EXPERIENCE SUMMARY:

• Having around 15 years of IT experience including 11 years of SAP S4 HANA Basis Security with strong understanding of information security practices.
• Strong technical knowledge in working for more than 10 SAP S4 HANA BASIS Security Highly diverse, business - driven technology professional with over 13+ years of Information Security, Infrastructure, Cloud and Governance related experience.
• I am a Results oriented leader with a proven track record of year-over-year success in leading and overseeing complex Information Security and Governance initiatives.
• Solid hands-on knowledge of technology, strategy, and management who has enjoyed repeated success engaging highly skilled, cross-functional teams in the areas of security, governance, risk, compliance, and acquisition.
• Strong relationships with other C-level executives and business units creating consensus on information security and governance related issues across the enterprise. Determining business need in addition to the affect that cyber security, governance, risk and compliance have above and below the line.
• Appearing for prestigious CISSP security certification.
• Certified Information Security Professional and Certified Information Security Manager.SAP GRC Implementation and Production support experience, with a good understanding of business processes.
• Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC tool.
• Worked extensively on pre-SOX audits requirements and working with Auditors to comply the system.
• Implemented trigger-based Replication from multiple ERP sources(R/3, ECC) and BODS into a single S4 HANA database appending Sourced to uniquely identify data origin, leveraging a single ABAB server as replication server.
• Led Security team on ARIBA installation and Led the GRC integration into ARIBA.
• Configured and documented RFC's between S4 HANA, replication server and ERP/BW sources.
• S4 HANA Security - Configured Standard, Technical and Restricted Users. Worked on System, Object, Analytic and Package Privileges. Knowledge in SAP Studio
• Worked on the SERVICE NOW tool for Incident management and Change management.
• Worked on implementation of I AM PORTAL for Access management, roles management and Identity management from SAP Security.
• Worked on FIORI Security Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the S4 SAP landscape.
• Worked on the Confidential Compliance Management tool and handling support activities for compliance and Risk management.
• Experience in configuring Single Sign on (SSO) in HANA using SAML
• Experience in designing and implementing SAP HR Security using position based Security and ESS and MSS Modules.
• Very good knowledge of producing and analyzing reports in SAP using SUIM, and security related tables AGR*, USR* etc.
• Experience setting up users and security on Enterprise Portal and creating users/user groups through UME for SAP NetWeaver.
• Extensive experience with resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA).
• Experience on Audit projects and working as a liaison between the security team and auditors.
• Experienced in adhering to the Change Management Process for transporting roles and tables, security objects and maintaining the change documents.

TECHNICAL SKILLS:

ERP: SAP HANA, ECC 6.0, SAP R/3 Enterprise 4.7/4.6C,BI 3.5/7.0,SCM 4.1/7.0 & EP 7.0

Modules: S4, HANA, ARIBA, FIORI Basis/ Security/FI/CO, HR/HCM, MM, SD, BW/BI & BPC

Operating Systems: Windows 2000/NT/XP/AIX 5.3

Databases: Oracle 9i/8i, SQL Server, MS Access.

Security Audit Tools: SAP GRC Access Control (10 & 5.3)

PROFESSIONAL EXPERIENCE:

Confidential, Herndon, VA

Technical Lead - SAP S4 HANA Security Architect

Responsibilities:

• Working as SAP S4 HANA Admin & Security architect and specialist for SAP S4 HANA Basis Security implementation ECC 6.0 with S4 HANA SPS9 & 11. SERVICE NOW tool and SAP GRC 10.0 upgrade projects
• Implemented trigger-based Replication from multiple ERP sources (R/3, ECC) and BODS into a single S4 HANA database appending Sourced to uniquely identify data origin, leveraging a single ABAB server as replication server.
• Configured and documented RFC's between S4 HANA, replication server and ERP/BW sources.
• Created multiple schemas for data in S4 HANA. Dropped/recreated schemas in Development, QA and Production to facilitate data reloads.
• Information Systems Security Auditor and Controls assessment, SAP AWS Enterprise Accelerator - Compliance
• Standardized Architecture for NIST on the AWS Cloud, Security Controls Matrix
• Static Code and Dynamic Code App Security - Vulnerability Management
• Vulnerability Management, Audit Compliance and Regulations
• Emerging Complex Projects - Automation, Application Security, Infrastructure Security, Cloud Security Transitions and Migrations
• Expert knowledge in FISMA and Fed RAMP, Communication from board to line level, Physical and Information Security, Governance and Risk
• Regulatory and Financial Compliance, Internal and External Relationship Management
• Technology and Corporate Policy Development with Strategic and Tactical Planning
• Service Level Agreements
• Disaster Recovery and Business Continuity Planning
• Project Management.
• Led Security team on ARIBA installation and Led the GRC integration into ARIBA.
• Worked as the SAP Security team lead for ARIBA integration with GRC 10.1
• Worked on the GRC Access Control integration with ARIBA Users
• Worked on ARIBA users created by UI and CSV import using the data load. ARIBA Users created both in Parent and Child Realms with Administrators and User admin users in the ARIBA system.
• Granted Permissions or access to perform system functions, are granted via user group assignments. Mass user creation with option for client is do the user creation with CSV import.
• Managed Users and Groups, Generates Passwords, Managed profile requests and Manage Delegations on behalf of other users in ARIBA system. Created custom group and system groups for the ARIBA system.
• Worked on ARIBA authorization management occurs within the organizational units, allowing the most direct and efficient method for managing multiple roles.
• Worked on the Authorization for each User set up by the unit Authorizer in each department. Authorizers grant users access on either a budget, org code, or commodity level, as per the ARIBA application requirements. These roles are designed to search for the closest user authorized for a particular application. These roles will only apply to their designated budget and org code.
• Creation of the FIORI Catalogs and Tiles and assigning thos to the FIORI users.
• Worked on the FIORI Security in SAP Netweaver Gateway, ODATA, Web Dispatcher and Load balancer. Experience in SAP Netweaver Gateway, ODATA, Web Dispatcher and Load balancer. Deep understanding of security structure for external and internal users.
• Worked on the implementing ‘Single Sign On’ (SSO) with SAML configurations.
• Working POC SSO configuration with Infrastructure team to set up SAML Metadata and certificates.
• SAP S4 HANA User Provisioning, Password Management, Privileged User Management, Generic Accounts, Role Maintenance, Authorizations, Audit Logging, User Data Encryption, Policies and Procedures, Audit Logging, Parameters to prevent changes in Production, Table Logging, Specification, Authorization, and Tracking of Change Requests, Approval of Change Requests, Worked on SAP S4 HANA Batch Scheduling and Processing and Backup and Problem Management. Created the users and building the roles for SAP S4 HANA database through S4 HANA Studio
• Designing of the Object privilege, Package privilege, System Privilege and Analytical Privileges.
• Assigning the privileges for particular schemas, procedures and objects for to the users according the projects. Designing authorization for different business processes and their reports.
• Mapping end to end S4 HANA security to BOBJ users in SAP system
• Managing the SAP S4 HANA transports, creation of the delivery units. Exporting and importing SAP S4 HANA models.
• Performing Task specific customization and maintain connector and connection type.
• Worked as Core team member for GRC 10.0 implementation team
• GRC Access Controls 10.0 post installation administration.
• Activation of BC sets and common workflows in GRC 10.0
• Worked on pre-configured, task-based SAP S4 HANA Design Time Roles that cover all the activities within the SAP S4 HANA Database.
• Designed individual SAP S4 HANA Roles perform only a single task in S4 HANA and contain all the privileges that can execute this task.
• Conduct unit testing and integration testing once confirmed there are no Segregation of Duty Violations inherent in any S4 HANA Design Time Roles.
• Handled Electronically Maintain the Audit Universe. Performed Risk-Based Scoping. Establish Audit and Work paper Templates. Centrally Managed Findings, Remediation, and Supporting Documents.
• Risk Analytics helps to prioritize enterprise-wide compliance issues. Compliance reports and dashboards turn information into intelligence
• Worked on the Confidential compliance Management tool for SOD compliances.
• Consolidate Risks from various silos into a Risk Register to support a universal risk taxonomy
• Centrally manage the entire policy lifecycle. Create policy structures to mirror their existing policy strategy.
• Worked on implementation of I AM PORTAL for Access management, roles management and Identity management from SAP Security.
• Worked on the implementation of SERVICE NOW tool for Incident management and Change management. Segregating roles according to their business processes and aligning them in the SERVICE NOW tools. Designed CHANGE MANAGEMENT process for the transportation of the roles.
• Designed INCIDENT MANAGEMENT for SAP Support team and configured SLA MANAGEMENT for the same.
• Worked closely with SERVICE NOW team for creation of workflows for Approval management. Designed Reports for the business as well as IT for betterments of business process.

