Identity Management requirements and researched various Identity Management solutions
• Integrated SAP IDM 7.1, GRC Access Control 5.3, HCM and Active Directory
• Researched various Enterprise Single Sign On solutions which met the clients requirements
• Created IDM and GRC Access Control project plan
• Reviewed and enhanced security business processes to support IDM / GRC implementation
• Developed the data clean up strategy to support the integration of SAP, AD, SAP Portal, and non SAP Applications
• Design and documented IDM, GRC, HCM, Active Directory, and Access Control landscape
• Configured an IdM test environment to Provision to Portal, HCM, ECC, Active Directory, and Non SAP Applications

Confidential, Atlanta, GA

IDM / GRC Consultant / Security Consultant

Responsibilities:

• Worked closely with an SAP resource and we Integrated SAP IDM 7.1, GRC Access Control 5.3, and HCM
• Created IDM and GRC Access Control project plan with a team and Manage resources to milestone
• Documented and standardized SAP business processes to assist with developing IDM / GRC requirements
• Designed and documented IDM, GRC Access Control, and SAP Applications landscape
• Reviewed and enhanced security business processes to support IDM / GRC implementation
• Part of a team which configured IDM to Provision to Portal, HCM, BI, SAP ABAP Systems

Confidential

IDM / GRC Consultant / Security Consultant

Responsibilities:

• Troubleshoot ECC 6.0, BI Analysis Authorization, and Portal authorization issues
• Created BI Analysis Authorization profiles
• Created ECC 6.0, BI Analysis Authorization, and Portal role requirements and roles

Confidential, Farmville, NC

GRC Consultant

Responsibilities:

• Implement and configure Risk Analysis and Remediation
• Implement and configure Compliant User Provisioning
• Recommended the Risk Analysis, Mitigation, and support strategies
• Recommended role and user remediation strategies

Confidential, Milford, CT

SAP Security Lead and GRC Consultant

Responsibilities:

• Manage Security tasks and resources according to the implementation Project Plan
• Developed security test schedule, to include Unit Testing and Integration Testing
• Created ECC 6.0, HCM, Solution Manager, PI, and Portal requirements
• Created FI, Solutions Manager, PS, PI, Portal, & HCM Roles
• Created roles for HCM (Compensation, Benefits, Organizational Management, Payroll, and Travel)
• Deployed Structural Security and Position Based Security
• Created HCM Security Roles (Roles ESS & MSS) which integrated with Adobe Forms
• Implemented and maintained CUA
• Troubleshoot HCM workflow security issues and HCM authorization issues GRC Access Controls Configuration Support
• Provided support and guidance to consultants configuring Risk Analysis and Remediation
• Provided support and guidance to consultants configuring Superuser Privilege Management
• Recommended Risk Analysis, Mitigation, and support strategies
• Recommended role and user remediation strategies