Summary

Over Seventeen years of experience with SAP GRC, Security Compliance, Engineering and IT management, demonstrating consistent record of success in achieving complex objectives and timelines.

Highlights

• A dynamic leader with ability to handle multiple projects and to lead professionals by bringing energy, enthusiasm, and humor to motivate team members to achieve potential and meet objectives.
• A highly organized manager who is able to quickly assess needs and provide tools to resolve difficulties, enhance learning to improve performance.
• Handled several projects from initiation to completion by taking up cross-Functional Responsibilities that included Planning, Analysis, Design, Development, Testing and end-to-end Validation.
• Known for resourcefulness in financial management and consolidation of functions, resulting in significant cost savings.
• Possesses a robust record of success in achieving complex objectives and timelines.

Professional Experience

Confidential

Manager, SAP and GRC Security Milpitas

• Varian Medical Systems is the world's leading manufacturer of medical devices and software for treating cancer and other medical conditions with radiotherapy, radiosurgery, proton therapy, and brachytherapy.
• Managed a team of SAP and Cloud Application Security and GRC team in supporting multiple Applications.
• Led the offshore IT Security team and ensured Governance and Compliance to Security Procedures and Policies by defining appropriate roles both for project and ongoing activities.

Confidential

Manager, SAP Projects

• PG E is one of the top 10 combined gas and electric utilities in the US with a market cap of 20B, revenues of 15B, and 22,000 employees serving 15 million customers.
• Recently completed a multi-year effort to define and implement the gas leak analysis and resolution project.
• Liaising with the entire Gas Operative team including the engineering team, developers and testers.
• Effectively handled cross-functional responsibilities to resolve issues.
• Gathered Business requirements, designed and documented solution for Business Intelligence reporting and Dashboard, Data Conversion, Security and roles.
• Completed business process modeling, solution blueprinting, and SAP solution architecture for multiple energy projects
• Led business requirement gathering sessions with business and documented business, functional, and technical requirements
• Validated the data and worked closely with Quality Assurance testers and documented the test scenarios for the various use cases.
• Organized meetings with business to resolve key issues and hurdles on a day to day basis.
• Led the mobile implementation of Picarro Gas Analyzers and transferring leak data to the cloud, and Mobile Integration with SAP
• Responsible for Intranet Communications for Pacific Gas and Electric Company PG E Pipeline Engineering Replacement Program.
• Led the effort in analyzing and organizing the Control documentation, evaluation, certification, reporting and analysis for Governance initiatives for implementing GRC Process Control
• Lead the resolution of HP ALM defects in SAP Security related to authorization issues for Gas Corrective Project.
• Liaised with the role redesign team in ensuring roles being used by ongoing Gas projects are not affected by overall role redesign project
• Led the development team in designing custom authorization objects to secure screens within Gas Notification transactions.
• Guided the testing team through Unit Test, Functional Test, Performance Test and UAT
• Worked with teams varying in SAP technical experience, acting as a coach/adviser
• Analyzed SAP system/business process changes and determined the overall impact

Confidential

Manager, SAP GRC / Security

• Varian Medical Systems is the world's leading manufacturer of medical devices and software for treating cancer and other medical conditions with radiotherapy, radiosurgery, proton therapy, and brachytherapy.
• Led the GRC Access Control 10.0 implementation as part of early adoption program for ramp-up GRC 10.0 customer
• Managed a team of over 10 offshore developers and testers, 3 onsite techno-functional developers and a team of QA testers on the GRC AC 10 Implementation project
• Led the offshore IT Security team and ensured Governance and Compliance to Security Procedures and Policies by defining appropriate roles both for project and ongoing activities.
• Led several sessions and workshops with Business Process Owners and Internal Audit to define and configure Organization Structure, Process Catalog, Account Groups, control objectives and risks, entity-level controls with GRC Process Control
• Worked on Control evaluation, certification, reporting and analysis for GRC Process Control to provide end-end Internal Control Solution.
• Managed and coordinated work of GRC QA team during GRC 10.0 implementation and ensured appropriate resolution.
• Subject matter expert SME for SAP Netweaver Identity Management and Integration with GRC Access Control
• Liaised with the technical and audit team on Security Risk Assessment and SOX compliance

