- Confidential is a team - oriented SAP Security and Authorization concept professional with 7 years’ experience in SAP Security & Authorization and 2 years of GRC AC 10.1 supporting implementations, configurations, maintenance, provisioning and Identity and Access Management services.
- Confidential is proficient in design architectures, testing and support protocols using the best industry standards, including SOX and other compliance requirements; and very experienced in providing effective structures for ensuring the security, integrity, and accuracy of all enterprise systems.
- Authorization Concepts
- Implementation & Upgrades
- Role Design
- Firefighter Administration
SAP Application Security Specialist
- Provided a wide range of end user support services including password resets, Active Directory issue resolutions, authorization check fails and testing for efficient product delivery.
- Created Users across the entire Confidential landscape and assisted in issues troubleshooting and resolution researched the Active Directories, Amps and Confidential Portal systems to resolve user access issues. developed new and maintained existing standard operating procedures and job aids for routine Application Security Tasks performed SAP support maintenance including but not limited to SAP Central User Administration
- Designed, enhanced, transported and provisioned roles in accordance with Confidential policy, procedures and processes
- Completed several RFCs, RFJRCs, and RFS’ tickets involving role enhancements based on user access requirements
- Executed assigned project roles in various systems, including AMPS, ITSM Remedy, Workbench, Confidential Portal, HANA, NWBC, SAS and SAP environments.
- Confidential has also acquired proficiencies in Network Security, compliance and operational Security, Threats and Vulnerabilities, Application Data and Host security and Cryptography.
SAP GRC AC Consultant
- Assisted in SAP GRC Access control 10.1 business object configuration and activation.
- Controlled emergency accesses and performed firefighter roles
- Built Rules and and analyzed roles for SODs.
- Configured ARA, ARM, EAM, and utilized them for analyzing, provisioning and emergency access services.
- Configured and maintained MSMP workflows
- Created globally defined connectors and RFC destinations and mapped them to SAP AC integration scenarios.
- Switched-on AUDITs to identify analyze and recommend required reports for daily and periodic AUDIT reporting.
- Created mitigation controls for unavoidable risks.
- Solved front-end user issues ranging from logon failures, user expirations to missing authorizations and password resets.
- Implemented and maintained Central User Administration ( Confidential ) including migration of User Master Records from child to Parent systems.
- Created and transported mass users and Roles. Performed mass user password resets, etc.
SAP GRC AC Administrator
- Completed prerequisite activities in the 10.1 server using Confidential .
- Exported GRC CUP, ERM & RAR data using the migration tool installed in the 5.3 legacy system.
- Exported SPM 5.3 Data. Performed post installation steps of the AC 10.1 System and importing the CUP, ERM, RAR, & SPM and WF data.
- Completed Post-Import Tasks. Imported the common configuration data into the GRC 10.1 server. Validated the Data for Functions, Risks, FF IDs (EAM), and BRM using NWBC.
- Configured AC 10.1, created owners, managed the exclude objects in batch analysis, and executed batch analysis. configured BRM and Maintained Owners, and Role Type settings. created BRF+ Rules and assigned Condition Group Types to BRF+. defined Role Methodology Processes and Steps. associated Role Methodology Processes to Condition Groups. created Role Approval Workflow and maintained approver rules. evaluated access management configurations and recommended solutions in line with best practice guidelines.
SAP Security Administrator
- creating and maintaining single/master, Composite and derived roles.
- Evaluating Authorization checks and resolved authorization issues.
- Maintained password restrictions, locked / unlocked Users.
- Defined User distribution fields for the administration of user master records in a Confidential environment.
- Secured Critical Tables and Protected Clients by restricting access to unauthorized users.
- Used Transaction SU24 extensively to maintain Object check proposals (Check Indicators).
- Executed several security related reports as required by internal audit.
- Reviewed existing roles and detected and solved SOD issues.
Health Systems Administrator
- Provided end user training and project management support for EPICare EMR software implementation.
- Managed EPIC report building, monitored workflow and quality improvement processes.
- Maintained Security of Confidential records to ensure confidentiality and integrity.
- Executed chart audits to ensure records management quality accuracy
- Troubleshoot problems, identify solutions and execute or coordinate fixes.
- Managed staff access to systems using validation methods to grant or deny access to patient data
- Managed a sleep diagnostic center and was charged with ensuring controlled access to patient records in conformity with HIPAA policies and procedures.