SUMMARY:

• Highly experienced in SAP Security, GRC, SOX Audit, IDM, HANA and HR security administration.
• Bachelor’s degree in Business Accounting and Finance, Master’s in IT (Computer Applications), armed with wide knowledge across all functional modules (O2C, P2P, MF, MM, PM, FI etc.) in SAP.
• In - depth experience in Implementing SAP NetWeaver Security, GRC, Hana and IDM architecture, configuration, and integration across systems.
• Solid ability to work closely with clients, Stack holders, Business owners, Audit & Controls teams to assess needs and implement complex solutions.
• Proven strengths in strategy, operations, networking, data management and risk management. Work with various stakeholders to define standardized, integrated process.
• Successful team leader. Excel at meeting budgetary and schedule goals. Proven track record in delivering SAP Application (Architecture, design, programming, testing, and support) including overseeing and managing all facets of SAP security.
• Superior technical development expertise. Adept at recommending computer platforms, Applications, and communication linkages to support business processes and information flows.
• Successfully identifying risks and implementing security solutions for wide range of projects and applications. Adept in risk assessment, project management, and security audits.
• Able to build productive working relationships with both technical and functional teams extensive business processes background
• Experience in SAP GRC (5.3, 10.0 and 10.1) CUP, RAR, SPM and EAM.
• Experience in SAP NetWeaver Identity Management (IDM) 7.2 and 8.1.
• Experience in SAP Single Sign on (SSO), LDAP, MS Active Directory, and Kerberos.
• Experience in SAP HR/HCM security Structural authorization and SF (Success Factors).
• Experience in SAP HANA, S/4 HANA (Simple Finance), Hybris and Fiori Security.
• Experience in SAP HR system, Org Publisher implementation and Success Factors.
• Experience in Portal security.
• Experience in SAP APO/SCM.
• Experience in Automation of SOD Remediation, Mitigations, Risks and Role Reaffirmation (UAR).
• Experience in BW/BI Security (3.5 and 7.0) and XI Security.
• Experience SAP Mobility client and DOE (Data Orchestration Engine).
• Extensive knowledge on ROLE DESIGN across all SAP Modules
• Extensive experience in Implementation, up gradation, blueprint, and project plan.
• SAP R/3, ESS and ECC 6.0 Security Admin.
• Experience in SRM (EBP) and Solution Manager, CUA, BPM, BOFC,
• CRM 7.0 Implementation experience - Interaction center, Business role in IS-U.
• Experience in third party SOD tool for SAP - SYNAXION.

PROFESSIONAL EXPERIENCE:

Confidential, Mt Prospect, IL

SAP Security, S4 Hana Security and GRC - Architect

Responsibilities:

• SAP GRC Access Control 10.1 End to End implementation.
• SAP S/4 Hana 1709 Security Implementation.
• Set up single sign on for S/4 Hana
• S/4 Hana security logical paths, file names restriction.
• Virus scanning/uploads, monitor RAL.
• Data security in SAP ILM system connection, users and authorization.
• Extensive knowledge in S/4 Hana security objects.
• S/4 Hana - Sales, Sourcing procurement, Master Data and Supply chain.
• SAP APO - Supply Chain security redesign.
• SAP BI Security redesign.
• SAP ECC security redesign for functional modules - FI, CO, MM, PM, PP.
• Worked with stake holder and business team to align to the security process and enable controls across all functions using SAP GRC
• Reviewed and implement controls for AIX system.
• Complete Security redesign across all SAP systems.
• Work with internal audit and external audit on audit requirements and controls.

Confidential, Alton, IL

SAP Security, GRC and IDM - Architect & Analyst

Responsibilities:

