SUMMARY:

• 20 years of experience in supporting SAP Security. Strong leadership skills, as well as the ability to work with little, or no supervision, as an independent contributor and manager in multiple industries.
• In depth experience in all modules for implementations, upgrades and compliance assignments on SAP R3 from 3.0D through to ECC 6.0 releases.
• Support of Web enabled and client based applications
• HR, Workflow, Finance, Materials, Production Control and Planning, Purchasing, CRM, Sales, CUA, BW,PI, XI, Quality & Project Planning, VIRSA 5.3 (RAR) & IDM
• Extensive experience using the PFCG in all role creation and organizational assignments as well as support and updates specific to Production, Development & test environments.
• Strong ability to understand and interpret business processes to the applications in design techniques.
• The, and supervision of, offsite resources in Security protocols and processes.
• The support of compliance in SOX and ISO audit reviews.

OBJECTIVE:

To expand my current working knowledge and experience in the areas of Cross Applications, GRC, Solution Manager, BW/BI, Portal and HR Security. Continue to support efforts of compliance initiatives in Security areas within SAP environments.

WORK EXPERIENCE:

Confidential, Bristol, PA

Sap Security Manager

Responsibilities:

• Administration of CUA, BW 3.5 / BI 7.0, ECC 6.0, VIRSA 5.3
• User Administration up to 2,500 users worldwide Role administration creation and maintenance utilizing standard and custom authorization objects and transports in Support Go live efforts to multiple company acquisitions and reorganization efforts
• Project Management of Security efforts Planning & Blueprinting Scheduling and execution of required analysis and creation efforts for testing Maintaining all update efforts with coordinating development, Business analysts, Area Owners and Basis teams Compiling of all documentation evidence and approvals for go live efforts
• Support of all Post Go live efforts Support all Compliance & Internal Audit reviews and remediation efforts
• Perform all Risk level reviews for updates to VIRSA RAR with all business owners Mitigating Controls update as required for External audit support
• Maintenance of Permissions to object values within Risk reviews (RAR)
• Perform yearly License reviews to SAP Maintain custom table database for quarterly user / role owner reviews
• Review activity logs for daily operational changes Initiate and support administration efforts for SAP Messages as required.
• Utilize ticketing system for all activities and tracking Train contract and full time employees in the corporate processes and procedures of Security Administration as required.
• Established technical specification sheet to capture all role requirements for consistent information to establish or modify role structures to support business initiatives.

Confidential, Pittsburgh, PA

Sr. Security Analyst Consultant

Responsibilities:

• Worked with implementation partner and mentor Confidential employee on roles creation and user administration for new HR effort.
• Created and modify roles to support the design and business applications from inception of role design through completed approved test to production.
• Documented change processes to in corporate new role designs and business changes.
• Support documentation status and review within SMP (SOLMAN) for Security team specific approval workflows.
• Defined process for daily reviews within Security Operations support for all transports designated as ready for Production in multiple business clients to establish and maintain audit readiness and accuracy of all R3 & role repository databases.
• Identified internal and external issues to audit failures.
• Performed all audits for the 1st half of 2007 on all Security transports
• Coordinated with business owners on changes required to accommodate all accurate final document statuses in all environments.
• Designed SOP (Standard Operating Procedures) for the Transport Management function
• Coordinated in and participated on multiple SOX & redesign remediation efforts in all Healthcare, Materials Sciences and Animal health business areas in role analysis and modifications for multiple releases of R3.

Confidential, Cincinnati, OH

Sr. Security Analyst

Responsibilities:

• Support UC personnel in HR Security and documentation of Structural Authorizations.
• Supported the use of Portal and BW accesses for live MM & FI modules while integrating HR module configuration for Payroll, MSS, ESS, concurrent employment Contextual Structural authorizations utilizing custom workflow design.
• Supported all access activities across multiple clients in
• Development, QA and Production in R3 and BW for HR, FI and MM.
• Implemented Structural Profile role creation via CATT scripts.
• Defined, built and supported all new roles testing for production use within HR, Workflow, interfaces, Portal and Utility systems access roles.
• Developed job aides for supporting phased in weekly Go live initiatives in Portal, BW and R3 for HR.
• Documented all processes within Security to support Help Desk, Business Owners and Security teams.
• Input of all new users for weekly phased go live initiatives within HR ranging from, 000 users with appropriate access assignments as determined by team.
• Supported user issues during go live.

