PROFESSIONAL OVERVIEW:

Confidential has over nineteen years of experience in management, design, and implementation of SAP application security, fourteen years of GRC Access Controls, three years SuccessFactor RBP Security and some functional support, three years of SAP HANA Security, fourteen years of SAP Audits and Controls, and three years of Fiori.

SUMMARY:

• Create SuccessFactors RBP Security Strategies working with workbooks for Employee Central, HRIS, Talent, Recruiting, On - Boarding, and Compensation. I enjoy troubleshooting all functional issues with leads or alone with Functional Leads approval. Troubleshoot SFSF functions to conclude Security is not the issue and resolved issues with leads. Troubleshoot Permissions displaying Highly Sensitive data (Bank Information, Salary, Salary Ranges, Compensation etc.)
• Personally, Integrated GRC Access Control, SuccessFactors, and Greenlight detecting SoD Conflicts and Provisioning Static Groups
• SAP has not a default ruleset for SuccessFactors, I created a process and workshops educating clients how to create and maintain a SuccessFactors ruleset and secure Foundation Object (Pay, Pay Range, Organization, Job etc..)
• Created a SucessFactors ruleset categorizing SF Function Groups and Identifying which Permissions create SoD
• Create Ad Hoc reports, troubleshoot Workflows, Create Workflow Groups, and Export/Import Employees
• Mapping ECC data to Permissions in SuccessFactors which is part of building a Ruleset mapping EC transactions (Payroll, OM, & PA infotyes) to Employee Central Payroll
• Integrating testing and the GRC User Acceptance Testing experience enhancing the user experience while identifying and protecting sensitive data
• Troubleshoot tickets in all work areas individually or the leads
• Enabled Change Audit reports for general audit purposes Changes to Personal Data and Changes to General Data
• Troubleshoot interface issues with Security, developers… Main reason systems were copied backwards, and user Id and passwords were out of synch.
• SAP S/4 HANA Security, HANA Modeling, HANA BI, HANA Performance Monitoring
• Setup and maintain SAP S/4 HANA 1610 database security role, System Privileges, Package Privileges, Application Privileges, Analytic Privileges, and Object Privileges
• Redesign HANA roles, retire SYSTEM database users and use the proper database users for admin tasks
• Assign the proper roles to developers and restrict access to areas which create a data risk
• Create Standard User Accounts and Manage Technical User Accounts
• Experience with HANA Live Views, HANA Modeler, SQL, and some SAP SLT
• DSO and DMO - Database Migration and BW/BI Maintain Mass Authorization
• HANA Modeler/ Studio work with developers supporting development processes for SAP BPC optimized for S/4 HANA Finance and embedded in BW Reporting, Fiori, BW 7.5, and BoBJ
• Work with BI Architect developers supporting development processes for SAP BPC optimized for S/4 HANA Finance and embedded in BW Reporting, Fiori, BW 7.5, and BoBJ
• GRC Access Controls 5.3 to 10.1 and Segregation of Duties
• Deployed all GRC Access Controls modules, including the HR Trigger, which includes configuring MSMP and BRFplus
• Create GRC Access Control implementation and upgrade project plan including, Blueprinting, BPD, BPP, Testing (FIT, SIT, UAT, MOCK, and user training), and managing resources to milestone.
• Integrated GRC AC with, SuccessFactors, and Greenlight for SoD and User Provisioning
• Lead GRC Ruleset workshops with the business which Ruleset included Fiori applications in the ruleset creating SoD Free Fiori Catalogs and Fiori Business Groups
• Remediate SoD conflicts by creating remediation and Mitigations Strategies with Business Leads and Security Resources
• Implemented seven GRC Access Controls, upgrade GRC 5.3 to GRC 10.1, and one Virsa 4.x to GRC 10.1, 12 upgrade
• Developed GRC processes to sustain a successful implementation and continuous compliance
• Create Security Strategies, testing strategies, Create Roles, including Run and Maintain experience: ECC, BoBJ, SuccessFactor, BI/BW, HCM, IBP, EHSM, FSCM, Solution Manager, MDM, PL, BPC, SRM, EBP. PI, APO CRM, GTS, SCM, SEM, Portal, Adobe Forms, Solman, and OpenText
• Own an Internal Database which accelerates re-design Security Roles
• Prepared Security Team for testing (FIT, SIT, UAT, MOCK, and user training)
• Resolve SAP Security authorization issues and administer administration
• Developed BI 7.x Security Plan, maintained HANA Analysis Authorization, and troubleshoot queries
• Extremely experienced developing enthusiastic Junior Resources
• Gather Fiori Requirements and select the applications in the Fiori Application Library a proof of concept
• Activate SICF Services, OData Services, SAPUI5 Components
• Create Fiori launchpad strategy and deploy Fiori launchpad
• Create new Fiori Application Specifications and work with developers creating new applications
• Create SAP Fiori Security Role Strategy, Create Fiori Back end / Front end Roles, and HANA Roles / Privileges
• Design create and maintain business catalogs and business groups
• Created a GRC Ruleset which included Fiori applications in the ruleset creating SoD Free Fiori Catalogs and Fiori
• Fiori application troubleshoot authorizations and research notes in application library
• Fiori created Security test strategy, function test strategy, and user acceptance test strategy
• Fiori / GRC user and role provisioning strategy and maintenance

