We provide IT Staff Augmentation Services!

Sap Resume



  • Experienced technical and functional SAP Security Consultant specializing in SAP security
  • Global design and implementations with the next methodology: ASAP, SAP User - Centered Design (UCD), Centralized and De-Centralize Business Model, 3 Tier Approach Model, Position Based Model, Task Oriented Model, RBAC Model - IDM (SAP and none SAP Systems integrations), BW/HR Structural Authorizations Architectural Model
  • SAP security global design and implementations, security strategies and policy for:
  • SAP Portal (EP) UME, XI/PI, MDM, Global CUA build, Solution Manager, SRM,CRM 2007 (7.0, 7.1), ACE , Business Role (WEB UI), BI, BOBJ, SAP R3, Enterprise Portal, Global Trade Services, ERP, ECC, ESS/MSS, PSCD, HR, HCM, TREX, SCM, PS, APO, ERP, PLM, SCM, SAP Human Resource Management Systems (HRMS), MDM, MII, LPO, E -Sourcing, Portal (SRM, CRM, BI, MDM), GRC Access control, Process control and Risk control, Virsa, Virsa Compliance Calibrator, Virsa Firefighter, Access Enforcer, Role Expert, Risk Analysis and remediation (RAR) application, the Enterprise Role Management (ERM) application, the Super User Privilege Management (SPM) application, and the Compliant User Provisioning (CUP) application, Access Risk Analysis, Emergency Access, Business Role Management, Access Request Management
  • CRM2007, Access Control Engine (ACE), Business Roles (Web UI), Technical Roles (ABAP)
  • ACE General Parameters, Ace activation and Super Object Type set, Work Package Definition
  • Business Role (Web UI) - Creating Role Configuration Keys,Transaction Launcher, Menu Navigator, Logical Link for Transaction, Actors creation, Rules and Rights creation, ACE Design Report
  • Customer Relationship Management (CRM) includes the methodologies, strategies, software, and web-based capabilities that help an enterprise organize and manage customer relationships
  • Proposal preparation on client site with security analysis on real systems and real data
  • Proficient in use BI, BW Analysis Authorizations tools as ( RSECADMIN, RSD1, RSA1,RSRT)
  • Log changes to analysis authorizations and other authorization-related activities:RSUDOLOG, RSECVAL_CL, RSECHIE_CL, RSECUSERAUTH_CL, RSECTXT_CL, RSECTXT_CL

Professional Experience

Confidential, Florida June 2012 to July 2012
SAP Security Consultant
“Go life” and after ”Go Life” Support, BOBJ re-design,
Front End and Back End BOBJ integration

Confidential,AK February 2012 to April 2012
Principal Consultant - Sap Security
Municipality of Anchorage
Structural Authorization, Indirect Assignment, Strategy, Policy

Confidential,2010 to February 2012
Managing Consultant - Application Architect SAP Security

ESS/MSS, Portal, Eureka, ECC, HCM, ESS/MSS, XI/PI
Global HCM Project in 36 countries

Back Point 1, Back Point 2 ( 170 Countries)
ECC, HCM, SRM, CRM, EWM, WEB UI (Business role), BI, BI-BPS, Portal, ESS/MSS, XI/PI

Lead of SAP Security
Global implementation (46 Countries)
HCM, ESS/MSS, R/3, GTS, APO, BW-BPS, BI, CRM, SNC, MDM, MII, LPO, ESourcing, Portal (SRM, CRM, BI, MDM), Solution Manager, GRC, SLD, Business Process Management (BPM)

Bridgestone Development
Lead of SAP Security
Global implementation (36 Countries)

Applied Materials -Total Upgrade, Security Lead (20+ Countries)


  • Collateralized Borrowing (CB) for GM US
  • Limited Risk Leasing (LRL) - specifically Canada Leasing - for GM CA
  • Multi-Element Arrangement (ME) for GM US and GM CA

Responsibilities/Deliverable/ Achievements:

  • Sap Security Approach- high level design
  • R3 Security Strategy and Architecture
  • Portal Security Strategy
  • BI, CRM, SRM Security Strategy, HCM
  • Sap Security Integration
  • Business processes, data elements, documents and user position assignments
  • Portal, BI, CRM, R3 roles and integration
  • Testing, Cut Over and "Go life"


Responsibilities/Deliverable/ Achievements:

  • ECC 6, CRM2007, BI Cognos, Portal
  • SAP Security Strategy and Architecture
  • BI Cognos Reconciliation
  • GRC reports and BI Cognos reconciliation
  • Internet Portal and BI Cognos integrations
  • Ldap Bi Cognos Groups and Roles
  • Integration with ECC6, CRM2007

Confidential, May 2010 to September 2010
SAP Security Consultant
Sub-Contract with Canada Corp and CSI in Sap Security Field (Clearance)
Montreal, Canada
Project Description/Scope: Extended Warehouse Management (EWM)
Responsibilities/Deliverable/ Achievements:
Solution Manager, Remediation SOD (segregation of duties), Re-design roles, ERP, Approva BizRights

Confidential,2009 to April 2010
Lead SAP SECURITY Consultant

  • ECC 6, BI,CRM, Sol Man, SRM, PORTAL, Tivoli IDM
  • HCM Remediation Project
  • Roles and Infrastructure re-design
  • Migration from ECC 5 to ECC 6
  • BW 3.5 migration to BI 7.0
  • XI/PI

Responsibilities/Deliverable/ Achievements

  • Integration TIVOLI Identity Manager, UME and corporate LDAP
  • RBAC - Role Based Access Control Model development
  • Overview Role Based Access Control, Consideration of Role Based Access Control, The Role modeling challenge, Role Based Access Models Overview, Statement of the Problem
  • Access Control Principles, The Implementation and Conversion Program, Migration Plan
  • Implementing the Pilot Program, Role Based Access Control security AIX management overview,
  • RBAC in Oracle (RDMS), Role Based Access Model for SAP, Policy-Based Authorization
  • Business Processes, Business Policies, The RBAC pattern as an extension of the Authorization pattern,
  • Role-Based Access Control (RBAC) Pattern, Implementing and Modeling Roles in ITIM
  • Separation of Duty in Role Based Access Control System Pattern

Confidential, April 2007 to April 2009

Competency Areas:

  • SSO-Concepts (Certificates, SAP Logon Tickets)
  • Kerberos and Public-Key Cryptography
  • Business Continuity Planning
  • Security Management Practice
  • Security Infrastructure Architecture
  • Compliance
  • Enterprise SOA Security in SAP Systems
  • Authorization groups functional tables, custom development authorization solutions
  • Implementing and reviewing SAP Authorization Concept
  • Integrating ABAP User-Management with Organizational Management
  • Central User Storage Techniques
  • Build Framework: Security Audit tools & Change Documents (SCDO)
  • Maxware, IDM and LDAP in a company environment
  • GRC Suite: Compliance Calibraitor.5.X, Role Expert, Virsa, Fire F, Maxware
  • SAP UME administration and J2EE roles
  • Handling PFCG (check indicators, SU24, transport & upload roles)
  • Configure and implement cryptographic technologies in SAP System
  • Responsibilities/Deliverables/ Achievements:
  • Upgrade ECC 5.0 to ECC 6.0
  • Security Policy and Strategy
  • BI 7.0 Strategy and Tactics, Analysis Authorization, BI-BPS, BOBJ
  • HLD for HR - BI Dynamic Authorization Model
  • Conversion from Structural Authorization to BI analysis authorization.
  • New GL (Security), ESS, MSS
  • CUA Landscape and Presentation
  • CUA creation, review, and recommendation
  • P_ADM_SEC _70 Security Course Development (Author)
  • GRC configuration and review
  • Authorization Concept Lead Consultant (SAP Resource Management @ Field Services) New SAP development
  • Security GTS 7.1 design and implementation (Global Trade Services)
  • Analysis Authorizations (BI) creation and implementation
  • PD profiles and BI structure security and authorization design
  • Structural authorization BI analysis and BI structure conversation
  • Upgrade to SAP R/3 Enterprise Release 4.70
  • Integration Analysis: Confidential, Tivoli Identity Manager ,LDAP, SAML, SAP UME, Internet Portal, Biller Direct
  • Confidential, Tivoli Access Management Integration
  • CRM2007 security and design
  • Dynamic CRM Authorization Model, ACE and business roles set up and IMG (SPRO) configuration
  • ACE, Web UI and ABAP roles integration from complete UCD (User Centered design SAP Methodology)
  • An Architectural View of SAP\'s Analytical CRM Capability
  • CRM integration with ERP, BI
  • SAP CRM module, SAP Biller Direct, SAP Exchange Interface ("PI/XI")
  • Flexible security framework that can be adapted to specific customer (business partners) needs

Confidential,Jacksonville, FL April 2006 to April 2007
Sr. SAP HR Security Consultant Duration: 13 months

Responsibilities/Deliverables:Security based on industry standards

  • SAP framework for SAP HR Global security and authorization support and implementations.
  • Development of tailored security and controls techniques in conjunction with system implementations (i.e. ERP) and the design or re-engineering of business processes (i.e. shared services environment


  • Completed SAP Global security and authorization (HR) support for 11 Global companies
  • Completed SAP Global implementation for leading global provider of electronicsmanufacturing services (EMS) and integrated supply chain solutions

Confidential,Victoria, BC July 2005 to January 2006
Senior Security Consultant

Responsibilities/Deliverables: • ASAP methodology/User Centered Designed

  • Role definition depends on HR positions
  • Conversion from "as is" to "to be" business processes
  • Assignment of Authorization Groups to Tables (TDDATA, VD_DATA)
  • Authorization groups and tables trace from applications
  • Access Control- Authorization Groups (SM30, TBRG table)
  • Role design "ABAP and JAVA" sites for XI
  • Security Strategy for web Methods Integration Platform
  • Role design, development and assignment (PFCG, SU01)
  • Authorization Groups-Report-types programs (SA38, SE38, AUTHORITY_CHECK)
  • Document Types in design and configuration processes (T003)
  • Check indicators (SU24, SU25, SE93, and SE97)
  • Authorization checks by assigning reports to authorization classes (RSCSAUTH)
  • Tables for relationship for Tcode, Roles and users (Agr_Users, Agr_Texts, Agr_Tcodes, and TSCT)
  • Developed CUA for all systems from XI
  • Sensitive Transactions Analysis (objects level matrix)
  • Segregation of Duty matrix (objects level matrix)
  • Role design and security policy strategy

Achievements: Completed Security and authorization design for Public Sector project.

Senior SAP Security Consultant
Confidential,Ottawa, ON April 2005 to July 2005


  • Re-Design SAP security and authorization
  • Analyze current situation
  • Role selection multidimensional matrix
  • Role definition depends on HR position
  • Re-designed and re-built security roles (PFCG)


Responsibilities/Deliverables:SOX, SOD Analysis and advice

  • Assessment of the SAP control environment to identify internal control deficiencies and recommend
  • improvements
  • SAP Audit (ACE)
  • Business Processes- "As is"-Transactions -objects-authorizations field\'s Analysis, best practice and
  • recommendations
  • Sensitive Transaction Analysis (objects level matrix)
  • Segregation of Duty matrix (objects level matrix)
  • Operational Control and Computer Operations Analysis
  • Physical Security and Security Polices
  • Completed assessment of the SAP control environment to identify internal control deficiencies and
  • recommended improvements.
  • Completed SOD and SOX analysis and recommended improvements

Confidential,April 2004 to December 2004


  • SAP User - Centered Design
  • Gave guidance and control to the project and project organization
  • Flexible framework, which can be adapted to specific customer needs
  • Increase productivity by provision of templates, tools, and examples
  • Completed Business Blueprinting
  • Industry-Specific Components for Hospitals (IS-H, IS-H*MED)

Roles and security strategy design for:SAP R3

  • Customer Relationship Management (CRM) includes the methodologies, strategies, software, and web-based capabilities that help an enterprise organize and manage customer relationships.
  • Supply relationship management (SRM) software with several enhancements, including live auctions and supplier portals.
  • Advanced Planner & Optimizer (APO) provides up-to-date information about a company\'s current
  • inventory and triggers orders for more supplies when a certain quantity of customer orders have been placed and processed. Authorization of APO users has to specify in the BW system
  • Different scenarios for Single Sign-On to SAP Systems
  • Defined on high level design which method of Single Sign-On (SSO) you use with a SAP System
  • Application and Software: SAP R3 4.7, Visio, Microsoft Project Manager, BW 3.5, and Internet Portal 6.0, SRM, APO, SRM
  • Operation System: Windows XP
  • Project Development: ASAP/Value SAP, IS-H and IS-H* Med, Security and Authorization, Documentum
  • Defined quality assurance checkpoints and formats of deliverables
  • Guided customer staff in implementation tasks with clearly defined rules and responsibilities
  • Supported consultants in the various functional areas to work in a similar way within a project team
  • Detailed design phase of the project
  • Captured the detailed scope and requirements for:
  • Business processes
  • Master data
  • Organization structures, Hospitals structures
  • Development work
  • Produced a blueprint to describe how the business intends to run its business using the SAP R/3 system:
  • Established the development system:
  • Provided Team Training, Business Process Master List, Development Master List (DML)
  • Business Blueprint Document, Configuration Approach Document
  • Landscape Strategy, Rollout Strategy, Change Management Document Strategy
  • Development System Environment, BB Management Summary
  • Patient Management, Eligibility Check, Contract Management
  • Basic Data flow modeling, Data selection matrix

Confidential,Kingston, ON August 2001 to January 2004
Senior SAP Analyst/SAP Security Analyst

Responsibilities/Deliverables:ASAP/Value SAP

  • Evaluation of business processes
  • Design high-level strategy for SAP Security (Architecture)
  • SAP-Security and Authorization
  • SAP profile Generator (PFCG)
  • SAP module concept
  • SAP Hierarchy Concept
  • SAP Technical Structure and promote to Production Strategy
  • Security Control Tools
  • Organizational Management
  • Structural Authorization
  • Business conception (model) of structural authorization
  • Security upgrades using SU25 and Profile Generator (PFCG)
  • Review and correction of sensitive authorizations (s_tabu_dis, s_rfc, etc.), including creation and
  • assignment of custom authorization groups for sensitive tables
  • Evaluation and recommendation of SAP menu vs. user menus
  • Resolve issues arising from testing using system traces and dumps
  • PD and PA Switches (OOPS, OOAC)
  • Conversion of manual profiles and implementation of role based security, including IM department
  • Evaluated and used SAP standard roles as templates for custom roles
  • Review critical and sensitive authorizations, implement improvements to meet audit requirements
  • Post Go Live support to resolve all security-related issues
  • Evaluation of Central User Administration (CUA)
  • Maintenance of HR organizational structure to administer and control user access, including timedelimited access (e.g. temporary assignments to positions)
  • Basic HR configuration (e.g. create Evaluation Paths for reporting purposes)
  • Comprehensive knowledge exchange and documentation of Security and HR functions, including use of PPOMW, Expert functions (PO10, PO13, etc.)
  • Profile Generator (PFCG) and related functions
  • IS_H* prototype
  • Established detailed security upgrade plan, strategy and dual maintenance procedures
  • Created of new 4.6C authorization objects and values
  • Evaluated customized matrix of Authorization groups - tables, users - groups
  • Used of HR structural transactions (e.g. PPSC) to maintain workflow position to position assignments
  • Customized HR to allow activity group assignment in PPOMW
  • Created of HR security authorization objects for structural authorizations based on Info Type and allowed functions / activities (e.g. Help Desk staff were only allowed to display structural assignments, not change users assigned to positions, etc.)
  • Created Organizational Plan (PPOM_OLD), Personal Master Record (PA40), User I.D (SU01, SU10),
  • Info type 105(PA30), Structural Authorization Profiles (OOSP), Info type 1017 (PO10), Assigned Info type 1017 (PO13), Assigned Structural Authorization Profiles to User I.D (SE38), Setup Regular security (PFCG)
  • Cleaned up and optimized security Roles
  • Established security testing procedures and tools
  • Worked on procedures and applications of dual-maintenance of security changes
  • Worked to build strategy and implemented structural authorization
  • Built and evaluated up to 5 different IS_ H* prototypes


Master of Science in Computer Science and Electronic Engineering

Hire Now