Confidential, Basking Ridge NJ

Access Control Operations Manager

Responsibilities:

• Design and implement new functional roles builds for SOX compliance by 9/30/05 Assess and hire contract staff resources
• Define “data capture” collection sheets for use by Business Process owners for role build structures.
• Establish maintainable & sustainable role models by function in all areas of Finance, Controlling, Sales Support, Purchasing, Logistics and Audit to retire “Tcode” ownership from process owners
• Identified all elements used from 3.1H for migration in future state for upgrade from 4.7 or 5.0 SAP release. Supported all modifications of existing role changes to retire risk
• Directed change activities within newly created team as well as all activities to be supported by IBM contract resources within Production Support, Maintenance Security, Transport Control teams. Represented all change needs in SOX compliance to all Confidential reviews.
• Created, maintained and executed Project Plan for all activities and documentation.
• Reduced 29k High SoD conflicts within 5 months for 1600 users
• Created and incorporated roles for newly acquired International concern from acquisition for multiple functional areas introduced after scope established for 400+ users
• Supported all users at “Go Live” for immediate access updates or changes during mitigation and final role alignment by function Incorporated new functional user groups and template models for immediate access alignments in accordance with new definitions and compliance.
• Interfaced directly with external auditors on SAP in all phases of review, planning and mitigation of new Model for quarterly reviews by Process Owners (CSI) for SAP results
• Reported statuses to Executive level management daily, weekly and monthly on all activities.

SAP Security Analyst

Confidential

Responsibilities:

• Support Security update initiatives for Sarbanes - Oxley audit compliance.
• To support all instances domestic and international for all communities within 3.1H & 4.6C releases, 620 environments
• Coordinated with users and management on all activities for role assignment or removal validation
• Interviewed populations within IT, Finance and Sales for job descriptions and responsibilities.
• Made analysis of access removal by role and t-code.
• Directed modifications to Production Support and Security Administration teams by outlining role additions/removals for compliance.
• Documented all aspects of interviews for review by users and management prior to any changes in production.
• Supporting all SOX clean up initiatives for year-end schedule.
• Currently working on BRD and ARD roles for all environments.
• Created and managed project plans and schedules for SOX, ARD & BRD.

Confidential, Morristown, NJ

Security Analyst Consultant

Responsibilities:

• Support security update initiatives for Sarbanes - Oxley in audit compliance. 4.6B, 620 environments
• Security analyst assigned to Global Security Group to update roles and users via CUA for additions and deletions of restricted accesses defined through corporate audit review for worldwide compliance in Sarbanes-Oxley standards.
• Required to make all updates and document all changes as required for SOX compliance within designated environments.
• Participated in on-going implementation initiatives in areas of BW, APO, ESS and MSS.

Confidential, Pittsburgh, PA

Security Analyst Consultant

Responsibilities:

• Worked with SAP Security Manager at site in building roles and positions through PFCG (Profile Generator) as well as CUA of users within Development & Quality test environments for Poly & Chemicals businesses.
• Worked closely with engineering departments in troubleshooting and updating on Custom CATS program transactions within HR authorization objects to be called within roles for time capture against specific Project systems throughout multiple environments and business clients for all users.
• Made recommendations for best use of the limited configuration available in the environments which are NOT HR system of record to accurately access and securely input time without sensitive data being compromised.

Confidential, Philadelphia, PA

IT Systems & Sr. Security Consultant

Responsibilities:

• Reviewed the Security structures of the existing SAP R3 environment and identified the areas of concern within the existing role definitions in the areas of HR, MM, PS, SD, PM,CATS & Payroll.
• SAP Cross Applications/ HR (4.6c) CRM/ PORTAL
• Created and modified all roles via Profile Generator. Support the active users within the live environment and the implementation of CRM and PORTALS initiatives estimated to support up to 20,000 users.
• Responsible for identifying and supporting the pre - existing scheduled go live activities of CRM applications
• Supported the new role definition and creation for CRM as well as PORTALS via the LDAP.
• Mentoring and of existing personnel in the areas of Help Desk and Security team members use of "Best Practice" in role creation and assignments to the existing user population. Interviewing and hiring of short term support staff and defining required work.
• Defined the Security accesses for the user population and the assignment for personnel in MSS in testing phase.