Confidential, Richmond

Technical Lead - SAP S4 HANA Security Architect

Responsibilities:

• Worked as SAP S4 HANA BASIS & Security Architect and specialist for SAP S4 HANA Basis Security implementation ECC 6.0 SAP HR upgrade projects .
• Coordinating with Confidential IT and business teams to find the requirements of the business. Created Role Strategy Document for better understanding of the business and IT roles for ECC 6.0 and SAP HR for more than 900 roles.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Daily monitoring of all Prod and QA system, RFC connections, printers and buffers using Solman and CCMS.
• Resolve critical issues, escalating when necessary.
• Batch/scheduling resolution of 20k daily jobs managed by Control-M 6.2.
• Assist project team activate new jobs.
• Support emergency migration of batch jobs and or variants to Production.
• Administration of printer configuration for 3500 printers worldwide enforcing change process for any new request.
• On-call rotation between 57 onshore/offshore basis resources supporting over 175+ individual SIDs.
• Managed logistics of shipping export data from Production to QA sites.
• Load data onto server before initiating recovery.
• Established compatibility with third party software products by developing program for modification and integration.
• Established compatibility with third party software products by developing program for modification and integration.
• Coordinated with systems partners to finalize designs and confirm requirements.
• Managed firewall, network monitoring and server monitoring both on- and off-site.
• Configured Production SAP S4 HANA systems with high-availability by adding standby host.
• Created new databases, schemas and users per project requirements.
• Migrated SAP S4 HANA content from Development, Test to Production.
• Successfully migrated SAP S4 HANA SP9 to SP10.
• Facilitated multiple training sessions on SAP S4 HANA technology and administration to our global basis team.
• Subject matter expert on SAP S4 HANA and in-memory technology across or global, 57 member basis team.
• Mentored junior resources on Environment: BW 7.3, 7.4, SAP S4 HANA 1.X SP5/9/10, R/3 4.6c, ECC 6.0.
• Established compatibility with third party software products by developing program for modification and integration.
• Made the BI Security Roles as granular and optimum so that the Info Objects can be utilized as much as possible
• Creating Analysis Authorizations based on the business requirements.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used the roles as the medium to assign the analysis authorization objects rather than direct assignment.
• Created roles using PFCG and Analysis Authorizations using RSECADMIN.
• Used SAP best practices like setting the following Info Objects as “authorization-relevant” and using them in Analysis Authorizations 0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Resolved BI Authorization issues using RSECADMIN logs and worked with BI developers to modify the reports as per the business requirements and including the authorization variables in the reports.
• Researched and applied OSS Notes (SNOTE) to resolve hierarchy node security, and RSECAUTH / RSECADMIN performance issues.
• Maintained authorization fields (SU20) for the authorization object R PM NAME (Planning Folder) in BI.

Confidential, Philadelphia

Technical Lead - SAP Security Architect

Responsibilities:

• Discussion with client about requirements and communicating to team members for creating the SAP implementation plan.
• Technical discussions with the client and core team members about the upgrade activities and the functional. Gathering requirements of the client. Working on the specifications with different business processes.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Implementation of New SAP SAP S4 HANA BASIS & Security design for ECC 6.0 and BI 7.0 for more than 1000 roles in the SAP ECC 6.0 and BI 7.0
• Creation of new roles, authorization objects in ECC 6.0. Segregating the roles according to their business processes and functions.
• Developing new methodologies for BI 7.0 roles design. Included Analysis Authorization strategy for business reporting roles.
• Creation User maintained policy and dashboard for the User Management. Worked on the users access management for FIREFIGHTER access and their approval processes.
• Created policies for the SAP systems i.e. Password policy, User Access firefighter policy, Critical system access policy.
• Worked on (User Acceptance Testing) UAT queries from the SAP SAP HANA BASIS & Security prospective. UAT involves lot of testing scenarios to be created and resolving the queries of the client. Successfully completed UAT and approved by client.
• Designed Workflow for the approval process in the change management process and taken care for the transports of the changes done in DEV to QA and Production
• Finalizing the plan and start working on the task list for the consultants.
• Created Checklist for the SUPPORT DESK and started training Support consultants on the newly designed processes.
• Worked on implementation of APPROVA compliance Management tool.
• Setting up policies for the APPROVA compliance management.
• Worked on the APPROVA Audit Management to enable an integrated approach to governance, risk, and compliance (GRC) and allows organizations to effectively leverage from information from other areas of the organization (e.g. policy, compliance, vulnerability data) expedites the data collection and documentation process significantly. Integration capabilities
• APPROVA Compliance Management for SOX to enable organizations to automate and streamline burdensome compliance management process to save time, money, and resources associated with ongoing compliance. With APPROVA, businesses can consistently identify compliance gaps, help justify risk acceptance, prioritize remediation, and react quickly to evolving regulations and overlapping compliance standards.
• APPROVA Enterprise Risk Management to provide an integrated approach to managing a broad spectrum of risks across the enterprise. With APPROVA ERM organized to create a central repository for all risks, controls, and remediation.

