- Leads organizations to achieving optimal performance and enhancing usability
- Confidential is a functional IT security consultant with over 8 years of SAP GRC implementation experience.
- She has worked as a consultant and in project lead roles, partnering with management, analysts, and business applications development.
- Her main specialization is SAP® GRC Access Controls end - to-end implementation across various platforms.
- She has provided segregation of duty (SoD) compliance, sensitive access monitoring, emergency access management, secure user provisioning, and SoD risk remediation.
- Confidential has cultivated broad experience in several phases of business development, management and software application implementation.
- Her in-depth understanding of business needs, technical applications, and security controls ensures compliance with quality internal controls and best practice frameworks as she bridges the gap between business and technical teams while remaining client-focused and orientated to the company’s mission.
- Data Migration Using LSMW
- Post - implementation SAP support
- Leadership & Team Collaborations
- Communication/Interpersonal Skills
- GRC Access Control v10.1 (ARA, ARM, BRM, and EAM firefighter )
- ASAP Methodology/EDI/IDOC & SDLC
- Customizations, Upgrades, & Testing
- Integrations Testing; UAT & SIT
- Projects & Program Management
- MSMP Workflow Configuration
- PCI Compliance, HIPPA, COBIT,COSO,PII
- Transport and eCATT
- Test scripts, ETL, ALM
- Strategic Planning & Organization
- Good written and verbal communication skills
- Citizen & Native English Speaker
SAP v6.0+ ECC environments | SAP R/3 4.6 and 4.7 | SAP GRC v5.X, 10.X to 12.0 |MySQL, SQL Server (2005/2008) | Sarbanes Oxley (SOX) Compliant | BRF+ |Solman|Green Light| S4/HANA| Fiori FICO, BW, CRM, HR| Microsoft Office Suite (MS Access, Excel, PowerPoint, and Word)|quickly learns key Systems (ServiceNow, Archer, SalesForce & Help Desk ticketing systems)|Microsoft Windows, Visio, Project, and Outlook
SAP Security Lead GRC Consultant
Confidential, Dallas, TX
- Conducted requirement gathering and development for GRC implementation and ERP upgrade.
- Facilitated and host effective workshops to maximize the potential of teams, as well as trained and advised end users /super users on SAP functionality; served as a GRC subject matter expert. Led remediation strategies with process owners to remove excessive access using the Principle of Least Privilege and resolved SoD violations.
- Performed SAP Security Full Implementation Cycle. Stood up GRC. Facilitated end-to-end testing activities and support, and user acceptance testing coordination and support.
- Provides continual monitoring of defects and works closely with process owners to facilitate the remediation/resolution process. Works closely with BASIS and ABAP teams to assist in system landscape design
- Configures RFC connections between systems in a landscape
- Troubleshoots security/authorization-related problems using SU53, ST01 and SUIM
- Assigns connectors transports to environments, integration scenarios authorization, provisioning, role management, and superuser privilege management
SR Risk Assurance/GRC
Confidential, Washington, DC
- Built and configured client’s SoD rules for AACG implementation.
- Validated the GRC installs, performed troubleshooting and patch level to ensure smooth operations.
- Developed security objects that meet business requirements while adhering to Principle of Least Privilege. Independently managed multiple system modifications, completing all required technical design documentation (TDD) and functional design document (FDD) needed for approval of system modifications.
- Gained exposure to ISO-27001, HIPAA Regulations, PCI Compliance, and Confidential Privacy Policies such as GDRP; adhering to global compliance standards.
- Led the business requirements gathering phase and accurately documented all data. Analyzed, developed, and presented solutions for complex pricing requirements in SAP; led pricing configurations through condition techniques, including type, table, records, access sequence, and pricing procedure.
- Executed plans. Created, designed, and executed solutions for system enhancement and produced functional designs for custom pricing in SAP; led the configuration and testing in SAP and presented solutions to PM and BPOs
- Configured and implemented GRC Access Control Suite 10.0, which included the enabling of BC Sets
- Worked as part of a remediation team and assisted in elimination of SoD conflicts via Jira ticketing system
- Developed firefight roles for production support users to access the SAP transactions that would have otherwise caused SoD violations
SAP Business Analyst
Confidential, Houston and Richardson, TX
- Built SAP Account Administration (New, Remove, Change, Lock, Disable, Terminate, Reset, etc.) using existing Procedures and intake methods (tickets, emails, and defects).
- Periodically and upon GIS request, reported on SAP user access.
- Provided user maintenance, role maintenance, authorization and Hypercare support.
- Organized client reporting requirement, translated the requirement to technical requirements/ specification documentation.
- Produced audit reports with respect to Segregation of Duties (SoD), Sensitive Access, and Sensitive Transactions.
- Analyzed requirements and presented customized solutions for high, medium and low priority SAP tickets; identified, troubleshot, diagnosed, and resolved complex issues and presented recommendations to resolve user generated errors or incidences. Instrumental in the post go-live enhancement activities for various SAP module including but not limited to BP, SD, WM, CRM.
- Led the implementation and RFGEN integration process with SAP for warehouse management teams within the plant; provided expert-level guidance and support and delivered user training / assistance
- Monitored EDI / IDOCS interfaces; traced (ST01), troubleshot and resolved user authorization errors; maintained pricing procedures; configured RFID company asset tracking; and analyzed and implemented change requests
- Gained experience in user administration 7x24 on-call production support, ensured quick turnaround for end-user requests, and provided helpdesk support for user administration
- Created and edited Master & Derive roles, User Administration and User Authorizations
- Worked with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles