SUMMARY

• He is a highly experienced and seasoned SAP Security Architect. He has worked for powerhouse Aerospace and Defense companies that include Confidential and Textron.
• He is a troubleshooting expert; he has written documentation, as well as conducted seminars for many of his clients on detecting and resolving bogus SU53 role changes.
• 16 years of SAP Security design, implementation and administration experience
• Assurance of SAP Best Practices
• Configured CUA
• GRC, SOD, and SOX compliance expert
• Excellent cooperation and communication ability
• Team player; outstanding cooperation
• Experience in SAP R/3 releases 4.6c,4.6d, 4.7d, ECC 5.0, and ECC6.0
• Broad experience in security administration for Fiori, BOBJ, BW, PLM, VMS, XI, GTM, GTS, iMRO, SRM, SCM, CRM, TM, NG (Netweaver Gateway), Mobility (SUP) and Enterprise Portal, and GRC 10.1

PROFESSIONAL EXPERIENCE

Confidential, Los Angeles, CA

SAP Security Architect

Environment: ECC 6.0, GRC. 10.1

Responsibilities:

• Served as the sole SAP Security personnel/architect on a ECC Greenfield implementation
• Defined a blueprint for all roles, architected a role matrix, and created all roles from scratch via PFCG
• Led all blueprint and testing phases
• Blueprint, architecture, development, integration testing, UAT, and proposed go - live
• Defined strategy for all security tasks
• Outlined and drafted framework for testing strategy
• Directed strategy for all testing phases (integration testing, and user acceptance testing (UAT)
• Mentored and guided testers to ensure the security model was appropriately tested
• Supported go-live and ensured all defects were resolved
• Conducted knowledge transfer
• Access Control and EAM
• Insured all newly created roles were SOD complaint; ran risk analysis
• Bulk loaded hundreds of new roles
• Added new approvers and delegated approvers for all roles
• Reviewed EAM logs for security team

Confidential

SAP Security Architect

Environment: ECC 6.0, TM (Transportation Management; Shipping), Vistex, BW 7.3

Responsibilities:

• Served as the sole SAP Security personnel/architect on a end to end ECC redesign
• Architected security solution for all ECC functionality after working with the functional teams to understand the business requirements
• Worked with the business and functional SME’s to define a blueprint for all roles, architect a role matrix, and engineer all roles from scratch via PFCG
• Led all security tasks related to project
• Blueprint, architecture, development
• Defined strategy for all security tasks
• Conducted knowledge transfer with full-time security admin after the role blueprint and development was complete to ensure future success of testing and go-live
• Led all security tasks related to the BW Security r edesign
• Partnered with BW development team to re-map all existing queries to the correct functional area
• Architected a new role matrix for all query roles, reporting roles, and power user roles
• Redesigned all analysis authorizations to ensure security was not breached
• Re-created analysis auths via RSECADMIN
• Created test scripts
• Led all security tasks for the Vistex implementation
• Blueprinted role structure and worked with Vistex SD group to ensure SOD role compliance
• Trained full-time security admin on correctly creating roles via PFCG
• Worked with functional team to create test scripts for display/non-display functionality
• Supported go-live and ensured all defects were resolved
• Led all security tasks for the TM (Transportation Management) implementation
• Worked with TM consultants and blueprinted role structure
• Created all roles via PFCG, and unit tested roles to ensure CA POWL was only granting required access
• Customized NWBC views through the use of TM tables
• Worked with testers and troubleshot all access issues via ST01 and SAP Marketplace
• Conducted knowledge transfer for the full-time security admin

Confidential, Savannah, GA

SAP Security Architect

Environment: ECC 6.0, Gateway, GRC 10, Fiori, BW 7.3, BOBJ 4.1

Responsibilities:

• Led all security tasks related to the Fiori implementation
• Blueprinted role architecture and engineered roles after blueprint via PFCG
• Created all Netweaver Gateway RFC’s/target system RFC’s and system ID’s via SM59 and SU01
• Outlined and drafted framework for testing strategy
• Mentored and guided testers to ensure the security model was appropriately tested
• Bulk loaded all users via GRC AC
• Led all security tasks related to the BW Security r edesign
• Partnered with BW development team to re-map all existing queries to the correct functional area
• Architected a new role matrix for all query roles, reporting roles, and power user roles
• Redesigned all analysis authorizations to ensure security was not breached
• Re-created analysis auths via RSECADMIN
• Created detailed test scripts
• Outlined a new query naming convention to ensure compliance with the new BW model
• Co-Led all security tasks related to the BOBJ implementation
• Defined project plan to migrate all users from old security structure to new security structure
• Blueprinted folder structure based on complex functional inheritance and segregation requirements
• Integrated SAP and LDAP authentication within BOBJ
• Created placeholder “dummy” roles in BW and imported as BOBJ Groups
• Role Maintenance
• Imported hundreds of new roles
• Updated roles (selectability, approvers, role mapping, etc.)
• Audit
• Reviewed FF logs to ensure compliance
• Ran various reports for Approver Delegation, User Access Review, Access Requests, Provisioning Logs
• Access Risk Analysis
• Ran role and user level simulations

Confidential, Los Angeles, CA

SAP Security Architect

Environment: ECC 6.0, GTM (Global Trade Management), Solution Manager 7.1

Responsibilities:

• Served as the sole SAP Security personnel/architect on a Greenfield implementation
• Worked with the business and functional SME’s to define a blueprint for all roles, architect a role matrix, and engineer all roles from scratch via PFCG
• Worked with the functional teams to understand functional GTM requirements (for WTEW, etc) and architected security solution for all GTM functionality to ensure no backdoor access
• Led all security tasks related to project
• Blueprint, architecture, development, integration testing, UAT, and proposed go-live
• Defined strategy for all security tasks
• Directed strategy for all testing phases
• Mentored and guided testers to ensure the security model was appropriately tested
• Created all users scheduled for proposed go-live via SU01 and SECATT
• Worked with the business to ensure GRC is upheld and SOD is not breached (across all roles)
• Created policy standards
• Ensured best practice guidelines were upheld

Confidential, Folsom, CA

Sr. SAP Security Analyst

Environment: ECC 6.0, SAP SUP 2.2, (Sybase Unwired Platform; SAP Mobility), EP 7.3 (Enterprise Portal), XI 7.3 (Exchange Infrastructure), Solution Manager CHARM, Approva Biz Rights

Responsibilities:

• Led all security tasks related to Portal Upgrade (Standard internal client portal, and external facing customer portal)
• Partnered with Portal Engineering team and developers and created impact assessment
• Led realization of phased out SAP access and executed extensive cleanup
• Upheld and regulated testing compliance
• Steered and directed standardization of critical portal permission inconsistencies
• Architected and led all security for mobility within SAP Event Management (EM)
• Worked with the business and to define/build new backend ECC roles via PFCG, worked with basis to assemble and tie in mobility RFC and web service, created SUP Active Directory roles, worked with Basis to tie in workflow for new AD groups, developed user access request items within IDM tool
• Coordinated with the Mobility Architecture Team to recognize requirements
• Worked with tech lead to tie in Mobility with SAP CRM
• Led and managed all security tasks for multiple XI projects
• Gathered requirements for complex architecture developments
• Created the XI user in the R/3 and Java system, worked within integration builder, requested and downloaded certificate, provisioned key
• Conducted Approva Biz Rights and SOD training seminar for the entire security team
• Supported operation and maintenance across all systems and modules