Sap Basis Security & Grc Consultant Resume
3.00/5 (Submit Your Rating)
Southfield, MI
SUMMARY
- Over 20 years of IT experience including management of resources, off - shore software applications development, project management, system architecture, data architecture and data modeling, vendor management, business area analysis, business Confidential design, information engineering, Confidential development, programming, standards, quality assurance testing, user training and database administration.
- Accountable for adhering to corporate architecture standards, ensuring technology standards and best practices are maintained across teh organization and contributing to corporate architecture strategy-setting
- 8 years of SAP Domain Experience and currently associated wif Airhub as SAP Security & GRC Consultant including S/4 HANA & Fiori presentation layer security
- 2 years of SAP BW/BI/BO/HANA experience, which includes Data-Modeling, Data Extraction, Data Loading, Scheduling, Monitoring, Reporting and Performance Tuning.
- Experience in SAP ECC 6.0 and GRC 10.1 Security Implementation and Support activities
- Good understating of SOD / SOX / Security Assessment / SAP Authorization / Roles.
- Experience in GRC 10.0/10.1/12.0 EAM, ARM, ARA Process flow for granting emergency access, User maintenance & Audit reports.
- Expert in creating SAP HANA Modeling (Attribute views, Analytical Views, Calculation Views), Provisioning (Using Data services, SLT and Flat file loading)
- Ability to analyse and resolve problems related to access and user administration in SAP
- Ability to administer and maintain security roles and profiles in an SAP environment
- Experiencein BASIS administration activities like System Installation, System copy, database upgrade, Client copy, Parameter changes, STMS configuration, etc.
- Strong communication skills, both written and oral.
PROFESSIONAL EXPERIENCE
Confidential
SAP Basis Security & GRC Consultant
Responsibilities:
- Serve as teh SAP Basis Security subject matter expert
- Project Preparation, Blue Prints, Realization, Testing, Go-Live.
- Redesigning Current Landscape Security Architecture for various SAP Applications
- Defining SOX Controls in SAP Global Risk and Compliance Application, Implement Security notes, upgrades, legal/compliance patches, deployments and enhancements.
- Working wif business and project teams to troubleshoot issues wif security objects to identify and implement appropriate solutions.
- Designs Business Roles, Analysing teh Risks involved, and placing Controls.
- Identifying teh risks in Business process & providing remediation & Mitigations solutions & customized solutions to automate teh business process.
- SAP Security Administration Responsibilities in Implementation & Support, Translate complex technical information across all levels of teh organization.
- Prepare project plan, activity list and milestones. Build functional and technical specs, test scripts, test plan, cutover and go-live plan.
- Translate functional specifications into a technical design for SAP Security.
- Designing and building security roles and authorizations & Identify Risks and compliance issues by running segregation of duties checks.
- Designs and implements workflows for business Scenarios like Access request Management, Emergency Access Management, and Business Role Management
- Configure Business Rule Frame work (BRF+) and Multi Stage Multi Path (MSMP) changes wif new Path, Stage, Agents, Notification Variable template addition, mapping rule routing wif result value.
- Configured & deployed Workflows for new business process.
- Works on periodic reviews like UAR reviews, Critical permissions, Segregation of Duties, Firefighter Log Reviews.
- Defines Role owners, approvers, User access approvers, Risk Owners, Mitigation monitors and approvers.
- Experience in handling Implementations, Production support, Role Redesign & Upgrade Projects
- Supporting teh GRC 10.1/12.0 Components EAM, ARA, BRM and ARM.
- Creating Function ids, Risks IDs against rule set and generating Rule IDs against Risk ID.
- Performing simulation at user and role level for noing teh upcoming Risks.
- Running Risk Analysis at User and Role Level If any risks found teh same TEMPhas to be remediate/mitigate.
- Generating SOD reports at Critical Permission level (critical Basis auth objects access)
- Performing Background Jobs (Authorization Synch, Repository Object Synch, Action usage synch, Role Usage Synch, FF Log Synch & FF workflow Synch).
- Creating GRC User ID, for Mitigation Approvers, Monitors, FF ID Owners, Controllers and Role owners and risk owners and assigning teh required roles in teh GRC system
- Assigning Mitigation Approvers and Monitors, FF ID Owners, FF ID Controllers and Role Owners and Risks owners in Access Control Owners.
- Maintaining Mitigation Approvers and Monitors in organizations based on business process.
- Creating Mitigation Control ID against Risk ID and Maintaining Mitigation Approver and Monitor.
- Importing roles into GRC System from Backend System.
- Creating Access Requests for New User Account, Change User Account, Information account, Lock, unlock account and Delete account
- Approving, Rejecting or Cancelling teh Request as a GRC Admin through work inbox.
- Performing teh Admin Delegation in teh option of GRC Request Approver.
- Creating teh FF ID's in plug. Confidential and assigning teh respective role
- Assigning teh FFID owner and FFID controller to Firefighter ID.
- Assigning teh FF ID to Firefighter(end-user)
- Extracting Firefighter ID log reports like (Consolidated FF Log Report, Fighter Log Summary Report, Reason code and Activity Report Transaction log and session report)
Confidential
Chief Information Officer
Responsibilities:
- Introduced Email system to Party groups to circulate teh information among teh heads.
- Developed and introduced an online document app for sharing teh info among teh party cadre and teh president.
- Launched party’s official web site wif daily news updates, videos and online radio.
- Launched online donation system for party funding at election time.
- Introduced party related mobile content like wall papers, videos, songs and ringtones through its official website.
- Established and maintained an industry standard Type IV Datacentre for party related data management and web domains hosting.
- Developed a dedicated SMS Channel to campaign party agenda/ press releases to teh public/ media and party groups.
- Developed an intranet portal using .NET framework and SQL Server for party president in 2009 for candidate finalization, survey report analysis and election result analysis etc.
- Introduced a membership program for party cadre at constituency level across teh state.
- Introduced teh social media (FB, Twitter etc.) integration to teh party website, to look for netizens’ attention of party day to day activities.
Confidential, Southfield, MI
Sr. IT Consultant
Responsibilities:
- Additional responsibilities include guiding ETL (DataStage) architects in capturing ETL requirements by creating mapping documents between Source and Data Warehouse/ODS (Teradata/Oracle) as well as Data Warehouse and Data marts.
- Was responsible for identifying Sarbanes Oxley compliance requirements and making necessary changes to become compliant.
Confidential, Southfield, MI
Sr. Technical Consultant
Responsibilities:
- Responsible for leading teh team in converting applications MUPIT, “Mortgage Underwriting, Processing and Information Tracking System” and MOAI, “Mortgage Online At InterFirst” into one centralized Product Component System. Teh project involved extensive data modeling using Oracle Designer 2000/Erwin.
Confidential, Southfield, MI
Data Architect
Responsibilities:
- Responsible for Enterprise Logical Data Model and all Oracle application DBA activities like generating physical database out of teh repository, setting up user profiles for end users, setting up security in development as well as production databases.
- Was involved in Data Modeling, Process Modeling, Entity Relationship Diagramming, Functional Hierarchy Diagramming and Dataflow Diagramming using CASE Tools Oracle Designer. Led teh team to upgrade teh CASE repository from CASE 5.1 to Designer 1.3.2. Responsible for developing teh user interface standards for screens and reports.
Confidential, Farmington Hills, MI
Database Consultant
Responsibilities:
- Responsible for development of Fault Tracking System, which was done in Visual Basic and Oracle. Teh project involved extensive data modeling and programming in Visual Basic to develop front-end screens. Also involved in developing Report System using Crystal Reports.