PROFESSIONAL EXPERIENCE:

Confidential, Houston, TX

Responsibilities:

• Create SuccessFactor RBP Security in Employee Central, Talent, Learning, Recruiting, OnBoarding, and Payroll
• Provided functional support while troubleshooting Security issues in Employee Central, Talent, Learning, Recruiting, OnBoarding, and Payroll proving RBP Security is not the root of a problem
• Create Adhoc reports for various departments
• Troubleshoot tickets in all work areas individually or the leads
• Troubleshoot interface issues with Security, developers… Main reason systems were copied backwards, and user Id and passwords were out of synch.
• Enabled Change Audit reports for general audit purposes Changes to Personal Data and Changes to General Data
• Integrate SuccessFactor with GRC Access Control and GreenLight for Risk Analysis and User Provisioning to HANA Cloud Integration
• Configure GreenLight AVM, SucessFactor, and Employee Central
• Create a ruleset for SuccessFactors detecting SoD in Employee Central, Compensation, and Payroll
• Perform User Acceptance Testing and resolve integration issues improving user performance
• Create training material for SoD and User Provisioning

Confidential, Honolulu, HI

Security Lead, Security Architect, Fiori Consultant, and GRC Lead

Responsibilities:

• Create SAP Security Application Strategy, Policy, and Standards for Fiori, EHSM, GRC, BI, XI, ECC, CRM, BoBj, HCM, and SuccessFactor RBP
• Create SAP Application Roles and Testing Procedures for BI, ECC, BoBj, HCM, Success Factor, Fiori, and XI
• Experience with Mass Authorization Generation in SAP BW
• Blueprint and deploy GRC Access Control
• Implemented HR Triggers interfacing GRC Access Control with Success Factor
• Design and create SAP GRC Business Roles
• Create Fiori Catalogs, Fiori Business Groups, and troubleshoot Fiori Tile (applications)
• Add Fiori applications to GRC Ruleset for SoD Detection
• BW create hierarchy structure using scripts
• Lead GRC Ruleset workshops
• Implement, security, and maintain OpenText authorizations
• Developed Role requirements for various BP functions
• Worked with business leads gather Fiori Applications requirements
• Deploy Fiori applications
• Created Fiori Designer Catalogs and Designer Business Groups
• Created security training material and GRC training for end users and SME
• Trained two of the client’s junior resources to support Fiori, EHSM, GRC, BI, XI, ECC, CRM, BoBj, HCM, HANA, and Success Factor

Confidential, St. Louis, MO

HANA Security Lead, Security Lead, Fiori Consultant, and GRC Lead

Responsibilities:

• HANA Finance role design, test, and creation
• Fiori resolve Fiori performance issue and created a development role strategy
• Fiori Application requirement creation and documentation
• Fiori Application library enable and troubleshoot Fiori application
• Worked with business leads gathering Fiori Applications requirements
• Fiori created strategy adding Fiori application to GRC Ruleset detect SoD conflicts
• Fiori Designer group Fiori application to Business Catalogs, Business Groups, and Business Roles
• Fiori updated SU24 settings preventing critical object from being misconfigured while creating back end roles
• HANA 1610 Security Lead maintained HANA roles and privileges support development BPC, BW, BoBJ, and Fiori
• HANA 1610 design maintain user, roles, and privileges
• GRC Access Control deployed Risk Analysis and Emergency Access
• GRC Access Control lead ruleset workshop and enhance out of the box ruleset
• BW, IBP, BPC troubleshoot queries and analysis authorization issues
• Created BoBJ security for users, groups, folder structure, and access levels

Confidential, Houston, TX

HANA Security Lead, Fiori Lead, and GRC Lead

Responsibilities:

• Took over a struggling GRC Access Control 10.1 implementation
• Implemented all modules in GRC Access Control 10.1
• Created the ruleset with the Business
• Created remediation strategy
• Redesigned security roles to exclude SoD Conflicts and creating Mitigating Controls

Confidential, Falls Church, VA

SAP Security Consultant

Responsibilities:

• Assist with internal HANA test environment
• Created HANA Training material for internal resources
• Trained internal resources on HANA Landscape
• Troubleshoot FIORI functional issues
• Assess existing SAP NetWeaver Identity Management
• Documented requirements for Greenlight Regulatory Management System

Confidential, Bellevue, WA

SAP Security and GRC Access Control

Responsibilities:

• Review existing GRC design (processes and procedures), recommend enhancements improving request turn around time and GRC experience.
• Provide GRC functional support and Post Go Live Support
• Create ARM requests in GRC and support

Confidential, Naperville, IL

Responsibilities:

• Redeployed SAP AC 10.1 installation
• Resolved Connection issues and rule set issues
• Created MSMP and BRF plus settings integrating with SAP NetWeaver Identity Management

Confidential, Fort Worth, TX

SAP HCM / ECC Security Consultant

Responsibilities:

• Re-installed GRC AC 10.1
• Lead SAP Security role (HCM and ECC) redesign requirement workshops
• Developed and tested SAP ECC and HCM Roles with the business leads
• Lead GRC rule set workshops
• Created GRC Access Control training documentation
• Troubleshoot and resolve plug in issues
• Assisted basis with GRC software installation
• Knowledge transfer with Basis, the Business, and GRC Owners
• Updated security policy and procedures
• Created testing schedule and lead the Security Role Testing
• Reduced SoD with the Security Role Redesign
• Review and review SoX Audit Findings
• Troubleshoot CUA issues

Confidential, Antonio, TX

Responsibilities:

• Upgrade Virsa 4.x to GRC Access Control 10.1
• Created training material introducing the business to Risks and Mitigation
• Troubleshoot and resolve plug in issues
• Assisted basis with GRC software installation
• Trained the SoX committee how to review SoD Conflicts and develop a mitigating strategy
• Reviewed existing SoD matrix and transitioned the existing Risks to new Rule-set
• Lead Rule-Set workshops
• Documented and implemented process to support Rule-set
• Set Mitigation strategy with Internal Audit and the Business
• Transitioned existing Controls (Non SoD ) to SAP

Confidential, Falls Church, VA

SAP NetWeaver Identity Management

Responsibilities:

• Integrated NetWeaver IdM 7.2 / VDS with HCM
• Create BPPs
• Provision users to SAP Landscape
• Create SAP BPC 10.1 Roles and troubleshoot SAP BPC authorization issues
• Mass create roles and users
• Mass change roles and users
• Mass create derived roles

Confidential

SAP Security & SAP NetWeaver Identity Management

Responsibilities:

• Integrated Netweaver IdM 7.2 with HCM and Active Directory
• Apply best practices to Identity Center
• Clean up existing Identity Center (Repository, Identity Store, VDS, and Jobs) and apply Best Practices
• Deploy Password Self Service for HCM
• Provisioning to HCM and Active Directory
• Create a test environment with consists of VMWare ESXi and OVF images

