SAP SECURITY GRC Architect (With Active Secret Clearance)

• Confidential has more than 15 years of progressive IT/Business experience. He is a senior SAP Basis Security expert & an experienced SAP Techno Functional consultant, specializing in brand new implementations & upgrades.
• Involved in four full cycle implementations of SAP SD, MM, FI, HR, PP and WM and five upgrades. (Global)
• Developed applications using ABAP/4 Workbench, Dictionary, Interactive reporting, BDC and SAP script.
• Hands on experience within BIW, SRM, HR (ESS/MSS), CRM, Oracle, DB2, Lotus Notes, Java, NT and UNIX. Prior IT experience includes Project management, Business Analyst, Programming, Testing, Hiring & Mentoring.
• Architect level experience in SECURITY includes: SoX, Segregation of Duties (SOD), all components of GRC Access Control suit (RAR, SPM, CUP & ERM), GTS and Process Controls. Redesigning Roles, Profile creation, modifications, User Administration, Authorization objects, User reconciliation, Problem analysis, CATT functionality and Custom authorization checks.
• Supported more than 22 SAP landscapes with more than 1,00,000 production user ids.
• In depth experience in SAP R/3 3.1I, 4.0b, 4.5b, 4.6c, 4.7 Enterprise, ECC5.0, ECC6.0, Netweaver 2004S, BI 7.0, CUA, Ent Portal, J2EE, SCM(APO,P2P),SEM, SRM(EBP), IS-Retail, XI/PI.
• Managed and participated in complete planning and implementing security policies, processes, methods, controls for security optimization.
• Managed teams and handled internal and external audits.
• Knowledge of security principles and standards including SOX, SARM, CISSP, COSO, HIPPA SIX SIGMA & ITAR.
• Handled project funding, budget allocations, steering committees and reported directly to executive teams.
• Knowledge on GRC GTS & NFE.

TOP SKILLS:

• Overall SAP IT Management
• Excellent Communicator, Leader & Mentor
• Experience in FDA regulated environment
• Project Management
• GRC /SOX/Audit Specialist
• Expertise in Access Controls and Process Controls

Confidential- COE-AESIP, Picatinny, NJ Nov 10 - Current Sap Security Specialist

• Security lead in supporting the Sap Solution Manager implementation
• Design the security for all components of SolMan including Service Desk & Charm
• Work with different teams of the Army to take their inputs in configuring the required features
• Integrate all the components and functionalities of SolMan.
• Set up different users, Business partners during implementation and configuration.
• Interpret EWA reports for all security threats and direct them to Management for SoD reviews.
• Configure and implement CSA and SLR.
• Create test scripts and user documentation.
• Train Army and other team members on the application and tool usage.

Confidential, East Hartford, CT May 10 - Sept 2010 Sap Security & Security Weaver - Starpoint Solutions LLC

• Review the current security, audit and SOX processes
• Review the current Approva Rules and Configuration
• Prepare Proof of Concept to meet the client needs for Security weaver (SW) implementation
• Implement SW, test the tool after implementation
• Build Rules at Authorization object level and sensitive transactions
• Conduct sessions and did knowledge transfer
• Redefine existing controls to meet SW standards
• Create and present the tool build to the executive committee for approval

Confidential, Poughkeepsie, NY Aug 09 - April 10 Security Architect & GRC specialist