• SAP IDM 8.0 SP02 Implementation
• GRC NW Access Control 10.1 Full cycle implementation.
• SAP NetWeaver 7.0 Security architect end to end security implementation for modules - MM, PM and FI.
• SAP Fiori security implementation
• Responsible for complete end-to-end implementation from design phase, Blueprint, project plan and implementing SAP security.
• Review Business process across organization and align with the global sap standard.
• Design and enable appropriate Risks based of existing business process.
• Worked with functional team, stakeholders in identifying risks and train identified Risk owners, Role owners, and mitigation controls based on the functional area.
• Implement GRC 10.1 Access control, ARA - Access Risk Analysis, ARM - Access Request Management, Emergency Access (Fire Fighter), Mitigating controls and LDAP setup (MS Active Directory) in SAP and complete Single sign on (SSO) configuration.
• Worked closely with internal audit team and made sure all audit requirements are met.
• Document all policy, design and procedure for Governance & Compliance.
• Worked with external auditors on SAP auditing.
• Trained Olin brass SAP Security operations team to effectively reduce risks, maintaining authorization and user provision.
• Implemented IDM 8.0 SP02 with latest Developer studio, Configuration and provision packages and upgrade path.
• SAP IDM Forms - Creating Forms and Implementing a Custom User Interface.
• SAP IDM Jobs - Creating Jobs, creating a Repository and Creating Repository Jobs.
• SAP IDM Provisioning and Workflow - Creating Processes, Describing the SAP Provisioning Framework and Assign Privileges.
• SAP IDM Roles Creating Business Roles
• SAP IDM Approval Workflow
• Configuring Approval Workflows
• Notification Configuration
• Pending Value Objects (PVO) and Context Variables
• SAP IDM and Other SAP Systems - Provisioning a User to AS ABAP and Setting Up Active Directory
• Configuring the Virtual Directory Server (VDS) to Publish Information
• Verifying Authorization Compliance
• SAP IDM Advanced Tasks - Database Query and IDM Tables and Java script and Internal Functions

Confidential, St Louis, MO

SAP Security & GRC - Project Manager

Responsibilities:

• SAP NetWeaver Security, SAP GRC 10.0, ECC, SRM, Master data, S4 Hana and Iscala Implementation.
• Implemented Fiori for GRC, Risk owner, FF id approvals via mobile apps.
• Responsible for complete end to end implementation starting from design phase, Blueprint, project plan and implementing SAP security across globe and managing 9-member team.
• Project involves implementing SAP security and SOX compliant for new acquisition and Separation, Confidential Inc., to Energizer (Household) and Edgewell (Personal Care) company.
• Security implementation for Global Template project.
• Implemented SAP Success factors end to end implementation starting from requirement gathering, working with stack holders and preparing blueprint. SF was also done for Edgewell (Personal Care) Company.
• Worked on Design, Configuration and Implementation of SuccessFactors Employee Central, Succession, Global benefits, recruiting, ORD reporting security
• Experience in RBP from an existing SAP HCM role design concept
• Worked on reporting in different modules using Online Reporting Design tool.
• End-to-End implementation of GRC 10.0, CUP, ARA, SUP module.
• Implemented security for SAP ECC, SRM, Hybris, Master data and non-sap iscala.
• SAP S/4 Hana 1610 Security Implementation.
• Set up single sign on for S/4 Hana
• S/4 Hana security logical paths, file names restriction.
• Virus scanning/uploads, monitor RAL, Data security in SAP ILM system connection, users and authorization.
• Extensive knowledge in S/$ Hana security objects.
• S/4 Hana - Sales, Sourcing procurement and supply chain.
• Worked with business and stack holders to build SAP roles across all modules.
• SOD issues and conflicts are planned in advance for role design.
• SAP HANA security implemented
• SAP BOBJ administration
• SAP Authentication - SQL and HTTP, Privileges, Identity store, Kerberos, SAML, Audit log.
• SAP S/4 HANA (Simple finance) security implemented.
• Involved in auditing activities, internal and external auditor (PWC).
• Conducted workshops for various functional teams on security structure across globe (North America, South America, EMEA and ASIA).
• Worked closely with financial controllers in designing SAP Security.
• Responsible for SAP security cut over planning and planned release phases.

Confidential, San Antonio, TX

SAP GRC Security and IDM Implementation - Project Lead

Responsibilities:

• SAP IDM 8.0 Implementation.
• Upgrade Virsa 4.0 to GRC 10.1, ARA - Access Risk Analysis (SOD analysis).
• Setting up security for the mobile platform.
• Experienced in implementing Components (Meter Management Component, Customer Service Component and Crew Management Component)
• Activate additional mobile user role check in the ABAP add-on integration foundation component.
• SAP NetWeaver Virtual Directory Server V7.x
• Worked on retrieving/updating data in multiple data repositories
• Configured Access Enforcer with IdM (Identity Management) to simulate SOD checks for any new / existing user’s request.
• Configured AD single sign on.
• SAP NetWeaver Virtual Directory Server V7.x
• SAP IDM Connections via Identity Services.
• Worked on SAP IDM Identity center roles and Privileges.
• Create reports with SAP IDM.
• Identity center and MS AD password hook.
• Define authorization concept for operating and managing SAP IDM
• Worked on retrieving/updating data in multiple data repositories
• Experience in handling Oracle IDM application for user creation.

