SUMMARY:

• I’m a senior SAP Security specialist with experience in SAP Security for ECC ERP, SAP HCM(including SAP SuccessFactors), SAP BI, BPC, SAP NW IDM 7.1/7.0, CRM, SRM, NetWeaver Portal and SAP GRC 10.1 Access Control including three implementations, SAP Security Upgrades and multiple SAP Security Support projects. Strong experience in security architecture, strategy, design and implementation, eCATT for mass security tasks, CUA configuration and set up, SAP HCM/HR - Structural Authorizations, SAP BI 7.0/ BW 3.5 Migration and Implementation of SAP GRC Access Control 10.0, 5.3(including Access Risk Analysis (ARA), Access Request Management, Emergency Access Management (EAM/Firefighter) and Business Role Management).
• My other specialties include SAP security assessment and redesign, HCM Application Security, HR Org. Structure/Position based security design, XI, Solution Manager, CRM 7.0/2007, BI 7.0 Analysis Authorizations, BW, Portal, ESS/MSS, SRM, SSO configuration through multiple mechanisms(SNC, SAP Logon tickets & SSL/X.509 s), SOD evaluation and Audit systems implementations. I’m experienced in all phases of the project life cycle including scoping, planning, upgrading and implementing SAP Security. I've worked as SAP Security Team lead for large Beverages, financial, engineering, technology, and public sector Companies as well as consulting companies and have conducted several SAP full life-cycle implementations, has delivered superior solutions in high-pressure environments with tight timelines.
• End-to-end experience of GRC Access Control 10.0 implementation including its technical aspects, Migrating/upgrading from earlier GRC versions to version 10.0.
• Has worked as Team Lead on multiple full project life cycle projects as well as several support and upgrade projects.
• Experienced in SAP ECC, ERP, SAP Security, SAP-WAS, SAP HCM/HR & Payroll, SAP NetWeaver Portal, SAP ECC 6.0(SD/ MM, PP, WM, FI/CO, HR), 5.0 R/3, 3.1i, 4.6B, 4.6C, 4.7, CRM 2007, SRM, PI/XI, ESS, MSS, NetWeaver Identity Management(NWIM) ver 7.0, SAP GRC Access Control, Windows Server 2003 Active Directory and its Security, LDAP, SAP Basis.

TECHNICAL SKILLS:

Security Tools used: SAP GRC 10.0, 10.1, 5.3/5.2, SAP Portal User Management Engine, CUA, SAP Solution Manager (SolMan), Single Sign On.

PROFESSIONAL EXPERIENCE:

SAP Security Solution Architect

Confidential

Responsibilities:

• Implement and deploy Security to SAP systems (ECC, HCM/ HRM, BI, BPC, Portal, SCM, SRM, etc...)
• BW security development for operational reporting supporting granular multi-dimensional, drillable operational reports and charts for the bottlers. BI security development for information exploration project.
• SAP HCM Security design, development and support for Coke BIG.
• SAP SuccessFactors administration for Employee Center, Compensation etc.; securing the system using Role-Based Permissions.
• Security design and development for SAP Business Objects.
• Design and delivery of BIG major and minor releases, special projects and off-releases in accordance with defined Demand & Release Management processes
• Deployment of CokeOne+ solution to BIG Bottlers.
• Audit Remediation work
• Landscape Management, including upgrades, refreshes/builds and EWR reports
• Knowledge transfer to BIG team members and bottlers
• Provide thought leadership, solution architecture, and design for the Security Solutions
• Governance of template and local change requests
• Functional and Technical Documentation of design, processes and procedures
• Ensures the solution is in compliance with related TCCC standards
• HR Structural authorizations.
• Sarbanes Oxley and Segregation of Duties management.
• Project Management.
• Leading and coordinating across diverse teams to achieve desired outcomes.
• Use transport management system in complex environments.
• Understanding of key enabling technologies that support business processes.

SAP Security Consultant

Confidential, Greater New York City Area

Responsibilities:

• Establishing and maintaining user rights, system access and authentication within Confidential ’s SAP environment
• Oversight and administration of SOX compliance within Confidential ’s SAP environment
• Development and administration of SAP security and authorization processes and documentation
• SAP security administration and support with SAP R/3 4.6c/4.7 ECC 6.0, SAP HCM and NetWeaver Process Integration (PI).
• SAP project management.

