SUMMARY:

• Over 12 years of experience in SAP technologies, as an R/3 Security Administrator, working in the SAP R/3(4.6C, 4.7, 4.0B, 3.0D, 3.1H, 3.1I, ECC 6.0, BW 2.0b), including 7 years of S/4 HANA environments.
• Trained on S4/HANA 1709(both Finance and Logistics) and implementation architecture.
• Proficient understanding of BOBJ Administration and SAP HANA security support.
• Lead on various SAP modules implantation such as, PI/HCM/BOBJ/FIORI/PORTAL/BW/BPC/FI - CO/SD/CRM/SRM/ECC/XI/MDS etc.
• Over 3 years of experience and 2 Lifecycle implementations of S/4 HANA. Including; Experience in S/4 HANA data modeling and data provisioning technology.
• Over 10 years of experience in SOD Reporting and mitigation. Responsible for building new roles ensuring SOX, COBIT, ITAR, FDA, FISCAM and HIPPA compliance.
• Extensively worked with Sarbanes-Oxley Compliance -- Strategy management related to SAP business processes, transactions, control infrastructure, financial reporting process.
• Experience configuring AIS to run appropriate audit logs, and over six years working with external and internal auditors.
• 10 years of total GRC experience including implementation, sustainment and upgrade experience with 10.1/10.0/5.3.
• Experience working with over 5 implementations of SAP GRC 10.0/.1 Access Controls all four components (EAM, UAR, ARA, & ARM).
• Experience configuring connectors in SPRO for GRC 10 Access Controls implementation, as well workflow maintenance utilizing BRF+.
• Seven years of SAP Basis Administration experience with expertise in Implementation, Upgrade, Migration and Production Support projects.
• Experienced in Installing complete NetWeaver and my SAP Business suites on different platforms like Unix (Sun Solaris, IBM-AIX, HP-UX. Linux) and NT (Windows 2000 and 2003)
• Worked on 5 full cycle implementation projects. Including 4 GRC Implantations and 3 Upgrades.
• Experience utilizing SAP Snow Optimizer to manage and monitor SAP Licenses.

PROFESSIONAL EXPERIENCE:

Confidential, Sunnyvale, CA

SAP Security Lead

Responsibilities:

• Defined S/4 HANA and Fiori Security control strategy and concept.
• Develop all SAP S/4 HANA and Fiori security process and policy documents.
• Implemented Single-Sign-On (SSO) in S/4 & Fiori with Microsoft Azure.
• Managed SAP S/4 HANA, Fiori and HANA 2.0 security roles development and supported testing of roles.
• Managing Service-Now automated workflows to manage SAP access request provisioning.
• Defined strategy for GRC tool implementation and roadmap.
• Worked with Business and Internal audit/control team to define mitigate control for SoD’s risks.
• Defined SAP Security Roles Design & Strategy
• Developed SAP roles for ECC/BI/BOBJ/EWM/Portal
• Managed SAP Hybris User Management
• Implemented SAP SoD and Audit controls and Security best practices
• Managing end to end SAP Security project deliverables
• Cutover /Hypercare Planning & Execution
• Defined SAP Security Rollout strategy for 7 Distribution Centers & 450 Retail Stores

Confidential, Richmond, VA

SAP Security SME & Audit Readiness Lead

Responsibilities:

• Led role reengineering effort, in compliance with Sarbanes-Oxley Section 404 (SOX), Remediation of Segregation of Duties (SOD) within SAP implementation, Profile Generator (PFCG), Role, Profile creation, modifications, User Administration, Authorization objects, User reconciliation, BW Administration workbench- BW Info cubes, Info objects, Hierarchy, Variables, Update and transfer rules, Info Areas, Info object catalog.
• Responsible for maintaining adherence comprehensive (SOX) §404 ongoing monitoring program in relation to the general and application IT related controls, coordinating this program and taking an active role in reviewing test results of key controls.
• Implementation of HANA Security Module. Including; Configured Standard, Technical and Restricted Users, Worked on System, Object, Analytic and Package Privileges.
• Participated in daily communications between the business teams, and security teams, to provide analysis of business requirements SOD Rule sets for GRC 10.

Confidential

Application Monitoring

Responsibilities:

• Design and develop best monitoring practices using SAP Audit Information System’s (AIS) to ensure compliance to documented processes.
• Configured Kerberos authentication tool on two CentOS servers and Oracle Directory Server.
• Adhere to SAP-related policies and procedures such as those around access controls, change management and development to ensure preparation for the variety of audits that occur throughout the year.
• Perform high quality reviews of key Access Control processes and controls including entity level, and general IT controls (access control, change management, IT operations, backup, anti-virus etc.) based on a variety of IT frameworks.
• Worked with SAP Snow Optimizer to manage and monitor SAP Licenses. In-turn saving Financial cost in restricting and removing unwarranted SAP Licenses.

Confidential

Governance Risk and Compliance

Responsibilities:

• Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
• Actively participate in decision making with engagement management and seek to understand the broader impact of current mitigating decisions.
• Assess clients' security and control readiness and provide appropriate security assistance. Assisted clients with modification of the delivered SOD/Critical Rule Set.

Confidential, Atlanta, GA

Security Analyst/GRC Administrator

Responsibilities:

• Worked extensively in Remedy ticket queue to assist end users and support users in various security related needs.
• Created and maintained user as required.
• Assisted in project teams where security expertise was required.
• Generated ECATT scripts as required for user administration and role assignment.
• Utilized Java UME to perform access updates with the Portal and other AS Java-based applications.
• Gathered weekly and monthly team metrics for reporting to SAP Security Team Leads.

Confidential

Responsibilities:

• Updated, created, and redesigned single and composite roles using PFCG in various SAP ERP’s systems.
• Good communication with the business on role design requirements and business requirements for SIT and FUT testing for ECC implementation
• Worked with Business Analyst and Role Owners with Role Design
• Ran ‘What-if’ analysis on role changes prior to making role changes.
• Utilized SAP Transport (STMS) to move approved security role changes from Dev to Q to Production.
• Assist Testers with role validation for new and updated roles.
• Used ST01 & SU53 to analyze failed authorizations.

Confidential

Responsibilities:

• Configured SAP GRC10 Access Controls all four components (ARA, ARM, EAM, and UAM).
• Assisted clients with creation, and modification of the delivered SOD/Critical Rule Set.
• Incorporated custom transaction into updated ruleset.
• Configured/Updated MSMP workflows using BRF+ feature.
• Configured EAM/Firefighter all components (centralized and de-centralized).

Confidential, Philadelphia, PA

SAP Security Administrator

Responsibilities:

• Defined test accounts as required.
• Associated new/changed security roles to test accounts.
• Worked with Functional Area leads to validate accuracy of new/change security roles.
• Utilize Security authorization analyzing tools (SU53 & ST01) for error review.
• Updated Security Roles as approved and required.
• Updated SU24 for Tcode authorization defaults.

Confidential

Responsibilities:

• Participated in on-call support schedule.
• Performed mass user lock and unlock as required.
• Developed user maintenance ECATT scripts.

Confidential

Responsibilities:

• Worked with GRC Access Controls all modules.
• Defined Firefighter IDs and required escalated access.
• Configured Password Self Service.
• Updated Functions as required/approved by Business Analyst.
• Updated Risks as required/approved by Business Analyst.
• Applied/configured approved Mitigating Controls.

Confidential, Chester, VA

SAP Security Administrator

Responsibilities:

• Performed User Creation/User Mass Creations.
• Utilized SU01/SU10 for User Modification.
• Continued support of Password administration for all user types.
• Utilized SU10 and CUA for User mass maintenance.
• Performed User PID maintenance.
• Resolved day-to-day user authorization issues assigned from Helpdesk -Lotus Notes dB.
• Created/Maintained ECATT scripts for several user and role processes
• Utilize Microsoft Office tools (Access and Excel) for data analyst
• Worked with business analyst to ensure role accurate role definition.
• Utilize SOX tools to review role for compliance.
• Facilitated test sessions for new/updated Security roles.
• Transported roles as required.
• Updated SU24 for authorization default values as needed.
• Implementation of GRC Access Controls, all modules.
• Defined Firefighter IDs and required escalated access (EAM).
• Configured ARM utilizing MSMP workflows using BRF+ feature.
• Configured Password Self Service.
• Updated Functions as required/approved by Business Analyst.
• Updated Risks as required/approved by Business Analyst.
• Applied/configured approved Mitigating Controls.