Confidential

Manager, SAP Security Compliance

• Adobe is the global leader in digital marketing and digital media solutions. The company has historically focused upon the creation of multimedia and creativity software products, with a more-recent foray towards rich Internet application software development.
• Facilitated daily meetings with Business Process Owners, Role Owners, and SAP Security to configure and implement GRC Process Control 3.0 as part of GRC 5.3 and GRC 3.0 Suite of GRC tools with Adobe.
• Established effective communications with SAP Compliance Team and Internal Audit while definition and configuration of the Internal Controls in GRC Process Control 3.0
• Managed the design and implementation of GRC 5.3 Compliant User Provisioning CUP , Risk Analysis and Remediation RAR , and Super user privilege management SUPM
• Led the GRC 5.3 integration with Identity management and LDAP provisioning
• Worked on Adobe Volume Licensing Project to implement discount tiers programs to increase Adobe's revenue significantly.
• Implemented HR structural authorizations and Human Capital management HCM
• Liaised with the super users and BSAs and implemented HCM Security.
• Supervised the functional team leads and implemented Security in Human Capital Management HCM and Structural HR authorizations
• Worked on Securing SAP Sales Force Automation SFA users via Access Control Engine ACE .
• Monitored the performance of SAP Security and PMM/Vendavo Security for Pricing Capability Improvement project to overhaul Adobe's pricing systems and processes.
• Granted ESD rights for Adobe Volume Licensing Project to implement discount tiers programs to increase Adobe's revenue significantly.
• Initiated and completed the procurement portal project
• Monitored the generation of CSI Audit reports, addressing audit concerns and performed several SAP role changes for audit compliance
• Worked on SAP CRM Security changes for enhancements related to Customer Support Web cases transaction types
• Documented run-books, process documents and Wiki SAP Security documents for securing tables, programs in SAP, and general best-practices for SAP Security activities
• Liaised with SAP Compliance and Internal Audit Team to define and configure the Internal Controls
• Led the security team in streamlining the authorizations and permissions for end-user access in SAP and non-SAP systems via Portal and Identity Management.
• Streamlined role changes and enhancements in Customer Relationship Management and Salesforce Automation related to securing opportunities, leads, Territory assignment rules and marketing attributes.

Confidential

Project Manager, SAP Security

• Confidential is a biotechnology corporation. As of August 2013, Genentech employed more than 12,300 people. The Swiss global health-care company F. Hoffmann-La Roche AG now completely owns Genentech after completing its purchase on March 26, 2009 for approximately 46.8 billion
• Managed the Full life cycle implementation of SAP Security in SAP APO Project.
• Led the SAP Security onsite and offshore team for the project.
• Configured and implemented GRC 5.2 and setting up Access Enforcer, Compliance Calibrator and Firefighter
• Implemented Identity management with GRC for composite role provisioning
• Led the initiation and worked on setting up Single sign on SSO and Active Directory LDAP authentication for multi-SAP system landscape involving Portal, R/3, BW, EBP, APO, SRM and XI systems
• Led the BW Portal Upgrade project
• Rolled out Portal and back-end SAP access in BW and EBP to Singapore users
• Initiated 3-Tier re-alignment efforts in R/3 roles in order-to cash, and procure-to-pay areas
• Led the SAP Phase 2 APO project in creating new R/3 and APO roles for source, make, plan, quality, deliver tracks
• Streamlined BW access for reporting analysts, Power users and super users in multiple tracks Finance FI , order-to-cash OTC , Procure-to-pay P2P , Demand to Supply DTS and Maintain-to-improve MTI
• Initiated the XI Role re-design effort and tackling issues both on UME/Visual Administrator as well as on the ABAP side and led to completion.
• Recommended the usage of CATT scripts to create and modify a large number of user master records and also used Mercury Quicktest for preparing binary test scripts for SAP R/3 roles.

Confidential

Independent lead Consultant: SAP Projects

• Confidential is a leader in 3D design, engineering and entertainment software. Since its introduction of AutoCAD software in 1982, Autodesk continues to develop the broadest portfolio of state-of-the-art 3D software for global markets
• Worked on SAP ECC 5.0 Roles development targeted at SAP R/3, BW, SAP Solution Manager, SAP C-Projects SAP Project and Portfolio Management , and SAP E-Commerce systems
• Worked on resolving defects in SAP User Roles during QA and User Acceptance Testing, and assisted in post go-live issues for SAP Authorization Redesign in Upgrade from 4.5B to ECC 5.0
• Used the RBE tool to analyze the tcode usage for end-users and redesigned the R/3 roles in Finance, SD, HR and MM areas, and followed the 3-Tier design approach
• Met with the business process leads and role owners in reviewing and categorizing the tcodes into the 3 tiers for role redesign
• Provided access to end-users based on the approval matrix for role owners, after seeking appropriate approvals.
• Performed Bi-weekly RSUSR002 Audits for SAP User Termination reconciliation to make sure user access was terminated appropriately
• Performed monthly RSUSR100 Audits for SAP User Creation reconciliations to make sure user creation was with valid approvals
• Interacted with SOX Compliance external audit in providing details on Roles with potential SOD issues, users with potential SOD conflicts SAP user account administration details
• Worked on setting up OSS connection for SAP for troubleshooting purposes
• Created custom tcodes for table access and executing reports
• Worked on documenting SAP Account Administration and Role Maintenance Guidelines in ECC 5.0 environment

