PROFESSIONAL SUMMARY:

• I am an information technology professional with over 25 years’ experience including 15 years consulting Company facing and 12 years SAP Security.
• SAP environments are ABAP, Portal and Java; ECC modules (FI, CO, IDM, HR, SD, MM, PP, PM, QM, WM etc). Business Suites experience is CRM, SEM, SCM, APO, BW/BI, GRC/Business Objects XI/PI.
• SAP techno experience includes infrastructure, solution architecture and interfaces, plug - ins/add-ons.
• Broad experience in various industries is Aerospace, Utility, Retail, Manufacturing, Logistics, Department of Defense, Insurance, Software Vendor, Financial, Consulting, Electronics Entertainment, etc.
• Skills project management, solution architect, development, implementation upgrade, support, and customizing.
• Proven ability to grasp system needs, evaluate priorities and apply technologies to deliver integrated solutions and in interfacing with diverse users on all levels, across functional lines. Background includes leadership, interpersonal, strategic and analytical skills.
• I am very creative with the ability for problem solving and satisfying client needs.

TECHNICAL EXPERIENCE:

Manager, Specialized Services (consultant)

Confidential, Dallas, TX

Responsibilities:

• Worked closely with the Business Analysts to design and maintain security roles to ensure that systems across the entire landscape are SOX compliant and designed solutions for SAP ECC, HCM, Portal, BI, SRM, SCM, BW/BI systems.
• Duties included design, administration and maintenance of GRC Tools including Risk Analysis and Emergence Access.
• Led team member for the architecture of SAP security for multiple Integration projects, Rollouts, Role Redesign and Upgrade projects protecting sensitive business information by securing custom programs, tables and ensuring that security roles are designed, developed and transported in accordance with the company regulations and processes.
• Conducted periodic security reviews of the SAP systems, ensure application of relevant security access participating in audit and compliance activities working within project plans while fostering relationships with other cross-functional teams within the organization.

GRC 10 Project Lead (consultant)

Confidential, Miami, FL

Responsibilities:

• Review post SAP Security implementation, roles, profiles and auth objects.
• Review and evaluate client’s SAP 5.3 installation and recommend how to improve the process and configuration.

GRC 10 Project Manager (consultant)

Confidential

Responsibilities:

• Manage completion of role design and development deliverables, including consultation with functional and business partners
• Establish and maintain repeatable standards for Access Controls within SAP landscapes and integration with NW IDM.
• Understand, communicate and translate authorization concepts to business process owners Conduct risk assessment for new project implementations
• Collect customer security requirements for managing and controlling authorizations to data and ensuring that security work is consistent with other systems strategies
• Work with functional role owners in determining segregation of duty violations
• Mentor and coach SAP role build/support team

GRC Infrastructure Project Manager

Confidential, Palo Alto, CA

Responsibilities:

• Collaborated with consultants, Unix engineering and project management other colleagues, in order to successfully to build GRC10 infrastructure and architect and deliver large GRC10 and NW IDM application implementations.
• Managed and participated in Company statement of work (SOW) initiatives, which required the involvement of the appropriate, plan and schedule, resources, and delivery of the SOW.
• Provided required Company solution and liaison between the Company, partners, delivery resources and project management. Have strong Company engagement experience, which requires the ability to partake in scope of work determination, product pricing and RFP/RFI responses.
• Worked closely with system integrator partners to leverage available infrastructure and assisted with creation and delivery of joint products and services.
• Provided technical support and expertise in analyzing Company requirements, in conjunction with the Company's current network, applications and capabilities, ensuring the solutions will accomplish the Company's objectives.