• Work on many IBM"s internal and external customers" worldwide providing daily support with user ids, roles/profiles, auditor"s enquiries, transports.
• Involved in role development on all SAP releases: SAP 4.5b, 4.6c, 4.7/ECC 5.0/6.0, BI, CRM, SRM, EBP, XI/ PI & GRC.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations.
• Support continuous improvement in existing and new environments by contributing to the problem management process and ensuring execution of corrective actions assigned to the team.
• Interacted with Business Analysts of the project to assess needs, identify key challenges, and define project scope and deliverables.
• Establish detailed security upgrade plan, strategy and dual maintenance procedure
• Supported developers on problems with queries, authorization object checks etc.
• Supported implementation of GRC 5.3 suite of products RAR, SPM, CUP & ERM.
• Knowledge and understanding of 3rd party bolt-on products (like Cognos, Sabrix, Vendavo, etc.) within the security solution strategy.
• Closely work with Auditors in all periodic audit queries
• Ran Virsa reports and documented all SOD conflicts with mitigating controls.
• Ran Approva for access list remediation.
• Document processes and procedures for the Security Team. Applied SAP Information Processing guidelines ITCS 303, ITCS104, Application SOD standards.
• Provide training, coaching , code review, co-authoring designs for the team
• Provide technical leadership, direction and expertise to peers and clients
• Keep other teams informed of work status and change that relate to their activities
• Build collaborative relationships with customers and take actions to meet the needs and concerns.
• Provide off-shift on call support

Confidential, Richardson TX July 09 - Aug 09 Security Specialist and Audit advisor

• SOX clean up - redesigning the Roles
• Helping the team to build the process documents for security/SOX
• Provided Post Upgrade Security Support for BW, SEM, SRM, IS-RETAIL, CUA, Portal, ECC6.0
• Worked with Internal Audit and teams to design Mitigating Controls and coordinate with the Business and the corporate Governance committee.
• Reviewing the existing Activity-Groups for better security controls, the project involved a new position level security.
• Fixed authorization issues encountered during the Unit and Integration testing using the help of SU53 and ST01.
• Converted manual profiles to authorization groups/roles.
• Designed and created new roles according to the input provided by the functional consultants for all the R/3 modules specific to IS-RETAIL
• Fixed authorization issues with the help of system trace and authorization checks specific to IS-RETAIL

Confidential, VA April 09 - June 09 GRC Architect

• Lead in Designing the complete GRC 5.3 implementation of GRC-RAR, SPM & CUP
• Worked with the functional design, technical build, configuration, customization effort.
• Performed business process analysis, blueprinting, security design, and segregation of duties analysis.
• Created Project plan, Scope, Architecture integration with their current LDAP, EP and CUA model.
• Provided understanding of mapping of the solutions to the functional requirements of each business client. Applied best practices to design a total solution.
• Partnered with project team (Accenture) to analyze workflow, processes, procedures, data sources, problems/pain points, and assist with designing an enterprise GRC Design.
• Interpreted requirements data, map current and future state business processes to the packaged application being implemented, and develop plans to address functional gaps between the packaged application and the redesigned processes.
• Participated in technical build effort. Gathered requirements from infrastructure teams and coordinated next steps with sub-teams.
• Designed detailed project plan and scope for each release of the project. Ensured that project activities are delivered on time.
• Documented key project related documentation (functional designs, data sources, test plans, scope changes, etc.)
• Created relevant metrics to show progress of implementation work effort. Communicated updates as needed to project team, management, and army teams.
• Identified and prioritized issues to be worked and create documentation to facilitate the process.

Confidential, San Francisco, CA June 2008- Jan 2009 Lead Security/GRC specialist

• Architecting Security planning, designing, building & testing of Brand New Implementation of ECC 6.0, HR, HCM, BI 7.0, EP 7.0, SOLMAN, SEM, BCS, MDM & XI/PI.
• Lead in the development of the security framework and standards for the SAP environment using ASAP methodology.
• Setting up Enterprise portal security 7.0 along with Windows Active Directory.
• Setup of external directory services (LDAP) like Microsoft Active Directory and its integration and deployment with SAP Central User Administration CUA and SSO (Single Sign on).
• Implementing GRC 5.2 module (AE, CC & FF) Access Controls & Process Controls
• Set up UME on Netweaver Webas server.
• Role designing, user set up, support process, setting up traces, work with functional process leads.
• Specific role creation for BOBJ/PI integration and report publishing within BI.
• Ensure compliance to Security Policies, Procedures, and Control Sets. Working with internal/external auditors.
• Reviewing and setting up their complete SOX procedures.
• Created end user Master roles/Derived roles and production support roles
• Assisted MDM functional lead with designing and building roles for business expert and master data.
• Work with the test lead on Mercury tools.
• Developing Security Processes and Procedures for end user training.

Confidential, NJ June 2007 - May 2008 Security Lead/GRC/Sox Consultant Project 1

• Principle consultant involved in all phases of GRC.
• Complete assessment of the existing security and successfully completed SOD remediation for R/3, BW, HR & SRM.
• Implemented Virsa CC 4.0
• Planned, executed, and reported phases of audits in critical business and IT processes and technology including Section 404 Sarbanes-Oxley testing
• Performed audit procedures, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures
• Conducted interviews, reviewed documents, developed and administered surveys, composed summary memos, and prepared working/training papers
• Worked closely with business process owners to gather information and define security roles and controls.
• Developed new processes and procedures within security, redefined roles and did knowledge transfer
• Created training materials and trained security team and support teams involved.
• Overall project management, SOX remediation, Audits and process administration
• Assisted SOX Director in all phases of project goal for total compliance

Project 2

• Developed Security roles for implementation of NetWeaver 7.0
• Worked extensively on BI 7.0 security, Analysis Authorizations, RSECADMIN
• Upgrade support for CRM 5.0 security and its portal integration.
• Extensive exposure working on Enterprise Portal security, iViews, Roles, Worksets, assigning iViews to roles and user, roles and groups maintenance.
• User Maintenance using CUA.
• Created and maintained new ECC roles, trouble shooting, extracting data from the desired tables and analyze data for presentation
• Trouble shooting report errors in BI and Portal.
• Good understanding of BI Workbench, Cubes and Multi-Cubes, Queries and Reports in BI.

Confidential, NJ April 2007 - June 2007 Security Lead

• Overall security support and assisting team in all technical issues in analyzing, providing solution, developing process, documentation etc.
• Assisted in upgrade to ECC 6.0
• Supported implementation of Solution Manager.
• Security support for implementing Recipe Management part of PLM.
• Assessed existing HR system to provide security support
• Global identities based on an HR issued unique employee id.
• True Role Based Provisioning meaning core permissions will be driven by HR attributes (job code)
• Configured UME (J2EE Engine of Sap WebAS Java) set up SSO, uploaded roles from ABAP systems.
• Involved in SOX remediation and clean ups.

Confidential, VA Oct 2006- Mar 2007 Security/SOX specialist

• Involved in upgrade for VIRSA to 5.1
• SOX clean up - redesigning the Roles
• Helping the team to build the process documents for security/SOX
• Provided Post Upgrade Security Support for BW, SEM, SRM, CUA, Portal, ECC6.0
• Assisted the team in incorporating SSO on Netweaver Portal.
• Mapped the users from Netscape Directory into Portal Server
• Developed Security roles for implementation of NetWeaver 7.0
• Worked extensively on BI 7.0 security & Analysis Authorizations.
• Extensive exposure working on Enterprise Portal security, UME, Replication Manager (Sap J2EE Engine), iViews, Roles, Worksets, assigning iViews to roles and user, roles and groups maintenance.
• User Maintenance using CUA, and Global Composites in the CUA.