Confidential, Milwaukee, WI

SAP Security Consultant - Team Lead

Responsibilities:

• CRM 7.0 and GRC 10.0 Implementation (Firefighter).
• SAP NetWeaver Security.
• Worked closely with various SAP modules (team) for building roles, and compliance with audit.
• Worked in project team, tasks involve implementing new components, Releases and changes in various SAP Systems - NetWeaver, ECC, CRM 7.0, SCM, SEM, BI 7.0, XI, Portal, GRC-PC, SNC, Solution Manager, GTS and Netweaver Mobile.
• Portal role building, iView/Tcode creation and user authorization activities.
• Worked on implementing Charms for Change Requests.
• Actively worked on Release activities.
• Worked on Authorization change requests, implementing the role changes after analysis the Risks.
• CRM 7.0 Implementation, worked on PFCG and Business role.
• SAP BOBJ Security implementation
• SAP Portal Security setup.
• Role design for Business and connecting PFCG roles for webgui.
• Implemented Hybris and CRM Mobility client.
• Done enhancement in UI components or changes in the navigation profile or in the business role
• Maintaining authorization proposals for traces written by modified UI components

Confidential, Nashville, TN

SAP HR Security Consultant & SAP Mobile - Project Lead

Responsibilities:

• SAP Work Manager 6.2 Implementation.
• RFC authorization for Mobile users.
• S RFC and S PERNR details authority check for mobile users implemented.
• Experienced in implementing Components (Meter Management Component, Customer Service Component and Crew Management Component)
• Setting up security for the mobile platform.
• Implement SAP NetWeaver Security.
• Adding authorization at the business suite itself.
• Redesigned HR Global system with structural authorization and indirect assignment with appropriate security controls in place.
• Gathered requirements, analyzed and implemented HCM structural authorizations.
• Involved in integrating with GRC 10.0.
• Lead of HR security support for the North America (US and Canada), for multiple SAP HCM (ECC 6.0) sub-modules, employee self-service (ESS) and manager self-service (MSS).
• Implemented Org Publisher for SAP HCM.
• Implemented Context Sensitive Structural authorization profiles.
• Implemented SAP HR LDAP access to HR data on a LDAP server in a distributed system landscape and Synchronization of the SAP Database with the LDAP-Enabled Directory Service. (Setting using LDAPMAP and data extraction RPLDAP EXTRACT).
• Head of HR security support for US team.
• On demand client, provided support.
• Remediation and new security strategy designed and implemented. tHrive mobile app for HR security implementation done.
• Developed Security strategy and defined support process.

Confidential, Cleveland, OH

SAP HR Security Consultant (Remote & Onsite)

Responsibilities:

• Redesign complete Role structure for ECC system.
• Redesign HR security strategies by placing appropriate security controls in place.
• Providing expertise to the existing county team on managing day-to-day activities.
• Performed testing and defect management of roles
• Performed audit compliance activities and monitored segregation of duties, successfully demonstrated security controls effectiveness during external auditing.
• Gathered requirements, analyzed and implemented HCM authorizations.
• Implemented ESS

Confidential, Milwaukee, WS

SAP Security Consultant - Architect & Audit Lead

Responsibilities:

• Complete Role design (ECC 6.0) for the new global system done.
• End-to-End implementation of GRC 10.0, project blueprint design done.
• Analysis risk and proactively placing controls.
• Fire fighter set up.
• Created Strategic Security policy and procedure document.
• Automation of SOD Remediation, Mitigations, Risks Maintenance and Role Reaffirmation (UAR).
• SAP Simple finance security review.
• Implemented CRM 7.0 Interaction center and business role build and train the Harley team.

