- As a knowledgeable professional with more than 9 years of experience in information technology and project management, I seek to bring my skills and abilities to add value to your company.
- Skilled IT professional with experience in SAP Security and Governance Risks and Compliance (GRC).
- Proven ability to oversee entire lifecycles, from development through to post - implementation assistance.
- Outstanding project management and conceptualizations skills.
- Analytical thinker, able to identify potential risks and effectively troubleshoot issues.
- Expertise in strategic planning, business requirements, configuration, testing, migration, and Go-Live and hyper-care support.
- Detail-oriented with superb organizational and time management skills.
- Adept at coordinating across teams to accomplish goals and complete projects.
- Self-motivated, reliable, and resourceful with an exceptional work ethic.
Operating Systems: Windows 2000/2003/XP Professional.
SAP Basis: SAP R/3 4.6C, 4.7C, ECC 5.0, ECC 6.0. GRC AC 5.3.
Areas of Work: Enterprise Portal, BW, SCM, CRM, APO, and HR.
SAP Security: User Administration, Role Management, SOD Detection, Remediation and Mitigation R/3 Security, and HR Security.
GRC: Virsa, GRC 5.3, and GRC AC 10.x
Databases: oracle8, and sql server 2000
Senior SAP Security and GRC Consultant
- Deliver security and perform GRC implementation projects for various clients across industries.
- Execute full lifecycle of SAP security design, security re-designs, and GRC Access Control.
- Diagnose, troubleshoot, and resolve security issues on a daily basis.
- Address audit requests and coordinate with process owners to handle SOD concerns.
- Assist professional system integrators with all phases of implementation and serve as the security functional consultant for clients.
- Gather and utilize end-user business requirements for security authorization purposes.
- Review proposed security roles and recommend best practices for risk mitigation.
- Design custom roles (derived, composite, and master) based on approved requirements.
- Employ Automatic Profile Generator to create, maintain, upload, and download roles.
- Conduct functional testing and integration testing before deploying roles to UAT.
- Migrate all approved and validated roles to appropriate clients using transport.
- Track changes and defects via the remedy/magic/third-party management tool.
- Perform user provisioning and post-production security support as needed.
- Transfer change request from the development environment to testing/QA environments.
- Maintain user accounts by copying, renaming, altering passwords, and unlocking/locking.
- Offer end-user and transition training to client security teams.
- Collect and verify data using tables, such as AGR*.
- In corporate custom t-codes into function groupings and associated permissions.
- Coordinate with business analysts, process owners, and internal audit team to handle security role violations.
- Eliminate segregation of duties conflicts via GRC Access Risk Analysis.
- Leverage ARA for risk analysis and reports for remediating roles with the business team.
- Provide clients with key project deliverables after finalization of key implementation phases.
Senior Associates SAP Security
- Handled daily security administration tasks, such as user and authorization activities and resolution of security-related issues.
- Fulfilled internal/external audit requests and maintained security deliverables.
- Developed, implemented, and oversaw the execution of SAP Security design and GRC Access Control projects.
- Assisted with multiple full lifecycle implementations, including pre- and post-installation validation processes and hyper-care support.
- Collaborated with application development team members to implement Custom SAP Security Role and authorization objects.
- Created, modified, and deleted both users and roles.
- Maintained derived roles, single roles, and composite roles in SAP R/3 systems.
- Performed troubleshooting for roles and carefully document security issues, gaps, and actions.
- Delivered Security Design directions, strategies, and implementation capabilities to process owners and users for long-term maintenance.
- Partnered with IT teams to develop solutions for security Information Security Framework.
- Offered authentication and authorization solutions for security and business problems.
- Completed periodic reviews and revised application security roles to fit changing business needs.
- Interpreted business requirements data, mapped state business processes to the relevant GRC Access Control, and created plans to fix functional gaps.
- Researched past data and delivered presentations on how clients are leveraging GRC application to improve business performance.
- Calibrated the GRC application to meet the unique project and client needs.
- Provided advice for SOD violations, identified advance mitigating control, and CUP when appropriate.
- Supported testing and resolution of SAP security items related to audit findings.