ABOUT:

To ensure my 9+ Years of Experience SAP BASIS Consultant & SAP GRC Consultant provides an efficient and effective structure for ensuring the security, integrity, accuracy and availability of all the enterprise information. I've working SAP GRC Access Control 10.1 specialist and Internal Audit consultant, since September 2012. Also acted as the project progresses, supporting Internal Controls and Risk and Compliance Office team.

SUMMARY:

• Hands on Experience in GRC implementation and automation with large experience in SAP GRC Suite Solution: CUP - ARM, ARA, ERM-BRM, SPM-EAM, running on SAP EHP7/HANA with an excellent understanding of Sarbanes-Oxley Act (Section 302 and Section 404).
• Experience in understanding Segregation of Duties (SoD) and Audit Compliance Standards.
• Experience with multiple SAP security lifecycles (Analysis & Conception, Implementation, Quality Assurance & Tests and Cutover).
• Knowledge in profile-based security, BASIS module, structural authorizations, Central User Administration, Computer Aided Test Tool (ECATT/SECATT), Segregation of Duties Matrix, SAP Governance Risk and Compliance.
• Worked in all phases of full lifecycle implementation using ASAP methodology including analysis, design development, blue print phase, configuration, Cut-over phase, Testing, Training, GO-Live and Post implementation support. Or, as project demands, the new SAP ACTIVATE methodology.
• Utilized flexible security framework that can be adapted to specific customer (business partners) needs for Interaction Center CRM (Security) and Access Control Engine, User Centered Design (UCD), ACE, Business Roles, & Technical (ABAP) environments.
• Monitoring the status of Background jobs, Work Process, health checks, analyze system logs.
• Involved in upgrades (4.7 to ECC 5.0 & 4.7 to ECC 6.0, EHP7 and S/4 HANA).
• Experience working on End-to-End business process for Trade Payables, Trade Receivables, Inter-company Payables, Intercompany Receivables, Material Movements, Stock Transfer Orders, etc.
• Ability to work effectively in cross-functional team environments and experience of providing training to business users with full-tested personalized learning material.
• Superior communication skills, strong decision-making skills, organizational skills, and customer service oriented, comfortable working in a fast-paced, hands-on, growth oriented environment. Excellent analytical and functional skills.
• Proven ability to work on multiple tasks concurrently completing them with in time and budget.
• Proven ability to work effectively in a team-cooperative environment.
• Possess excellent planning and organizational skills.
• Full technical skills.
• Available for travel/move.
• Languages: English, Spanish, Portuguese and German (learning).

SAP SKILLS:

• SAP GRC 300 Certify Consultant and SAP GRC 300 Instructor
• SAP Security BASIS, GRC Access Control 10.0/10.1 (Instructor of SAP GRC 300 Academy), MSMP/BRF+
• SAP Version: SAP R/3 ECC 6.22, EHP7, S/4 HANA

EXPERIENCE:

SAP GRC Access Control specialist and SAP GRC300 academy instructor

Confidential, BELO HORIZONTE, MG

Responsibilities:

• Configured and Implemented GRC Access Control 10.1
• Design all GRC AC Workflows (Access Request, Risk Maintenance, Control Maintenance, SoD Matrix Review, Create/Remove SAP User, CA IDM process integration, CA ITSM process integration, User Access Review, SoD Review, Controls and Risk Alerts and Business Role Management)
• Specify, test and train users for SAP FIORI interface, to optimize user experience on GRC daily use
• Redesign all Business Role Process to include risk analysis and impact analysis for role maintenance process
• Implement Business Role methodology to change process of SAP Access Grant (from 10,000+ tickets/yr. to 1,200 tickets/yr.) reducing Help Desk Team job transforming access grant in a business self-service process (instead IT Service), keeping compliance and risk treatment.
• Remove "Access Request Service" from IT Catalog Services: Using FIORI Mobile App (or web browser) company users can request access on SAP Environment (ECC/SRM/SCM/BW) and managers from business areas can approve those requests, mitigate risks with controls without needing to pass through IT Team or generate tickets.
• Replace single role individual access approval process to a single Business Role approval process mapping all process and business users. With this methodology you increase workflow speed, optimize risk treatment and guarantee compliance by using pre-approved business roles for each position on the Organization Chart.
• Support Business areas and SAP Functional Team with SAP Profile and authorization (SAP Basis Profile design team)

Confidential

Sap Partner

Responsibilities:

• 25 hours training class (1 week - 5 h/day) as instructor on SAP School Partner ( Confidential )
• I have already accomplished more than 15 full training classes of SAP GRC 300 Academy as instructor in past two years, giving certification for more than 100 consultants in SAP Access Control 10.0/10.1.
• This is a partial time job (one class every 2 months) after my fulltime job (6 p.m. to 11 p.m.)