Confidential, Chicago, IL

SAP Security ECC, IPM, Portal, SRM, IDM & BI Implementation - Lead Consultant

Responsibilities:

• Extensively worked on requirements gathering across all SAP modules (ECC, CRM, SRM, BI & Portal) for building roles.
• Streamline the security process, building Framework document, auditing docs and Sops and working with internal control team.
• Setting up controls to restrict user from unauthorized access, working side by side with internal controls and Functional team and have contributed to functional Sop’s that are built.
• Worked on SOD’s and various risks and proactively placing compensating controls.
• Develop new strategies along with internal compliance team to secure the system.
• Created Template, Derived roles, Single and Composite roles as per the requirement.
• All Authorization changes like addition, deletion are carefully implemented with extensive analysis and make sure there is no SoX violation.
• Skilled in using various security related report tables via SE16 for various reports and analysis purposes and Knowledge on building SAP query for report needs which are not achievable through SUIM.
• Implemented CUA in Solution manager and done complete configuration (Connecting Child systems…proactively worked with Technical team to make sure all the System and Communication user requirements are met).
• Configuring potential risky authorization in SYNAXION (third party SOD tool for SAP)
• Analyzing and implementing security changes for any enhancements or operation changes.
• SAP NetWeaver Virtual Directory Server V7.2
• SAP IDM Connections via Identity Services.
• Worked on SAP IDM Identity center roles and Privileges.
• Create reports with SAP IDM.
• Identity center and MS AD password hook.
• Define authorization concept for operating and managing SAP IDM
• Worked on retrieving/updating data in multiple data repositories
• Good at reports SUIM and Tables, and worked closely with internal controls team and external KPMG auditors.
• Configured Access Enforcer with IdM (Identity Management) to simulate SOD checks for any new / existing user’s request.

Confidential, Atlanta, GA

SAP Security Consultant (Team Lead) - CRM 7.0 & ECC 6.0 up gradation

Responsibilities:

• Up gradation to SAP CRM 7.0 and ECC 6.0 systems.
• Extensively worked in CRM 7.0 webui components configuration and authorizations
• Role design for Business and connecting PFCG roles for webgui.
• Worked on combining SAP roles and customer roles with new features of CRM 7.0
• Done enhancement in UI components or changes in the navigation profile or in the business role
• Maintaining authorization proposals for traces written by modified UI components.
• Extensive knowledge on CRM Security program to prepare PFCG roles and Assignment of access to user automatically by running programs.
• Wide knowledge in links in web client and unique relationships surrounding authorization objects are associated with that piece.
• Working knowledge on PPOMA CRM.
• Worked on creating Positions and Business roles.
• Wide knowledge in restricting and maintaining authorization in interaction centre.
• Worked with various department in county like IThelpdesk, DWR, Business license and Revenue, BOC agent etc.
• Involved in complete End to End up gradation in CRM 7.0 and ECC 6.0.
• Wide knowledge on CRMD UI ROLE PREPARE and CRMD UI ROLE ASSIGN.
• Worked on PFCG role menu creation using the programs.
• Complete Procedure documentation prepared and KT provided.
• SAP HCM/HR Security (End to End Implementation):
• Implemented Personnel Administration and Organizational Management (PA and OM) modules of HCM.
• Designed, developed, and maintained structural authorizations and standard/derived roles for position-based HR security strategy, driven by complex span-of-control requirements for commercial divisions
• Performed gap analysis, conducted risk assessments, managed issues, designed and documented procedures
• Security support for integration testing, user acceptance testing, and efforts
• Authorization knowledge in plan version specific as well as object specific (authorizations for position, organization unit, etc.).
• Limiting the records to arbitrary HR structure. Extensive working knowledge on ESS

Confidential, Milpitas, CA

SAP Security Consultant (Project Lead), GRC, IDM & HCM Administrator

Environment: SAP NW 2004s, GRC AC 10.0 and PC 3.0, IDM V7.2.

Responsibilities:

• Upgrade from GRC 5.3 to GRC 10.0.
• Design, develop and implementation of workflows
• GRC development: planning, design and implementing strategy; collaborated SAP Business Process Owners to ensure business process design is in line with business security needs to maintain integrity of SAP modules through internal controls and monitoring.
• Extensively worked on production issue tickets and new change requests.
• Role remediation and user remediation of Segregation of Duties (SOD)
• Identify and analyze the critical transactions that are involved for resolving the SOX and
• Creating and modifying the roles as per the SOD and SOX matrix prepared by the Audit team.
• Used CC to automate all SOD related activities like defining SOD conflicts, monitoring SOD conflicts, prevention of SOD conflicts, and mitigating controls.
• Implemented Personnel Administration and Organizational Management (PA and OM) modules of HCM.
• Designed, developed, and maintained structural authorizations and standard/derived roles for position-based HR security strategy, driven by complex span-of-control requirements for commercial divisions

Confidential, Durham, NC

(Project Lead

Responsibilities:

• Used SAP VIRSA/GRC Compliance Calibrator 4.0 and 5.2 tool for effectively managing segregation of duties for users and roles
• Maintained role matrix (GLOBAL and MATRIX1), conflicting transactions and critical authorizations. Also worked on other GRC tools such as Firefighter, Role Expert and Access Enforcer.
• Provided analysis and reports for Sarbanes-Oxley compliance to the internal audit department and business unit managers
• Analyzed of SOD business and compliance requirements and redesigned to new upgraded SAP Security.
• Performing risk analysis using VIRSA Compliance Calibrator for the role assignment to the users and transaction assigning to the roles and suggesting mitigation controls or remediation when required.
• Troubleshot SAP system and provided daily monitoring and administration support.
• Used GRC (previously VIRSA) system’s VRAT tool to produce SOD analytical report against Users, User Groups, Roles and Profiles.
• Maintained GRC Rules update by uploading the new changes required for Transactions and Authorization objects.
• Implemented multiple login security (SAP violations) for reporting users and also created spreadsheets for exception users to be handled by management.
• Working experience in CC (Compliance Calibrator), creating function ID/ Risk ID, Generating rule, Analyzing SOD violation, Mitigation, Alert monitoring.
• Extensively used Fire Fighter for creating Fire Fighter IDs, designing and assigning Fire Fighter roles and monitoring Fire Fighter logs activities.

Confidential

SAP Security Consultant

Environment: - BW (Business warehouse) Component ver - Net weaver 04, SAP BW - 350 (Release), BI CONT - 353 (Release) with support comp - SAPKIBIFQ8

Responsibilities:

• Responsible for Security role development like creation of Roles (including Single role (Template and Derived role concept), Composite role) creation of Users, Maintained Authorization Objects, and Assigning Roles to Users as per Documents provided by the Management.
• Maintained critical role level segregation with access restricted at organization levels based on Template role to many derived role for all the markets.
• Nine different sites requirement have been analyzed and authorization have been provided accordingly
• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards.
• Worked with the functional teams and updated all the roles to the new Security model.
• Used SAP best practices like setting the following Info Objects as “authorization-relevant” and Using RSSM (Up to BW 3.5) Created Custom Reporting Authorization Objects using transaction to make security changes in BW/BI.
• Putting standard procedures or processes (SOPs, Standard Operating Procedures) in place to get the quality of work and reduce errors.
• Auditing the Critical user security.
• Working with the Audit team during Auditing for audit log setup and reporting (SM18, SM19, and SM20).

Confidential

SAP Security Consultant

Responsibilities:

• Responsible for end-to-end security Role build for Archive system.
• Co ordinate with different vendors and team and made most complicate role build set up
• Developed a strategy for all futures changes to system to be accountable for the audit
• Developed procedure documents to follow up all future use.
• Worked with table authorizations to control access to tables and created custom table authorization groups using SE54.
• Worked with SE93 to create custom transaction codes to control access to tables.

Confidential

SAP Security Consultant

Responsibilities:

• Led the upgrade to ECC6 from R3 4.6, BW/BI, APO, and EBP configured SAP security system to effectively support business processes and job functional requirements
• Developed the global security plan defining security strategy in design, development implementation and support; created template for the global rollout for the creation and maintenance of security accesses, permissions and controls by job role requirements
• Designed and performed fully integrated tests of delivered solutions; investigated, diagnosed and analyzed issues and recommend solutions managed and tracked project schedule
• Led the business requirements of all complexity levels
• Analyzed internal controls relative to structure and business processes and identified gaps or opportunities for improvement; and recommended solutions then constructed and tested of configured controls.
• Reviewed security design and provided guidance on segregation of duties, sensitive transactions and authorization objects access.

Confidential

SAP Basis & SAP Security Consultant

Responsibilities:

• SAP Production support for Basis monitoring and SAP Security administration.
• Windows 2000 Server and DBA Administration.
• Ghost cast server administration
• Knowledge on ISA server administration.
• Exchange 2003 Installation and mailbox administration
• Installing Patches
• Maintaining regular backup of user’s home folder, share folders, user mailboxes, important documents using VERITAS backup.
• Day to day activities System monitoring and role and user administration
• Taking care of server’s quota issues and other access related issues.
• Taking care of NICE application server.

Confidential

IT Security Engineer

Responsibilities:

• Windows 2000 Server and DBA Administration.
• Maintaining regular backup of user’s home folder, share folders, user mailboxes,
• Security check and monitoring.