Confidential

Sr: Consultant: SAP Security

• Confidential. a company based in Milpitas, California, produced computer storage products until it sold its storage-business operations to PMC-Sierra in 2010.
• Worked on configuring SOD Risk Matrix global and Matrix1 , mitigating controls, setting up critical transactions, critical roles, modifying SOD rules set, including custom transactions in Virsa Compliance Calibrator 3.0 tool
• Interacted with internal Audit team Business System Analysts in raising Application Change Requests to perform Segregation of Duty SOD cleanup of FI, SD, MM and HR roles, for Sarbanes Oxley SOX 404 compliance,
• Worked in identifying and IT controls in FI, OTC, P2P and HR areas and defining the control objectives
• Worked on setting up Firefight ids in FI, Sales, MM and HR, which were provided temporarily to Business System Analysts BSA during emergencies.
• Provided system measurement details to Management for SAP license categorization
• Provided BW Security support for BW role development, and met with BW Manager in identifying access levels for Developers, Super users and power users

Confidential

Sr: Consultant: SAP Security

• Confidential is the global leader in providing innovative equipment, services and software to enable the manufacture of advanced semiconductor, flat panel display and solar photovoltaic products.
• Redesigned R/3 roles during Security Upgrade from 4.5B to 4.7
• Worked on SAP Security project in redesigning SAP R/3 roles for AMNA North America , AME Europe , AMJ Japan , AMC China , AMSEA South East Asia for all the production support move, sell-serve buy-plan, basis, security, technical and Functional roles in removing Segregation of Duty violations using Virsa Compliance Calibrator tool
• Developed firefight roles for Production Support users, to be used in Virsa Firefighter ids.
• Separated regional roles based on their own Sales Organizations, Company codes, Purchasing Organizations, Warehouses, and Plants and their own unique access to certain SAP transactions
• Modified single and composite profiles for AME Horsham, to remove SOD violations
• Created test users in Development D23 and Quality Assurance Q21 environments
• Role design, development and assignment PFCG, SU01
• Troubleshoot security/authorization related problems using SU53, ST01 and SUIM.

Confidential

Member of Technical Staff II

• Confidential was a company that sold computers, computer components, computer software, and information technology services and that created the Java programming language, and the Network File System NFS . Sun significantly evolved several key computing technologies, among them Unix, RISC Processors, Thin Client Computing, and virtualized computing
• Hired from the Penn State campus recruitments to design custom, low power very high-speed digital blocks in the next generation UltraSPARC microprocessor family
• Worked on logic design in the multiple full custom, low power very high-speed digital blocks in the next generation UltraSPARC microprocessor family with 8 Metal Layers at the Sun Microelectronics Division
• Designed Integer execution unit IEU and Arithmetic and logic unit ALU datapath and evaluation of power, area and delay of two different adders and design, simulation, functionality, critical path analysis in Integer Execution Unit
• Designed and developed Perl-based script for verifying Electro-migration limits Interacting with the Global SRAM team in getting the specifications for the cache designs and register files and studying and discussing the circuit implementations with the designers.

Confidential

Summer Internship

• Hired to work with the Network Board design team to test next generation MPLS/POS Boards
• Powering up an OC-48 Network Module and testing the board for clock skews, signal integrity, slew rates, etc.
• Modifying the VHDL test bench of a loop-back mechanism used in OC-48 rate Network Module
• Designing Xilinx Virtex FPGA based Network Modules and writing pragmas for diagnostic scripts for programs running in Xilinx Virtex based FPGA to be used in OC-48 rate Network Modules

Confidential

Research Assistant

• While working as a Research Assistant at Penn State University on Processing-in-Memory Architecture design Research, selected to work on ASIC/VLSI design in the Center for Design, Communication and Computing
• Worked on logic design in the multiple full custom, high speed digital blocks:
• Worked in Smart memory architecture processor with embedded memory design , selecting dual ported SRAMs and regular SRAMs for image processing applications
• Working in Researching I/O and peripheral buses IEEE1394, USB, Firewire,IDE, PCI, bus and AGP and memory buses PC100

Confidential

Graduate Trainee Engineer

Campus selected to work in the Automobile Manufacturing Company in various divisions Electronics Division, Crash test Facility, and Assembly Line to understand the current process, design and improve solutions for various components in Telco vehicles.