Confidential, Basking Ridge, NJ Sept 2005-Oct 2006 Lead -SAP Security

• Implemented VIRSA CC 4.0 from scratch and moved entire SOD rules from CSI.
• Upgrade to ECC5.0 is on - prep support.
• Complete overall support and accountable for GLOBAL SAP security includes design and implementation on R3, BW, HR, APO for all user ID admin and Role builds for SOX compliance.
• Supported all modifications of existing role changes to retire risk
• Directed change activities within newly created team as well as all activities to be supported by IBM contract resources within Production Support, Maintenance Security, Transport Control teams.
• Represented all change needs in SOX compliance to all CCB reviews.
• Created, maintained and executed Project Plan for all activities and documentation.
• Created and incorporated roles for newly acquired International concern from acquisition for multiple functional areas introduced after scope established for 400+ users
• Worked extensively on SU24 to redefine tables USOBT_C & USOBX_C.
• Worked extensively on HR structural authorizations, experience to streamline authorization rules and utilize standard SAP structural authorizations functionality
• Supported all users at "Go Live" for immediate access updates or changes during mitigation and final role alignment by function
• Worked with the testing team using QA tools (test director & load runner)
• Incorporated new functional user groups and template models for immediate access alignments in accordance with new definitions and compliance.
• Interfaced directly with external auditors on SAP in all phases of review, planning and mitigation of new Model for quarterly reviews by Process Owners (CSI) for SAP results
• Reported directly to the Director on a daily basis on all activities.

Confidential, CT June 2005-July2005 SOX project lead

• Interacted with Business Analysts of the project to assess needs, identify conflicts and redesigned roles.
• Reconciliation of Segregation of Duties (SOD) conflicts, to meet compliance with Sarbanes-Oxley requirements.
• Worked extensively on VIRSA audit tool VRAT to find the segregation of duties issues and performed Role remediation.
• Involved in setting up VIRSA VRAT, VFAT & Role Expert.
• Done FDA validation on all issues.

Confidential, Jan 2005 - June 2005 SAP Security Specialist.

• Involved in SOD and defining new authorizations for Lenovo, China
• Prepared the complete role structure as required taking the input from BPO"s.
• Implemented the VIRSA VRAT tool.
• Created the complete data for local matrices for reporting.
• Created all the procedures for successfully running the tool
• Trained the team members for running the reports and analyzing the conflicts.

Confidential, Basking Ridge, NJ Oct 2004 - Dec 2004 SAP Security Analyst

• Team member in a group of consultants that designed , implemented, and tested solution for SOD conflicts identified by Internal Audit partners
• Performed 3.1h profile and 4.6c role cleanup in R3 & 3.0 in BW to mitigate Segregation of Duties conflicts in preparation for external audit and Sarbanes-Oxley for Q4 2004 compliance and SEC reporting requirements
• Worked with D&T and SAP team in helping them identifying the ways to remove the conflicts without a valid tool.
• Removed more than 66,000 conflicted Tcodes.
• Completed validation and transports for mass generated roles.
• Created SAP Test User Accounts and modified roles using SAP CATT.
• Performed UNIT testing on created roles.
• Did knowledge transfer and laid security procedures for the team.

Confidential, Rochester, NY. Sept 2004 - Oct 2004 SAP Security Analyst

• Worked as part of SOX team for R3 & BW and assisted in elimination of Segregation of Duties (SOD) conflicts inherent within the KODAK SAP security model.
• Worked with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• User Administration for more than 100,000 users.
• Worked with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.
• Worked with VIRSA systems VRAT tool in identifying conflicts single roles and composite roles.
• Manually modifying profiles and roles to remove the SOD conflicts present in the roles.
• Using CATT script for mass generation of roles and User assignments.
• Perform UNIT testing on created roles.
• Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.
• Effectively analyzed trace files and tracked missed authorizations for users" access problems and inserted missing authorizations manually.
• Transported the generated roles and profiles using SAP transport management system.
• Created users and maintained user master and established security policies and procedures.

