SUMMARY

• Participated in more than 40 mini SAP Projects and 8 full life cycle implementation of SAP Security projects from design phase to post implementation phase in SAP Security and Go - live support
• Able to immediately work on and provide support for any current SAP Implementation project.
• Experienced in providing many proven SAP best practices solutions for common SAP security support issues, and experience in SAP Security related task such as SOX (Sarbanes Oxley) compliance
• Experienced in providing many proven SAP best practices solutions for common SAP security support issues, GRC, SOX, Role Redesign, and other challenges
• Experience with SAP authorizations in SAP HANA, SAP Fiori and SAP Business Objects
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users
• Experience in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI
• Working experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation,
• GRC- Systems 4, 5.3, 10.0, 10.1 tools (Compliance Calibrator, Access Enforcer, Fire Fighter and Role Expert)
• Extensively used Fire Fighter in 4.0, 5.3, 10.0 and 10.1 forecasting Fire Fighter IDs, designing and assigning Fire Fighter roles and monitoring Fire Fighter logs activities. SAP implementation, VIRSA Systems VIRSAT tool, Fire Fighter, Role Expert, Access Enforcer,
• Profile Generator (PFCG), Role Creations modifications, User Administration.
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users

PROFESSIONAL EXPERIENCE

Confidential

SAP Security Administrator/LEAD

Responsibilities:

• Facilitating and leading workshops with business representatives; translating complex security concepts, functionality, and limitations in business language; and providing insight on compliance impacts of security design restrictions.
• Worked Global security design and configuration to include: Business Intelligence 7.0 (BI), BOBJ, Enterprise Worked with the business managers in refining or changing SAP CPIC roles
• Implement the security model inside the BOBJ application environments for single sign on and mapping of the user AUID and AD (Active Directory) through the Central Management Console (CMC).
• Run Sync Job - To Brings in Window AD Groups and BW Roles, Create Access Levels, Add members to group and import users from SAP and the AD
• Assist users with access problems and questions using SUIM and SU53.
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management
• Using System trace ST01 and STAUTHTRACE to record authorization checks in different sessions.
• Periodically analyze user master records and develop strategies to reduce any risks to the business from structured authorization perspective.
• Ability to conduct significant data analytics using various SAP tables to support security, transaction, and controls projects
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
• Design and build security role authorizations for SAP CRM and SRM projects
• Performing SOX audit and providing GRC support to auditors and exposure to monitoring compliance
• Effectively review security requirements, system analysis, design, development/configuration of new/modify existing Security Roles for the SAP Functional Areas: OTC, PTS,FICO, PTP, WM/IM BI and BW etc.
• Experience, building security roles and authorizations for the systems: SAP ECC, BW, SAP BOBJ, PI, ATTP, SOLMAN
• Assign user profiles and roles according to policy for levels of authorization and permissions
• Working with security team to analyze/troubleshoot GRC workflow/security issues.
• Performing segregation of duties testing (new role user mapping) on SAP application security roles /users and explaining business risks and recommended solutions.
• Configure and use the auditing, logging, and tracing tools provided by SAP
• Utilize SAP Service Marketplace (developer keys, search SAP notes, manage OSS IDs)
• Manage the full life cycle of role changes from development to testing and final move to production, and handoff to off-shore team for ongoing support
• Oversee day-to-day SAP application security responsibilities with role changes, user administrations and supporting projects
• Support various SAP projects by assisting with application security role design for various systems, including SAP ECC, SCM, CRM, GRC, BI, BW and HR systems (Standard Auths)
• Liaise with process teams, internal audit, and external audit teams. Document improvements to the process and design SAP technical solutions that prevent audit observations
• Collaborate with business process owners and process teams to configure and manage SAP profiles and roles to meet business needs

Confidential

SAP Security Architect Consultant

Responsibilities:

• Worked Global security design and configuration to include: Business Intelligence 7.0 (BI), BOBJ, Enterprise Portal (EP), ECC 6.0 (all applications), SCM 5.0, HR, and CRM 7.0
• Successfully designed and implemented new security roles using BI Analysis Authorization and Profile Generator for viewing BI 7.0 reports via portal.
• Experience supporting Business Objects
• Successful implementation of SAP R/3 Security global Re-design project, demonstrating the ability of working with business and technical professionals, interaction with senior management, and on-time performance.
• Demonstrated ability to support a phased roll-out; resolving end users and project team security issues in a live environment, while supporting on-going implementation and cut-over activities. Communicate to the process owners and SOX management any control deficiencies and provide recommendations for remediation.
• Identifying existing and potential issues and designing matters in overall system and solution Work closely with functional consultants for evaluation of requirements, defining, developing, testing the roles
• Providing expertise and guidance on SAP Roles, Configuration and perform process review Responsible to prepare SAP Security Design Documents and end user training documents Support all Cutover, and Support SAP moved to Cloud migration and Go-live activities
• Assist in Defining and implementing required policies and procedures and standards to set up and maintain a global SAP landscape
• Managed roles and privileges for SAP NetWeaver IDM across the landscape

Confidential

Senior SAP Security/GRC

Responsibilities:

• Consults on SAP GRC Access Control and Business Process Control in implementations, optimizations, and assessments
• Experience with provisioning SAP Security throughout user communities including ARM workflow development and configuration.
• Administer identity and security access globally for human and functional accounts across multiple systems and applications. This includes on-boarding/off-boarding, incident/problem management associated with access entitlements and terminations as well as Emergency & Privileged Access management.
• Created and designed a high-end identity management security solution
• Created flexible and scalable high-availability solution for work flow, provisioning, data synchronization and joining for a large number of data repositories
• Worked on a high-end identity management security solution
• Worked on event-driven SAP ERP HCM integration with SAP NetWeaver IDM
• Managed roles and privileges for SAP NetWeaver IDM across the landscape
• Assisted and trained the Functional teams in performing risk analysis using SAP GRC, remediation and mitigation processes.
• SOX SAP GRC Access control addresses the root cause of access control problems through standardized and centralized role design, testing, and maintenance
• Assisted in preparation of IT security standards / procedures to comply with control criteria that included daily monitoring and escalation of exception / closures.
• SAP Security Auditing both internal and external Auditors and Resolved SoD conflicts
• Create mitigating controls and Assign mitigating controls to users, roles that contains risk
• Configured SAP GRC 10.0 Access Control
• Developed Roles using PFCG base on specification for R/3 and BW, BI and CRM
• Work with Teams lead to Create and test roles, and to documenting the procedures
• Participated in SAP GRC upgrade from 5.3 to 10
• Create and Manage users authorization profiles and Group Authorization using PFCG
• Liaison between technical and functional teams relating to SAP Security, Segregation of duties
• SAP Security system hardening - By applying security parameters
• Worked with the Internal Audit teams closely for Continuous Improvement of Security, Authorization Controls/Compliance areas to apply the best recommended practices involved in configuration of Central User Administration across the landscape and defined field attributes for user maintenance and transferred users from child to central systems
• Worked on SU24 to maintain Check Indicators for the Transaction Codes
• Created and maintained Authorization Groups for Tables and Reports and assigned them accordingly
• Setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords
• Maintained Authorization objects using the transaction SU24
• Transported the generated roles and profiles using SAP transport management system
• Worked with security related tables such as AGR TCODES, AGR USERS and etc.
• Review and correction of sensitive authorizations such as S TABU DIS, S ADMI FCD, S DEVELOP etc