Confidential

Responsibilities:

• Upgrade to SAP GRC 10.1 EHP7
• Work Process Automation: Specialist on GRC (ARA, ARM-CUP, BRM-ERM), SAP ITSM, SCRUM, ITIL.
• Support GRC AC 10.1 (550+ tickets solved/yr., FTE 2.21 avg.) for 1200 users on SAP ECC Production Environment.
• Support Internal Control Office and Risk Manager Office, applying GRC mitigating controls to SoD risks. Automating the access grant process with GRC Workflows and keep compliance with GRC User Access Review/SoD Review Workflows.
• Using GRC BRM Methodology with risk analyses and risk treatment to optimize Single/Composite Role Maintain Process fast across IT teams to Business Area (SAP Functional Team -> Internal Controls -> Basis Profile Team -> Risk Office -> Business Area -> End User)
• Support the response to External Audit partner (PwC) as a Point of Contact and providing solid information about all process related to SAP Security and Access Granting, reducing audit time.
• Optimize GRC Workflows to grant access and to remove access asap (Access Granting Process upgrade from 2 weeks spent to 4 hours tops - with risk analysis and compliance)
• Implementation of GRC tools: Password Self-service, GRC Audit Reports, GRC dashboards and Delegation

Confidential

Responsibilities:

• Configured and Implemented GRC Access Control Suite 10.0
• GRC implementation; automation; experience with GRC RAR, CUP, and SAP CUA (Central User Administration) integration with SAP GRC.
• Excellent knowledge of SOX, Audit issues and Segregation of Duties (SoD) issues.
• Under Risk Analysis and Remediation, performed User & Role analysis to identify existing SoD violations. Risk
• Using RAR produced Analytical Reports on User, User Groups, Roles and Profiles. Analysis reports provide real-time data and Management reports retain an offline history of SoD status.
• Performed remediation and mitigation against various risks associated with roles and users. RAR has Simulation features to allow you to assess the impact of potential remediation activities on the reported conflicts prior to making the actual change.
• Experience in creating and assigning FF ID’s and extracting Fire Fighter logs. A firefighter ID is a temporary user ID that grants the user exception-based, yet regulated, access. The firefighter ID is created by a system administrator and assigned to users who need to perform tasks in emergency or extraordinary situations.
• Configuring and troubleshooting of HR triggers in CUP
• Created SAP HR Connector, HR Triggers, Field Mapping.
• Configured Workflow, actions and rules.
• Configured HR trigger provisioning and scheduled background jobs.
• Configured User Data source and defined authentication system for requestors using CUP
• Capability in using CUP to use the work flow functionality to ensure a comprehensive and compliant change management process for risk control and maintenance.
• Experience in using CUP to configure workflow for User Access Review and User SoD Review.
• Tracing the functionality after development phase and then designing the Roles/Composites, following SoD analysis and approval process to meet the timely deadlines.
• Configured and Implemented GRC Audit Management module (PLMC AUDIT)
• Configured, Implemented and Test ABAP Development Solutions.

IT Security CONSULTANT

Confidential

Responsibilities:

• Working as Electronic Engineer with Computer Servers/Router/Workstation/Network design and Infrastructure.
• Design Ethernet solution with Firewall/Proxy/Gateway

SAP BASIS CONSULTANT

Confidential

Responsibilities:

• User master Record creation/ modification using SU01, including complex design restrictions.
• Mass user creation using SU10.
• Role creation/ modification using Profile Generator (PFCG) including complex design restrictions.
• Ensured accuracy and segregation of duties through comprehensive testing of all profiles and authorizations.
• Expertise in resolving Authorization issues by analyzing Authorization Checks.
• Troubleshooting user access through authorization error analysis (SU53, SU56) and System Trace (ST01).
• Work with Functional and Network teams to troubleshoot complex access problems
• Monitor and maintain user ID through User Information System (SUIM) - created monthly audit reports.
• Worked extensively with SE01, SE09 & SE10 in managing mass transport
• Worked on audit logs using SM18, SM19 and SM20.
• Database and Server monitoring, system back up scheduling through Monitoring Transactions such as SM50, SM51, DB12, DB 13 etc.
• Monitoring & analyzing system logs, monitor background job logs, workload analysis, update troubleshooting, checking the status of work process, dump analysis (ST22) & clearing.
• Proficient in working with the tables USR*, AGR* and USH*.
• Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation (RAR) tool.
• Automated workflow for user maintenance using auto provisioning tool Compliant User Provisioning (CUP).
• Performed role maintenance using auto provisioning tool Enterprise Role Management (ERM).
• Using Superuser Privilege Management (SPM) tool provided Firefighter access required to address critical issues.
• As SAP Security Administrator I must solve the authorization issues of end users, creating roles and assign to users.
• Roles creation, deletion and modification based on requests.
• Single and mass roles transportation.
• Adding the standard and customized t-codes into the roles.
• Authorization groups creation and maintain authorization groups in the roles.
• Creating the new authorization objects and maintain as per request.
• Assign authorization objects to transactions.
• Adding the roles for existing users based on request.
• Passwords reset and lock/unlock the users.
• Increasing the validity period for users.
• Resolving the authorization issues using authorization check.
• Used system trace to troubleshoot authorization problems.