SAP Security GRC Consultant

Confidential, Winston-Salem, NC

Responsibilities:

• Led the security team defined the project objectives ensuring that project engagement deliverables meet contract and work plan.
• Redesigned technical security infrastructure and redefined specifications as per business requirements.
• Planned and executed the upgrade project then gathered and defines business requirements, design, and configured security of SAP upgrade lifecycle.
• Redesigned security infrastructure for various modules: BW/BI, FI, CO, HCM, SD, MM, XI/PI, Java, NW IDM, UME and Bolt-on applications.
• Developed and configured GRC Access Control Tool to avoid SOD Conflicts to comply with Sarbanes-Oxley (SOX) regulation.
• Realigned GRC Access Control and application security in order to have the most impact on critical business activities.

SAP Security GRC Consultant

Confidential, Detroit, MI

Responsibilities:

• Configured Governance, Risk, and Compliance (GRC) Risk Analysis and Remediation (RAR) - Integrated the GRC solution in NetWeaver JAVA/ABAP landscapes working with VIRSA Compliance tools.
• Defined custom rules to fit company requirements and solutions. Reviewed segregation of duties (SoD) and user access to sensitive data.

SAP Security Administrator/GRC (consultant)

Confidential, Dubuque, IA

Responsibilities:

• Responsible for implementing, monitoring, and enforcing all security policies, standards, and procedures necessary to ensure the confidentiality, integrity, and availability of information maintained on one or more computer/network/applications platforms and to protect that information from intentional or inadvertent access or destruction.
• User provisioning experience, including LDAP, UME, and ABAP back-end integrated solutions (including Tivoli products and NW IdM).
• Maintained assignments of authorization objects with security roles, profiles and objects including ABAP, portal and java.
• Provided support for internal audits SAP information (table data etc.)
• Integrated 3rd party bolt-on products Cognos, Sabrix, Confidential WebSphere, etc. within the security solution strategy.

SAP Security GRC Consultant

Confidential, Fort Worth, TX

Responsibilities:

• Defined new security roles to support the implementation of the upgrade project from 4.7 to ECC6.
• Migrated from BW3.5 to BI7.0 and designed new security roles for 7.0.
• Configured, executed, and documented SAP change control functions for production batch jobs.
• Maintained and provide production security support to R/3 including XI/PI,MM, PP, PM, PS, QM, SD, BI and SCM
• Help system Integrator with BI security Strategy
• User Provisioning with GRC Compliant User Provisioning
• Provided guidance regarding remediation, risks assessment and design of internal controls to ensure compliance to SOX. Document the risk analysis and established security policy, processes and implementation strategy.
• Used SAP VIRSA/GRC Compliance Calibrator 4.0 and 5.2 tools for effectively managing segregation of duties for users and roles. Also maintained role matrix (GLOBAL and MATRIX1), conflicting transactions and critical authorizations.
• Provided analysis and reports for Sarbanes-Oxley compliance to the internal audit department and business unit managers
• Analyzed of SOD business and compliance requirements and redesigned to new upgraded SAP Security.
• Advice on the user Provisioning process and best practices
• Actively involved in discussions with System Integrator for implementing GRC Fire Fighter and Access enforcer
• Provide management oversight for the Mitigation controls
• Helped design user provisioning process for release 1.2
• SAP ECC 6.0 and BI Security
• Configured SAP security system to effectively support business processes and job functional requirements to support the upgrade from R3 4.6 to ECC 6.0.
• Developed the global security plan defining security strategy in design, development implementation and support; created template for the global rollout for the creation and maintenance of security accesses, permissions and controls by job role requirements
• Designed and performed fully integrated tests of delivered solutions; investigated, diagnosed and analyzed issues and recommend solutions managed and tracked project schedule
• Analyzed internal controls relative to structure and business processes; identified gaps or opportunities for improvement; and recommended solutions then constructed and tested of configured controls.
• Reviewed security design and provided guidance on segregation of duties, sensitive transactions and authorization objects access.
• Refined the security policy, standards and procedures (user documentation) and conducted for management and business process owners.
• Provided Production security support for all SAP instances. GRC Compliant User Provisioning
• GRC Compliant User Provisioning
• Conducted Top-down IT Governance consulting.
• Used Virsa Compliance Calibrator 4.0 tool to administer Segregation of duties for users and roles.
• Led the GRC development, including planning, design and implementing strategy.
• Collaborated with SAP Business Process Owners to ensure that business process meets the business security needs. Analysis of SOD business and compliance requirements and redesigned to new upgraded SAP Security.

