PROFESSIONAL OVERVIEW

• Experienced SAP security architect/analyst with 10+ years in SAP security.
• Multiple complete lifecycle SAP implementations using ASAP methodology.
• Architected and designed security solutions for large manufacturing, aerospace & defense, healthcare and IT companies.
• Designed security for all modules and areas on SAP(ECC, BI, HCM, PORTALS, BOBJ,GRC, GTS, APO, CRM, SRM, AII, RFID)
• Good understanding of ITAR, SOD and SOX policies and procedures.
• Helped clients achieve ITAR, SOD and SOX compliance.
• Worked on multiple SOD tools (GRC, Approva Biz rights, CSI authorization editor).
• Developed security for custom MRO and MES solutions.
• Designed completely automated identity management solution for major manufacturing company.
• Excellent communication and presentation skills.
• Excellent project management and problem solving skills.
• Proven team leader and offshore coordinator.
• Handled multiple projects at various countries and time zones simultaneously.
• Managed implementation and support teams.
• Advanced skills in business requirement analysis.
• Defined, designed and documented support policies, procedures and guidelines.
• Helped companies build support teams onsite and offshore to handle all security/basis related activities.

PROFESSIONAL AND CERTIFICATIONS OVERVIEW

• ITIL V3 certified.
• SAP BW365 BI-User Management and Authorization.
• Advanced Diploma in Computer Programming.
• Diploma in Computer Applications.

SAP EXPERIENCE

Company: Confidential,
Client: Confidential,New York and New Jersey
Duration: 5 months. (October 2009 – Current)
Project Description: SAP Implementation
Role: SAP Security Architect
Responsibilities/Deliverables:

• Redesigned existing SAP structural/position security model and developed new structural security solution for MRO implementation.
• Documented new security model and procedures.
• Architected and developed security roles (Composite and single/derived).
• Helped client in transitioning security support from 3rd party vendor to in-house.
• Trained client personnel on SAP security.
• Developed ECATT scripts to automate security activities.

Client: Confidential,
Duration: 2 months. (August 2009– October 2009)
Project Description: SAP Implementation
Role: SAP Security Architect
Responsibilities/Deliverables:

• Responsible for the design and development of security strategy and roles for the entire implementation (ECC, HCM, BI, GRC, CRM, SRM)
• Defined and documented security processes and procedures.
• Developed PowerPoint presentations for the implementation team and the client on security.
• Trained client personnel on SAP security.
• Developed ECATT scripts to automate security activities (User administration and role build).
• Worked closely with developers and functional leads and educated them in understanding security concepts so that they can develop custom transactions, reports and programs appropriately.

Client: Confidential,
Duration: 1 year 9 months (November 2007 – August 2009)
Project Description: SAP Implementation
Role: SAP Security Architect
Responsibilities/Deliverables:

• Designed, built, developed and documented the audit and ITAR compliant security solution for ECC and BI.
• Developed security roles for all modules (FI, CO, SD, MM, HR, WM, PP, PS, SCM, QM, and SM).
• Developed roles as per SAP’s ASAP methodology. Created composite and single roles as well as used the derived roles concept for multiple sites.
• Developed and documented process procedures for user administration and authorization maintenance.
• Assisted in developing and conducting knowledge transfer plans and documentation for client personnel.
• Automated security activities using ECATT scripts.
• Managed onsite and off-shore Basis/security support team members.
• Worked with SAP for managing landscape activities.
• Managed multiple teams on simultaneous global rollouts at different countries and time zones.

Company: Confidential,
Client: Confidential,
Duration: 3 years 5 months (June 2004 – November 2007)
Project Description: SAP Implementation
Role: SAP Security Lead
Responsibilities/Deliverables:

• Led the SAP security team for implementation of SAP R/3.
• Managed separate teams for production support and deployment.
• Developed and executed Security unit and integration testing.
• Redesigned existing security model and migrated manual profiles to role-based security.
• Worked on security mapping (transaction to role mapping, position to composite role and user to composite role mapping), and security design/configuration/testing/implementation of ABAP programming, transactional and tables.
• Worked closely with functional teams for gathering business and control requirements, and with technical teams to ensure the development of appropriate custom transaction codes and programs.
• Resolved SAP security authorization issues, and performed post Go-Live support.
• Re-defined, standardized and documented security processes on user and role administration.
• Worked with internal and external audit resources for remediating SOX issues and ensuring compliance to IT security policies, procedures and controls.
• Worked with SAP Access Control group to identify and remediate SoD issues in the existing security roles; issue resolution and compensating controls were developed in cooperation with IT and process owners.
• Developed and documented multiple documents, including role development and user administration for training purposes, SAP Security policies and procedures, including SAP Security Standard Operating Procedures.
• Provided training and knowledge transfer of security concepts, user ID maintenance, role maintenance to client personnel.
• Developed and executed security CATT scripts.
• Assisted in forming SAP Security competency group.
• Designed and configured security for BI Reporting users, Power users and Administration users, RFID tag commissioning, and RFID/UID project that used XI interfaces to communicate with All.
• Implemented CRM security for Customer Interaction Center.