SAP Security /GRC Administrator

Confidential, Greater New York City Area

Responsibilities:

• Administrator for global SAP implementation: End-to-End Full Life Cycle implementation including HR,FI,PS,BPC, CPM,BI et al; Production Support & Security Design and development of Security roles including derived/enabler roles based on Org Levels like company codes, profit centers, plants etc.
• Implement, configure, maintain and support the Governance Risk and Compliance (GRC) 10 suite of products.
• Contextual Structural Authorization for SAP HCM Security.
• Support SAP ECC, BI, BOBJ, SAP BPC 10.0, Solution Manager and NW Portal systems.
• Transaction Authorization, Analysis/Reporting Authorization

Sr. SAP Security/GRC Consultant

Confidential, New York, NY

Responsibilities:

• Configured Security roles for SAP ECC, SRM, SUS, BI & BOBJ, Portal and Solution Manager.
• Processes included in the implementation are: RTR, PTP, OTC and also HR (for SAP HR mini-master only).
• Configured and implemented SAP GRC Access Control 10.0 including GRC Access Risk Analysis, Emergency Access Management and Access Request Management.
• Also interacted with Compliance/Audit to insure successful audits.

Sr. SAP Security Architect

Confidential

Responsibilities:

• Global SAP ECC security design and architecture: The Company operates internationally in Europe, Asia and Australia.
• Creating security roles and users
• User authorizations and administration
• System access
• Central User Administrator
• Knowledge of security-related information, technology products and services that relate to the business needs of Confidential .
• Maintain up-to-date documentation of all SAP security configurations, policies, and procedures.
• Assist in developing and enforcing Confidential and Technology Services policies, procedures, and standards.

SAP Security Technical Expert

Confidential, Bentonville, AR

Responsibilities:

• SAP security administration, maintenance and role design.
• Set up custom organizational level authorization fields and derived role design and maintenance.
• Troubleshoot and resolve SAP security issues in a support and/or testing circumstances.
• Work with the business to understand SAP security requirements, and be able to provide technical solutions.
• Configure GRC toolset (RAR, SPM, ERM and CUP modules).
• Recommend, implement and assure compliance with policy and procedures affecting the SAP environment on a government and company level.
• Support SAP system security internal and external audits.
• Set up SAP security processes, policies, and standards (ECC and BI 7.0, PI or Portal).
• Design BI 7.0 security and the analysis authorizations.
• Configure CUA environment and support it.
• Excel and Access database manipulation for Role Manager.
• Knowledge of basic business operational models to facilitate discussions with business teams.

SAP Security Consultant

Confidential, St Louis, MO

Responsibilities:

• Role Development for SAP HR(including PA, PD, Time Management, Payroll, Benefits and WFM), FI, BI 7.1, Portal and XI/PI including table Security and custom authorization design, SAP Security architecture design. Implemented HR Structural Authorizations using the Context solution. Strong understanding of HR Master Data Elements and HR Organization Management.
• Configured and administered SAP GRC Access Control 5.3(RAR, CUP and SPM).
• Configured custom rule set for Brown Shoe in RAR, also configured CUP as per the workflow requirements of the customer including creating Entry types, stages, paths and Custom Approver Determinators(CAD).
• Designed and implemented CRM 7.0 security business roles, Extensive working knowledge on SAP CRM ACE (Access Control Engine) Security model and programming, Customer Interaction Center (CIC).
• Implemented SAP Netweaver Identity Management 7.1(IdM) across a diverse IT landscape including all SAP systems (HCM, FI, BI and Portal), GRC as well as non-SAP systems: MS AD, MS Exchange and IBM iSeries etc., Installation on various components of NW IDM: VDS, IC, Web UI etc. Set up SAP NW IDM Virtual Directory Server (VDS) to load data from SAP ECC.
• Set up NW IDM Provisioning framework using NW IDM Identity Center
• Scripting in JavaScript and VBScript for custom IDM IC passes.
• NW IDM integration with SAP GRC Access Control CUP.
• BI 7.1 Security design for End user, Power users and administrators; role and analysis authorization development. Generation of BI analysis authorizations through RSECADMIN transaction using structural authorization data extracted from data sources in the HCM ECC system for MSS and WFM users.
• Designed and developed security for BOBJ Crystal Reports and for BusinessObjects XI 3.1 integration with SAP BI. Knowledge of Business Objects Enterprise, Crystal, WebI, XCelsius, Voyager, Explorer.
• Security design for MSS/ESS, HR, Portal, WFM, HR reporting security design.
• Supported the implementation of SAP FI and HCM in a position based security environment.
• Supported Go-Live activities related to user provisioning, security role development, configuration of GRC Super-user roles and structural authorizations.
• Development of SAP Portal Security and the role design and testing of SAP Structural Authorizations related to WFM and MSS.
• Created SRM 7.0 (EBP, SUS) roles as per the business requirements:
• Table Security and Custom authorization design, HR custom Objects (custom infotypes) and ALE Model data interface design.
• Responsible for Security Configuration, testing, and overall project support up to go live.

SAP Security Architect/ Lead

Confidential, Piitsburgh, PA

Responsibilities:

• Evaluated and implemented ways to mitigate the current risk, modified existing Fire Fighter Ids, did updates/changes to IT User Roles.
• Developing security processes and procedures associated with the Fuji application landscape.Designed current IT user access and how IT users gain access to the system with SAP NetWeaver Identity Management 7.0:
• Worked on SAP Identity Management 7.0 deployment based on an SAP HCM ABAP as the identity source use case. IdM- GRC integration initiative.
• Developed IT security requirements for Identity Management specifically focused on the capturing repositories details and the provisioning framework.
• Transitioned SAP CUA to SAP NW Identity Management solution.Upgrade and Migration of SAP BW 3.5 Security to BI 7.0 Analysis authorizations:
• Conversion and activation of custom objects to analysis authorizations.
• Proficient in use BI 7.0 Analysis Authorizations creation and implementation tools: RSD1, RSECADMIN, RSEC MIGRATION.
• Involved in appropriate profile mappings, role assignments and testing through the BEx analyzer.
• PD profiles and BI structure security and authorization design.
• Structural authorization BI analysis and BI structure conversation.
• Troubleshoot client’s issues on new analysis authorizations and concepts around security.

Confidential, Pittsburgh, PA

Responsibilities:

• Worked as SAP HR and Approva Bizrights Security Specialist: Confidential Corp., a major multinational corporation has implemented SAP HCM/ HR (version 2005) at their US HQ in Pittsburgh, this job involved: Design and set up HCM Security Roles, Profiles and HR Structural Authorizations and test all security development through Integration Testing
• Parallel Testing and Go Live. Use Approva Bizrights to make this system SOX/SOD compliant. Created new Connectors and assigned mitigating controls. Coordinated the implementation and acted as SAP Security Subject Matter expert for BA's and BPO's. Performed SAP Security Administration functions -- Creating new Roles, Modifying existing Roles, User Administration using Solution Manager. Solved production authorization problems by analyzing user buffers. Supported Security around SAP HR / SCM and CRM modules. Assisted in conducting gap analysis between business requirements and SAP’s available features. Other technical tasks performed: Authorization checks by assigning reports to authorization classes (RSCSAUTH). Assignment of Authorization Groups to Tables (TDDAT).Authorization groups and tables trace from applications

Confidential, Cincinnati, OH

Responsibilities:

• Build and maintain SAP user profiles/ PD Profiles across the SAP Landscape including ESS/MSS, and provide authorization consulting support to project and business managers. Design and Implement HR Structural Security and standard security for R/3 and MSS, including contextual structural authorizations, HR Switch (AUTHSW) activation. Create and change User IDs as requested by FICO and HR business owners- Assign users to existing security profiles and activity groups. Generate transports for security to move profiles and activity groups to the proper clients. Performs security infrastructure support in Dev
• QA and production environments. Responsible for solving highly technical and complex problems across the SAP landscape as it relates to security authorizations. Recommends improvements to strategy, application usage, or process, applying knowledge of the business processes in various functional areas with overall security requirements Used ECATT and CATT to do scripting for mass changes. Preparation for ESS rollout, provide on-call Support/coverage as per the schedule. Prepare SAP SecurityDocumentation, define procedures & SAP Security policiesfor UCFlex.. Create/ refine Support roles for Basis, Security, Portal and roles for Payroll, HR and ESS.