SAP Security GRC Consultant

Confidential, San Antinio, TX

Responsibilities:

• Led the SAP security upgrade from 4.6 to ECC6 for the basis modules. Worked on the upgrade of the BW3.5 to BI7.0.
• Maintained and Production support for all SAP instances (R/3, BW, CRM, APO, SCM, EBP, XI and Solution Manager
• Planned and executed the plan through testing and implementing all the changes from the upgrade.
• Customized the authorization objects for the maintaining the product master data in SAP catalog content management.
• Aided in system upgrades from R/3 4.5b to 4.6c/d.
• Performed technical troubleshooting and documented process steps and best practices.
• Supported efforts for data migration, server consolidation, and networking.
• Help Identify the sensitive t-codes
• Actively involved in setting procedures for securing ABAP/4 programs and custom table with Authorization Groups, transactions and authority check statement.
• Involved in Designing Strategy for Implementing Central User Administration
• SAP Basis
• Create and manage the scheduling of batch jobs
• Importing transports to clients in SAP Landscape (DEV, QAS, and PROD & TRNG).
• Applying corrections & SAP Notes
• Spool Administration (SPAD/SP01):
• ISU/CCS Security
• Worked with business owners for the preparation of functional specifications, testing and creating and executing test scenarios.
• Assist with bug fixing within SAP ISU-CRM.
• Design security roles and provided guidance to train end users.
• GRC Compliant User Provisioning
• Implemented SAP GRC Access Control (previously Virsa Firefighter and Compliance Calibrator) and extensively involved in developing process for change control and Defect resolution process.
• Involved in role maintenance in compliance with SOD and worked the Role owner, Process owners and SOD approvers.

SAP Security GRC Consultant

Confidential, Jackson, MI

Responsibilities:

• Maintained and provide production security support to R/3 including MM, PP, PM, PS, QM, SD IM/WM, BI and SCM,
• Troubleshoot and resolve existing roles
• Provide support and maintenance in user administration for the project and assist with day-to-day maintenance for the business users
• Monitor requests for access to ensure solutions are performed in a timely manner.
• Performed technical troubleshooting and documented process steps and best practices.
• SAP GRC - Process Control 2.0
• Performed Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls.
• Worked with client to come up with process Risk, Rules, deficiency Exception Case and Control Category.
• Configured the Organizational structure and hierarchy
• Administrated key process such as rule testing, Master data testing and configuration
• Trained users in User Interface such as filtering item, modifying and uploading documentation
• Emergency Access- SAP GRC Emergency Access
• Involved in designing strategy for Implementing GRC Fire Fighter
• Advised on the best methodology for implementing GRC Fire Fighter
• Identified process and procedures for reviewing Fire Fighter Logs

SAP Security GRC Consultant

Confidential, San Diego, CA

Responsibilities:

• Security Team Lead, v4.7d implementation project (modules included FI/GL, MM, PS, QM, SD IM/WM, BW, CRM and EBP).Develop and access permissions.
• Defined performance metrics? Troubleshoot user access problems. Provided feedback on performance of others.
• Team Lead in the SAP Security global rollout of all international SAP projects which included locations in Canada, United Kingdom and the Netherlands.
• Developed and managed the project plan for the Pilot implementation and subsequent country rollouts.
• Converted the standard purchasing process into EBP/SRM requirements and customized new authorization objects, fields and organization levels.
• Set up the rules based security for suppliers and their employees and defined additional attributes
• SAP GRC- Virsa Access Enforcer 2.0
• Interfaced different systems to transfer users in the system
• Defined user data sources
• Configured number ranges for the system
• Configured request configuration module with request type, category, reason and priorities
• Created service level agreement based on business and company requirements
• Identified all the approvers with Email, point of contact info and application approvers
• Authentication of roles for user identify
• Workflow configuration module for email notification, approval, alternate approvers and escape route