Confidential, Manhattan, NY

Consulting Manager, Functional Security

Responsibilities:

• Created and made organizational assignment on all roles via Profile Generator.
• Created and sustained a clear understanding worldwide for Security within SAP HR environment to primarily Non - SAP users, as well as support and enforce corporate policies and procedures.
• Utilized standardized Structural based security for PA/PD, Compensation, Employee Development and & Events
• Enhanced Central User Administration (CUA) to provide technical SAP expertise to the security work team, outlining and executing the priorities in completing the security work effort.
• Transferred technical skills identified in areas of PA/PD, Compensation, E-Development and all other aspects of user support in user maintenance and role generation through the PFCG from configuration through to Production.
• Acted as management staff resource to the PMMC project manager for the purpose of identifying concerns and resolutions as well as updating and fine tuning policy
• Coordinated testing and sign-off of security after all required security checks have been incorporated Acted as liaison internally to other departments.
• Significantly upgraded worldwide image of Security within the first 60 days by proactively building successful relationships with customers and other departments, as well as the development of a team through coaching and mentoring and by meeting or exceeding of all deliverables.
• Brought 70 countries live within 10 months.
• Designed and maintained an ongoing program of effective communication and knowledge sharing through the PMMC Website to the worldwide community.
• Changed documentation flow from paper to electronic signature approval process and website access to all forms and process flows within the first 30 days.
• Supported all CATT testing accesses worldwide prior to final role requirements for creation shortening actual positive and negative testing to all schedules.

Confidential, Falls Church/Fairview, VA

Sr. Consultant: Cross Application

Responsibilities:

• Reviewed access structures and identify issues related to what was defined as "too much WRITE access of users in the Cross Application and HR/CATS areas
• Created and modified all roles via Profile Generator
• Designed support profile structures for IS skill center personnel supporting user community for Global site use of SAP rel. 3.1I
• Designed streamlined functional profile access for 3 levels of system interaction (Development, Acceptance & Production environments
• Created and documented job descriptions.
• Defined testing procedures and coordinated all activities for complete test and sign off.
• Defined procedure for approval by the business community and authorization to provide access by activity approval and documentation.
• Documented and validated new structures for 1st audit review of GIS population as well as SAP environment.
• Defined "Profile Ownership" and completed profile structures in time for the first Skill Center / SAP audit.
• Completed 25 profile structures that were fully reviewed by audit and approved the first time they were submitted
• Developed structures that are currently being "emulated" for universal use in all environments and are being adopted in all US Confidential business unit skill centers.

Confidential, Kansas

Sr. Consultant: Cross Application & HR Security

Responsibilities:

• Created and modified all roles via Profile Generator.
• Defined report tree authorization groups for application to profiles for population.
• Identified and directed customer developers to register custom objects for technical settings of tables applicable to quality, HR, MM and Workflow.
• Defined technical settings on tables for activation in system.
• Activated tables after establishing technical settings
• Supported ABAP programmers in HR specific report definition.
• Designed and implemented security structures that allowed customers to access system data specific to the status of their products / schedules via the Internet
• Managed and trained help desk staff (3 shifts) at go live as well as standard care and maintenance of R/3 system.
• Tested and determined areas for concentrated efforts in automated purchasing aspect of MM module for final configuration
• Requested by customer to perform post sales troubleshooting to identify specific problems in the areas of HR and finance for time and travel charging through the ESS/ CATS applications as well as receiving / inspection for resolution of issues in configuration as they impacted external processes and procedures post go live.
• Supported pre - sales initiatives of corporation as well as in-house projects and initiatives.
• Mentored junior consultants in HR, MM, and Workflow and change management.
• Developed in-house security program.
• Participated in Webmaster as HR practice lead for Intranet web site.

Confidential, NJ & PA

Systems Implementation Specialist:

Responsibilities:

• Designed / configured all time charging and approval procedure profiles for full population.
• Defined technical settings for tables and custom transaction codes
• Defined and implemented functional profiles for entire employee, sub - contract and customer
• Activated all custom programs, tables and custom transaction codes via developer access registration through OSS.
• Assigned authorization groups to custom transaction codes, programs and reports
• Developed all aspects of custom reports for finance to create user / authorization groups and assign to profiles.
• Performed all testing of HR / CATS, finance, Workflow profiles for implementation.
• Defined business process flow for testing of all profiles for implementation.