Confidential

Technical Lead - SAP Security Architect

Responsibilities:

• Designed new SAP SAP HANA BASIS & Security strategy for SAP ECC 6.0 and SAP HR for more than 700 roles and solution providing for the technical and functional specifications
• Decision making for the roles strategy in the ECC as well as in the SAP HR.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require. .
• Created Role Strategy Document for the business and IT roles for ECC 6.0 and SAP HR for more than 700 roles.
• Designed composite and single roles strategy in the place of old strategies in ECC 6.0 . Designed business roles with Task Based approach for some of the operations to avoid multiple roles changes.
• Implemented a strong Security strategy with policy adherence is requisite to manage compliance, minimize risks and to setup a secure and efficient authorization concept with process efficiency and adoption which can be based on organizational structures; business processes and Role based Authorization Concept.
• Reviewed the implementation scope and user role report to determine the necessary project team to manage end-user role and authorization profile creation and design
• Produced an enterprise-wide role matrix, a document that describes authorizations, detailing roles and their assignments to transactions, reports, menu paths, and organizational levels
• Drafted a technical design document of user roles and authorizations, providing the development details for the implementation of the roles
• Implemented new strategies for SAP HR environment. Creation of new roles and structural authorizations for the business accesses.
• Designed the Reporting Strategy for the HR Business Function.
• Designed new HR Security Processes such as assigning of roles to positions, handling issues in portal.
• Created HR structural authorizations design to streamline maintenance and user access issues.
• Designed, developed, and maintained structural authorizations and standard/derived roles for position-based HR security strategy, driven by complex span-of-control requirements.
• Implemented Personnel Administration and Organizational Management (PA and OM) modules of HCM.
• Made the HR Security Roles as appropriate and optimum so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used the roles as the medium to assign the analysis authorization objects rather than direct assignment.
• Worked in all risk control processes including IT general controls, testing plans, testing execution in an integration testing environment and control remediation.
• Extensively worked on management view, risk analysis, audit reports, security reports and background jobs for analyzing the risks in role level.

Confidential

Sr. consultant - SAP Security Architect

Responsibilities:

• Defining documentation standards, the global delivery team can deliver the process/strategy for changing/enhancing the authorization concept and following user management tasks. The team can do these using predefined templates, such as the following:
• User creation
• Role assignment
• Granting/revoking of authorizations
• Role enhancements
• Completely designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW environments. Designed security solution for FI (AR, AP, SD, FA), CO, FM, MM, QM, PM, PS, HR (Time Entry, Travel) modules.
• Designed process for OSS ID’S, Providing Developer Key’s, Providing Authorizations to OSS ID’S and Object Registration on the SAP MARKET PLACE.
• Newly designed BI Security Roles as competitive and effective so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used SAP best practices like setting the following Info Objects as “authorization-relevant” and using them in Analysis Authorizations 0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Maintaining the Users and Authorizations in SAP XI systems.
• Maintained Assignment of Authorization Objects (SU24).
• Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) to protect access to programs and tables.

Confidential, Philadelphia

Sr. consultant - SAP Security Architect

Responsibilities:

• Worked on the SAP ECC 6.0 EHP2, SAP BI 7.0 and SAP GRC 5.3 implementation project. (2 Implementations)
• Creation of the new roles design document for more than 500 roles in the SAP ECC and SAP BI systems.
• Designed the ECC and BI roles and new strategies for different business processes.
• Newly designed BI Security Roles as competitive and effective so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Worked on implementation of GRC 5.3 compliance Management tool.
• Setting up policies for the GRC 5.3 compliance management.
• Worked on the GRC 5.3 Audit Management to enable an integrated approach to governance, risk, and compliance (GRC) and allows organizations to effectively leverage from information from other areas of the organization (e.g. policy, compliance, vulnerability data) expedites the data collection and documentation process significantly. Integration capabilities with other enterprise systems (e.g. HR systems, active directory, financial systems) help to shorten the audit cycle dramatically.
• GRC 5.3 Compliance Management for SOX to enable organizations to automate and streamline burdensome compliance management process to save time, money, and resources associated with ongoing compliance. With GRC 5.3, businesses can consistently identify compliance gaps, help justify risk acceptance, prioritize remediation, and react quickly to evolving regulations and overlapping compliance standards.
• GRC 5.3 Enterprise Risk Management to provide an integrated approach to managing a broad spectrum of risks across the enterprise. With GRC 5.3 ERM organized to create a central repository for all risks, controls, and remediation activities across the enterprise wide. Organizations are able to establish common risk taxonomy, allowing them to aggregate, normalize, and centralize risk across Operations, IT, Legal, Human Resources, and other business units for a truly consolidated view of enterprise risk.
• Risk Analytics helps to prioritize enterprise-wide compliance issues. Compliance reports and dashboards turn information into intelligence, allowing you to take action before a compliance breach occurs