SAP Security Consultant

Confidential, Hermosa Beach, CA

Responsibilities:

• Provided Production security support for all SAP instances (R/3, BW, CRM, APO/SCM, and developed Solution Manager Application.
• Internal SAP Security Implementation and Support Tools Development Project for HBCG.
• Provided SAP Security knowledge and best practices support to assist in the design and development of SAP Security Implementation and Support Tools to facilitate HBCG’s SAP Security implementation and support of client SAP Systems.
• Assisted in detail testing tools and documenting process procedures.

SAP Security GRC Consultant

Confidential, Culver City, CA

Responsibilities:

• Worked with client team to define, create, and support SAP Portals.
• On-going maintenance and support of phased security implementation of Asia, Europe and Latin America.
• Provided SAP Security design and best practices support for Sony’s phased rollout of SAP R/3 and BW/BI in Asia, Europe and Latin America.
• Processed defects and supported change requests in test environments as it relates to this implementation and interfaced with Functional Teams to ensure job roles were consistent across lines of business and business processes.
• Analyzed and recommend technologies to enhance current systems and support overall business goals and global client relationships.
• SAP GRC- Virsa Fire Fighter:
• Worked with Fire fighter for emergency access to functional team members
• Configured fire fighter to capture logs
• Communicated with the Security Coordinators, Line of Business (LOB) people for organizing and analyzing the security requests and documenting the details for future .

SAP Security Consultant

Confidential, Minneapolis, MN

Responsibilities:

• Developed and designed security roles for two new deployment locations from the ground up.
• Developed and tested R/3 including FICO, HR, MM, PP, PM, PS, QM, SD IM/WM, BW and SCM,
• Led development and implementation in both Chicago, IL and Minneapolis, MN and the rollout to Canada.
• Interfaced with user community to understand their security needs and worked with functional teams to define user roles and requirements.
• Coordinated security role testing and end-user role mapping activities for the two deployments.

SAP Security GRC Consultant

Confidential, Washington, DC

Responsibilities:

• Assisted in evaluating Sarbanes-Oxley tool content and processes for SAP R/3.
• Assisted in normalizing Confidential Segregation of Duties (SOD) content.
• Assisted in developing Confidential Implementation Methodologies.
• Performed various Confidential projects for Lucent Technologies, Honeywell and KLA-Tencor.

SAP Security GRC (consultant)

Confidential, St. Louis, MO

Responsibilities:

• Redesigned and retrofitted the roles for FI/CO, MM, PP, SD, IM/WM and HR in compliance with segregation of duties principles.
• Performed functional and integration testing.
• Documented and integrated security solutions into application functional and technical roles.
• Designed formal classes for client global SAP Security Administrators, global help desk staff, process, Basis, ABAP and implementation teams on SAP R/3 application security concepts.
• Integrated Business Process Controls framework into technical security design.
• SAP GRC Remediation
• Established procedures to monitor and mitigate Segregation of Duties (SOD) conflicts.
• SOX remediation testing for a major manufacturing holding company.

SAP Security Consultant

Confidential, Boston, MA

Responsibilities:

• Sarbanes Oxley project responsible for internal controls and security infrastructure.
• Maintained and provided Production security support for all SAP instances (R/3, BW, CRM, APO/SCM, HR).
• Assessed the security risks and exposures using the Risk Controls Tracking Systems tool.
• Remediated and took corrective action in following areas: SAP access controls, segregation of duties (SOD), operating systems, databases and network throughout the SAP landscape.
• Made the changes and worked with users through implementation and conversion.
• Redesigned areas as required and developed standard operating procedures as needed.