SAP Security Administrator

Confidential

Responsibilities:

• Work with the business functional teams, supporting teams and Internal Audit to create security roles according to a designed strategy to prevent the introduction of SOX compliance violations.
• Implemented Single Sign On (SAP Logon tickets, X.509 s) with SAP ERP, BW, CRM and non SAP systems, user mapping and integrated Microsoft Active Directory Server with ePortal.
• Designed high-level strategy for SAP Security (Architecture).
• Deployed Central User Administration (CUA) on SAP ALE functionality.
• Distributed user master records, including migration of existing users
• Implemented HR PD Security using Structural Authorizations: Used knowledge of HR concepts, infotypes, transactions, Organizational Management etc. for HR Security Model, ESS, MSS and Portal Security.
• Ensure SAP Sarbanes-Oxley (SOX) compliance by configuring and using Virsa Access Controls Suite: Compliance Calibrator 4.0, Firefighter, Access Enforcer.
• SAP BW Administration: BW Security workbench- BW Info cubes, Info objects, Hierarchy, Variables, Update and transfer rules, Info Areas, Info object catalog.
• Review critical and sensitive authorizations, implement improvements to meet audit requirements, used Audit Information System.
• Implemented SAP CRM 4.0 and SAP SRM Security.
• Used Mercury TestDirector and eCATT scripting for security testing and tasks.
• Implemented MSS and ESS security using HR Contextual Structural authorizations.
• PD and PA Switches (OOPS, OOAC), Created Organizational Plan (PPOM OLD/ PPOME), Personal Master Record (PA40), User ID (SU01, SU10), Info type 105(PA30), Structural Authorization Profiles (OOSP, table T77PR), Tcode OOSB, table T77UA, Infotype 1017 (PO10/ PO13), Assigned Structural Authorization Profiles to User I.D (SE38), Custom Evaluation paths(OOAW, table T77AW), Setup Regular security (PFCG), Create Evaluation paths, Setup Indexing.

SAP Security Administrator

Confidential, Woodbury, MN

Responsibilities:

• Worked on Security administration for over 2500 SAP R3 including HR, BW, BCS, SEM and Portal users in Development, Quality, and Production instances and provided developers key and reset the passwords. Did user maintenance (User creation /deletion /lockdown /activation /Password management)
• Production support for all SAP systems (R/3 4.5, ECC 5.0 core components, BW 3.1, HR, Enterprise Portals 6).
• Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.
• Configured and implemented Central User Administration (CUA).
• Performed trouble shooting on R/3 security problems by using system traces.
• Created and maintained SAP Authorizations, User Master Records, Table authorizations, Authority checks, Activity group creation, and profiles.
• Implemented HR Structural authorizations.
• Working with the technical teams to design technical security including table, report and program interface security for the production environment.
• Documented SAP security policies and procedures for R3, as well as components like BW, BCS, SEM and Portal.
• Ran security reports for critical transactions and objects and for users who never logged on.
• Analyzed customer programs and transaction codes for authority checks.
• Coordinated the user account creation and termination policy with Human Resources and Operations.
• Worked with functional team leads to define the new transactions
• Implementation and on-going use of Virsa toolset.
• Used Virsa tools (VRAT/Compliance Calibrator 3.0, Firefighter etc.) for SOD analysis, handling SOD conflicts for users and creating and managing roles, also used in-house developed tools like SOD Matrices & SAP tools for analyzing SOD conflicts, T-code assignment to roles and roles assignments to users.
• Worked with process owners and users to complete authorization tasks and conform to SOD (Segregation of Duties) issues as well as the job role requirements.
• Assisted Sarbanes Oxley Compliance - SAP System Audit and documentation of significant Processes and controls, worked with the Security audit team.
• Work with Business specialists to help identify and understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts and participate in the mitigation of those conflicts.

SAP Basis/Security Admin

Confidential

Environment: SAP R/3 on AIX 5 / WINNT

Responsibilities:

• The landscape includes R/3(Modules: SD, MM, FICO & HR), EBP 3.5, ITS 4.6and 6.20,SAP Workplace 2.11, APO 3.0A, BW 3.0B, KW 5.2, SAP Solution Manager 2.1 and Oracle.
• Batch job Related: Setup, schedule and monitor batch jobs and interfaces, Analyze and create Batch job Triggers, Analyze the Batch jobs spills in production window, Investigation on Background Job Amends, Analyze and schedule jobs for Interface updates, Background Job Processing and Monitoring.
• Patching/spam and Setup ALE/RFC
• Goal of providing excellent system reliability, performance, high availability and overall optimized systems
• System monitoring/troubleshooting including Response Time monitoring,
• Also monitor System Locks & Waits, Database/SQL performance and ITS performance
• Monitor data interfaces: SAP to SAP and SAP to Legacy
• Responsible for day to day systems administration
• Plan and perform SAP R/3 release maintenance, system refreshes, client-copies, & upgrades.
• Database administration using MS-SQL 7/8,
• Oracle release 8.1 and 9.2, backup/restore,
• Disaster recovery (using Oracle Recovery Manager scripts).
• Maintain Outbound file processing to Legacy system from SAP

