SUMMARY:

• SAP consultant with Security technical design, development, testing, implementation, support, and documentation expertise in an SAP environment including GRC 10.1, ECC6, HR/HCM, SRM, CRM, BPC,EAM, HANA,BOBJ, IDM 7.3,SCM,APO,ARIS and BW..
• Communicate effectively with professionals in both group and one - to-one situations.
• Analyze problems and requests and expertise in implementing software packages and hardware configuration.
• Exceptional trainer and motivator also communicate well with other; within and across teams.
• Managing business workshops for requirement gathering and conversion of business requirements into technical design/matrix and documentation.
• DOD Secret Security Clearance
• Security+ SY0-501

PROFESSIONAL EXPERIENCE:

Confidential, Hoboken NJ

Lead SAP SECURITY/GRC

• GRC 10.1, Access Controls, the different components utilized were SAP GRC Emergency Access Management - EAM (Fire Fighter), Access Risk Analysis and Access Request Management ARM (Access Enforcer).
• GRC 10..1 Access Risk Analysis: Maintained Rulesets - Global and Critical; Maintained and corrected existing custom functions and risks to provide correct rule results; maintained mitigating controls, risks and owners for the same.
• Created firefighter users in GRC system and assigned proper authorizations.
• Supported GRC 10.1 implementation.
• Communications with business and scheduled meetings for training purposes and understand their issues and provided appropriate solutions.
• Created new derived roles based on company codes, plants and cost centers.
• Analyzed business roles and mapped them to transaction codes according to business processes.
• Worked with Security Manager to bring awareness to their security team, how to simulate user provisioning in order to prevent reintroduction of SOD issues.
• Conduct knowledge transfer and training for security team on the SOX SOD Remediation process.

Confidential, Mechanicburg PA

Lead SAP SECURITY

• Maintained custom transaction codes to secure access for tables.
• Tracked missing authorizations for user access problems and inserted missing authorizations.
• Suggested authorization objects for newly created custom transaction codes based on functionality.
• Created new derived roles based on company codes, plants and cost centers.
• Analyzed business roles and mapped them to transaction codes according to business processes.
• Worked with the Internal Audit teams closely for Continuous Improvement of Security, Authorization & Controls/Compliance areas to apply the best recommended practices involved assist the client in building processes & procedures for managing users & roles as per Sox compliance.
• GRC 10.1, Access Controls, the different components utilized were SAP GRC Emergency Access Management - EAM (Fire Fighter), Access Risk Analysis and Access Request Management ARM (Access Enforcer).
• GRC 10..1 Access Risk Analysis: Maintained Rulesets - Global and Critical; Maintained and corrected existing custom functions and risks to provide correct rule results; maintained mitigating controls, risks and owners for the same.
• Created firefighter users in GRC system and assigned proper authorizations.
• Supported GRC 10.1 implementation.
• Communications with business and scheduled meetings for training purposes and understand their issues and provided appropriate solutions
• Designed, developed and administered user roles, profiles and authorizations.

Confidential, PA

Lead SAP SECURITY

• Worked with business analyst to clean up Roles from Segregation of Duties (SoD) conflicts using RAR.
• Performed User Level & Role Level Risk Analysis for SoD conflicts using offline and online analysis.
• Created various background jobs to generate different reports in Risk Analysis and Remediation.
• Experienced with SPM administration, which includes assign FF IDs to ID Owners & Controllers, maintain configuration table, Reason Codes and critical transaction codes.
• Troubleshoot authorization related problems, analyzed system traces and user buffers.
• Work with GRC10, ECC6, SRM, CRM, BPC,HANA, BOBJ, IDM 7.3 and BW
• Managing business workshops for requirement gathering and conversion of business requirements into technical design/matrix and documentation.

Confidential, Houston TX

Lead SAP SECURITY

• Configured security roles for several modules in SAP. Used Profile Generator to maintain roles, generate and assign authorization profiles.
• Designed, developed and administered user roles, profiles and authorizations.
• Re-designed security roles across different modules to meet clients changing landscape.
• Monitored System audit activities and ran audit reports for the client’s internal audit team.
• Created custom roles, t-codes, custom objects, custom object classes and implemented table and program security and global maintenance of authorization checks. SAP environment Production support ECC 6.0 -Structural HR, EAM,BO,BW, BI.7, CRM,IDM,ARIS and SCM.
• Troubleshoot and resolved user access problems as a part of the production support team. Interacted with external audit teams to solve inconsistencies and user violations in the system.
• Technical design, development, testing, implementation, support, and documentation of Security roles and objects within an ECC 6.0 SAP environment Production support ECC 6.0 - Structural HR, BW, BI.7, CRM, IDM 7.1,EAM,ARISand BPC and Insurance module (DSP), SRM, and SCM.

Confidential, Cherry Hill N.J

SAP GRC/SAP SECURITY

• Worked with functional and business teams to develop and maintain roles and profiles.
• Worked on SAP check Indicators and default field values.
• Maintained custom transaction codes to secure access for tables.
• Tracked missing authorizations for user access problems and inserted missing authorizations.
• Suggested authorization objects for newly created custom transaction codes based on functionality.
• Created new derived roles based on company codes, plants and cost centers.
• Analyzed business roles and mapped them to transaction codes according to business processes.
• Worked with the Internal Audit teams closely for Continuous Improvement of Security, Authorization & Controls/Compliance areas to apply the best recommended practices involved in configuration of Central User Administration across the landscape and defined field attributes for user maintenance and transferred users from child to central systems.
• Assist the client in building processes & procedures for managing users & roles as per Sox compliance.
• Worked with business analyst to clean up Roles from Segregation of Duties (SoD) conflicts using RAR.
• Performed User Level & Role Level Risk Analysis for SoD conflicts using offline and online analysis.
• Created various background jobs to generate different reports in Risk Analysis and

Confidential, Piscataway N.J

SAP SECURITY Architect

• Configured security roles for several modules in SAP. Used Profile Generator to maintain roles, generate and assign authorization profiles.
• Designed, developed and administered user roles, profiles and authorizations.
• Re-designed security roles across different modules to meet clients changing landscape.
• Monitored System audit activities and ran audit reports for the client’s internal audit team.
• Created custom roles, t-codes, custom objects, custom object classes and implemented table and program security and global maintenance of authorization checks. SAP environment Production support ECC 6.0 -Structural HR, BO,BW, BI.7, CRM,IDM and BPC
• Troubleshoot and resolved user access problems as a part of the production support team. Interacted with external audit teams to solve inconsistencies and user violations in the system.

Confidential

SAP SECURITY

• Managing business workshops for requirement gathering and conversion of business requirements into technical design/matrix and documentation.
• Technical design, development, testing, implementation, support, and documentation of Security roles and objects within an ECC 6.0 SAP environment Production support ECC 6.0 - Structural HR, BW, BI.7, CRM, IDM 7.1and BPC and Insurance module (DSP), SRM, CCM and IDM7.3.
• Analyzed systems for Sarbanes Oxley compliance, identified all potential Segregation of Duties issues and create a plan for compliance and execution of a project to mitigate all issues.
• Created GRC reports and tables for SOX/SOD analysis and user provisioning.
• Worked with Security Manager to bring awareness to their security team, how to simulate user provisioning in order to prevent reintroduction of SOD issues.
• Conduct knowledge transfer and training for security team on the SOX SOD Remediation process.
• Assist the Security Team in fixing upgrade issues in the various modules due to new authorizations causing failures during testing.