Company: Confidential,
Client: Confidential,
Duration: 5 months (December 2003 – May 2004)
Project Description: SAP Implementation
Role: Security Analyst
Responsibilities/Deliverables:

• Reviewed SoD issues identified by the internal audit team, and remediated SoD issues and developed compensating controls.
• Delivered training to client security and IT audit teams on SAP security and SoD.
• Analyzed existing SAP security structure deficiencies, recommended and implemented changes to re-engineer SAP security processes.
• Developed and re-engineered HR roles.
• Utilized SAP Central user Administration (CUA).

Company: Confidential,
Client: Confidential,
Duration: 1 year 4 months (May 2002 – September 2003)
Project Description: SAP Upgrade
Role: Senior Security Administrator
Responsibilities/Deliverables:

• Upgraded SAP R/3 from 3.1H to 4.6D and BW from 2.0B to 3.0B.
• Designed and implemented SAP BW infocube security.
• Maintained Business Process Controls by defining and developing specific roles and authorization for users.
• Implemented SAP hierarchical organizational security.
• Designed and developed Roles and Profiles utilizing Profile Generator.
• Developed specific authorizations for Business Explorer (BEx) and Administrative Workbench.
• Worked closely with SAP BW developers on creating queries, web templates and infocubes.
• Provided security support for HPSIT (HP Services IT) Production and Non-Production servers relating to SAP R/3 and SAP BW for North America, Latin America, Asia Pacific and Europe regions.
• Used CUA for user maintenance and support, and CLARIFY for SAP Security and Basis support.
• Administered security on Customized Transport tool (CTS) developed by HP.
• Involved in the deployment of SAP security on multiple SAP projects (HPFO, IGSO, MPC).
• Conducted training sessions and managed HP Virtual Security team and end users.
• Developed SAP Security procedures, according to company standards.
• Enhanced HP SAP Security for complying with audit standards.

Client: Confidential,
Duration: 9 months (June 2001 – March 2002)
Project Description: SAP Implementation
Role: SAP Basis/Security Administrator
Responsibilities/Deliverables:

• Responsible for Security implementation and architecture for SAP systems.
• Developed and documented SAP security strategies and specifying security standards.
• Designed and developed security roles.
• Resolved security issues in accordance with SOX, company policy, and
• Performed daily monitoring of servers (General and Security specific).
• Maintained integrity among development, test, integration and production boxes.
• Supported migration of SAP servers to new hardware.
• Refreshed test and development servers from production server.
• Released planning, upgrades, applying OSS notes and patches.
• Used SAP tools for Checking Backups, system logs, database and critical Objects/indexes, application servers, process and users overview, spool requests and logs, database updates, lock entries, ABAP/4 dumps, Background job status and logs, operating system tuning parameters, performance tuning.
• Established SAP load balancing.
• Participated in Disaster Recovery support activities including technical design, planning, and consultation and testing.

Client: Confidential,
Duration: 10 months (June 2000 – April 2001)
Project Description: SAP Implementation (upgrade from 3.1H to 4.0B)
Role: AP Security Administrator
Responsibilities/Deliverables:

• Assisted in troubleshooting security issues by performing traces and working with functional and business teams.
• Designed and configured Activity Groups.
• Utilized Profile Generator for role development and assignment of profiles/roles to users.
• Standardized SAP user accounts, and performed user administration.
• Developed and documented SAP Security procedures.
• Conducted security knowledge transfer presentations for clients and end-users.
• Developed and performed cut-over and post Go-Live security activities.
• Performed various Basis tasks, including but not limited to: scheduling background jobs, data extraction from flat files, SAP R/3 systems, loading of extractors (Plug-In) in SAP R/3 systems, coordination of security Early Watch sessions on the OS, application and database, and fine-tuning of SAP application servers and database servers.

BA, Commerce (Accounting, Economics, Statistics)

Diploma in Project Management