Confidential

SAP- Basis Security Admin

Responsibilities:

• Study the functional/Process flow; regroup the functions by using the SAP best practices wherever applicable.
• Redefine their roles/authorization profiles by studying authorization objects and controls.
• Design and recommend users self - review report.
• Conduct Unit, Integration and User Acceptance Testing on the created roles and authorizations.
• Transports to QAS/PRD, Project management, Client interaction, presentations and user .
• Post-Implementation Support.
• Work with function team to understand current Audit reports thoroughly.
• Study, review, enhance and recommend the security policies of Confidential .

SAP Basis/Security Admin

Confidential

Responsibilities:

• Design and implement policies and procedures to manage the creation of security roles and assignment of these roles to end users in order to:
• Ensure the proper authorization is received from the business owners. Prevent the introduction of Segregation of Duty issues with end users. Ensure Sarbanes-Oxley compliance with the established SAP Security model.
• User Authorization Management: Creating of Authorization objects, Classes, Profiles, Roles and Activity groups for Confidential systems, User Management/ administration, Creating Bulk Load users
• Maintenance of SAP security (roles and authorizations), and Users for OM Support.
• Segregation of Duties (SOD) check for creating/maintaining users.
• Transport management of fixes from development environment through to production.
• Analyze transaction/functional errors and help ABAP/4 team in resolving bugs.
• Setup Single Sign-On for SAP System users using their Windows/OS network IDs.
• SAP security auditing, Investigate on complex security issues.
• Accept trouble calls from Global business and system end-users.
• Provide implementation support for new deployments as needed.
• Provide operational support to the Application services team for Production issues.
• Assist with the coordination and testing of Security roles as a part of Integration testing.
• Provide functional direction to on-site & offshore contract security resources.
• Analyze security issues to root cause and resolve the issues within the set deadlines
• Adherence to the Service Level Agreement, Meeting deadlines to solve Priority 2/3 issues as per SLA.
• Provide support for periodic audits (internal, external)Initiated and implemented Process Improvement Plans (PIP) in the Project
• Internal quality and unit testing and handoff to the Project Manager.
• Recommend “workarounds” to Priority 1 and Priority 2 issues to allow business to continue operation, while root cause remedy is being determined and corrected.
• Participating in conference calls with clients/ Confidential Project managers for issues pertaining to tickets.
• Communicate to customers worldwide through emails.
• Ensure complete understanding of Remedy Quest and keep it updated.

SAP Basis Admin

Confidential

Responsibilities:

• System Administrator for R/3 4.6C and 4.7 systems running on Windows NT/2000 on Compaq and Confidential .
• Performed Installation and technical configuration of SAP R/3 4.6B, 4.6C and 4.7 for Development, Testing, Demonstration, and Production Servers.
• Configured SAP Solution Manager for both Development & Production Servers
• Configured the transport management system in a 2/3/4 system landscape in 4.6B/C & 4.7 releases. Configured transport layers and development classes. Assigned projects to CTS requests. Performed development and customizing transports between systems.
• Configured Employee Self-service and Manager Desktop functionalities of SAP
• Setup the profile generator, workflow, printers, OSS, and managed the database with SAPDBA.
• System monitoring and analysis for performance, Dumps, system failures, failed updates, runtime errors etc.
• Applied Support packages and hot packages to bring the system up to the current release of the software.
• Applied kernel upgrades, transport tools, and applied OSS notes.
• Local Client copy and Client Import and Database Export\ Import (Heterogeneous system)
• Database administration and performance tuning
• Implemented SAP R/3 Authorizations for the R/3 Users as well as Managers Desktop and ESS Users, which included: Creating User Ids and respective roles as per the requirement given by various operating divisions. Creating normal and HR structural authorizations and assigning to respective users. Analyze and maintain User profiles and Activity Groups Problem solving for role/profile issues. Performed a regular audit of SAP R/3 user accounts. Identified 4.6C authorization changes and modified the Roles according to the business requirements. Setting up of Authorization profiles for Developers working on the project, Coordinated the user account creation and termination policy with Human Resources and Operations.
• SAP Business Workflow design & development for three benefits: Open & Closed Car Schemes, Company Accommodation Scheme and PC Scheme; also HR process mapping done for other payroll related workflows.