Confidential, Poughkeepsie, NY. Oct 1999 - Aug 2004 SAP Basis Security Specialist

• Worked on many IBM"s internal and external customers (PFIZER, PIERSON PUBLISHING, UNITED TECHNOLOGIES CORPORATION) worldwide providing daily support with user ids, roles/profiles, auditor"s enquiries, transports.
• Established detailed security upgrade plan, strategy and dual maintenance procedure.
• Completed Security upgrades from 3.1H to 4.6 C, 4.5 to 4.7 using SU25 and Profile Generator (PFCG)
• Redefined check/maintain status via SU24.
• Converted manual profiles to Activity Groups.
• Extensively worked with the Profile Generator on 4.5B, 4.6x and 4.7 systems as well as manual creation of profiles in 3.1I, 3.1H level to create roles/profiles for the ABAP, Basis, Security, Configuration teams and End Users
• Added authorization objects and values to Customers custom objects
• Worked on EBP user id administration via USERS_GEN and SU01
• Scheduled jobs for PFUD.
• Setup Traces for authorization purposes and Security Audit Logs for audit purposes
• User Ids administration for worldwide supports on R/3, BW, EBP, CRM & HR systems.
• Supported developers on problems with queries, authorization object checks etc. Closely worked with Auditors in all periodic audit queries.
• Extensively worked on Transport Management. Transported Roles/Profiles using STMS across systems
• Documented processes and procedures for the Security Team
• Maintained security standards for providers of Network and Computing Services - ITCS204.
• Applied SAP Information Processing guidelines ITCS 303.
• Performed quarterly Health Checking on production and non-production systems
• Using IBM"s UAWEB Admin tool, created User IDs request webpage for Customers
• Worked with VRAT tool
• Mentored team members.

Confidential, Poughkeepsie, NY Oct 1998 - Sept 1999 SAP Basis Team

• Administered SAP production and non-production environment.
• Client creation, Client copying (Local & Remote) and Client Export/Import
• Performance monitoring/ trends, such as monitoring SAP buffers, aborted updates, locked entries, setting up printers for global SAP users.
• Configured the Transport Management System
• Supported job scheduling, archiving, and outbound faxing solutions.
• Applied Support packs and OSS notes
• Performed client copies
• Assisted in SAP upgrades and installation.
• Provided day-to-day technical support and issue resolution

Confidential, Bilkes Barre, PA April 1996 - Oct 1998 SD Functional Consultant

• Performed Customization and Configuration aspects in SD module. Analyzed needs for conducting business process and provided detailed requirements for configuration.
• Member of the SD team responsible for configuring the system in Sales order processing and assigned various functional units to company code using SAP implementation guide.
• Worked extensively on creating sales data, master data in sales document types, processing inquires, quotations, sales orders, partner functions and output determination.
• Assigned schedule line and item categories, contracts, scheduling agreements, determining dates cancellation rules and in-completion logs.
• Developed pricing procedures using various condition types, condition techniques. Defined pricing agreements for different customers.
• Consulted with the client"s SD team members and directed the client process teams through entire functional, training, and business process decisions. Also, developed several change-management scenarios for SD.
• Assisted technical team members in the development of coding standards and uniform layout reports (such as Bills of Lading, Carrier Final Instructions).
• Worked on different sections of shipping, transportation, billing and packing documents.

SKILLS SAP R/3 3.1I, 4.0b, 4.5b, 4.6c, 4.7 Enterprise; ECC 6.0, Ent Portal, Netweaver 2007S, SAP EBP; APO, SCM, BW, SEM. CUA, XI; Audits, SOD, Sarbanes-Oxley, GRC & Approva. SAP Modules SD, MM, FI-CO, WM, PP, PS, HR, PM, CRM, BIW Microsoft Office Suite, Microsoft Project, Visio, Lotus Notes & MS Access. Java, JavaScript, J2EE, HTTP, HTML & XML MSWindows, NT, UNIX, AIX, HPUX, Citrix, DB2 & Oracle.

EDUCATION & TRAINING

• Masters in Computer Science.
• Masters in Business Administration.
• Masters in Commerce & Finance.
• Masters in Marketing & Sales Management.
• Successfully completed training course in SD module offered by SAP America.
• Successfully completed training course in BIW - Authorization offered by SAP America (BW365)
• Succesfully completed training course in Sap Enterprise Portal and System Administration offered by SAP America (EP200)
• Pursuing CISA certification