Confidential, Philadelphia, PA

GRC Access Control 10 Consultant and HCM Security Lead

Responsibilities:

• Blueprint HCM Roles and gathered requirements with functional leads
• Created HCM SAP Security Roles
• Created testing strategy, policy, and procedures
• Secured HCM data including background jobs, interfaces, and print jobs
• Deployed Structural Security
• Create and tested HCM Roles (ESS, MSS, Payroll, Benefits, Organizational Management etc)
• Designed Portal Architecture to include Active Directory groups for provisioning roles
• Created the PI security and role strategy
• Emergency Access Management
• Access Request Management
• Analyze Risk Analysis
• Business Role Management
• Developed the User Provisioning Strategy (On / Off Board Process) and Landscape to include HR Triggers
• Integrated HCM with GRC AC 10
• Integrated SAP Portal with ABAP systems
• Resolved Data Source Issues
• Automated ESS, MSS, and SAP Common Role Provisioning strategy to positions in HCM
• Created ruleset and processes to support the ruleset
• Deployed Password Self Service
• Configured MSMP Workflow Settings, completed post installation steps using SPRO and NWBC
• Developed the Rue Set (include custom Tcodes, Functions and Risks)
• Set the Mitigating Control Strategy

Confidential, Cleveland, Ohio

SAP Netweaver IdM 7.2 Consultant

Responsibilities:

• Integrated GRC Access Control 10.0 and NetWeaver IdM 7.2, VDS, HCM, ECC and BI
• Troubleshoot the web services between VDS and GRC Access Control 10.0
• Created User Provisioning processes, strategies, and project plan for SAP IdM 7.2 and GRC Access Control 10
• Configured IDM to Provision to ECC, SAP, HCM, BI, Active Directory, and Exchange
• Blueprint and deployed Compliant User Provisioning, Risk Analysis, Enterprise Role Management and Super Privilege Management
• Developed GRC Access Control 10 deployment methodology
• Lead ruleset development workshops which included documenting ongoing maintenance and processes
• Created the Mitigating Control Strategy
• Lead SoD workshops and mitigating control workshops
• Redesigned SAP Security Roles
• Created policy and procedures to sustain on going compliance

Confidential, Provo, Utah

Security Architect, SAP Netweaver IdM 7.2 Consultant and GRC Access Control 10 Consultant

Responsibilities:

• Developed the Audit Response Team and trained the team how to interpret the SoD conflicts, audit findings, validate the findings and develop Controls
• Trained the Audit Response Team and employees regarding Control Deficiencies, Significant Deficiencies, and Material Weaknesses
• Developed solutions for Control Deficiencies and prevented Significant Deficiencies
• Created Internal Controls preventing audit findings from resurfacing
• Upgraded GRC AC 5.3 to GRC AC 10.0
• Upgraded Virsa 4.x to GRC AC 10.0
• Implemented User Provisioning with GRC Access Control 10
• Developed and maintained the GRC Rule Set to include custom transaction
• Provide Internal Audit with GRC RAR training (Rule set) and remediation training
• Educate the client regarding SAP NetWeaver IdM, GRC Access Control, and User Provisioning
• Redesign SAP Security Process to accommodate SAP NetWeaver IdM and GRC Access Control
• Redesigned FI, SD, SCM, and HCM roles resolving role SoD issues
• Developed an Audit Committee and set strategies for resolving Audit Findings
• Review GRC Access Control installation and assist with various stakeholders taking ownership

Confidential

Security Architect, IdM Architect, and Approva Consultant

Responsibilities:

• Provide ECC, BI, and HCM security support
• Maintain direct and indirect role assignment
• Analyzed Approva SoD reports and resolved SoD conflicts
• Recommend process enhancements to support an implementation of IdM
• Analyze Data Integrity and proposing a clean up effort issues for SSO and IdM
• Reviewed Security Policy and Procedures improving User Provisioning
• Analyze SoD tools Approva and GRC Access Controls and present the Pros and Cons

Confidential, Middleton, WI

SAP Security Lead

Responsibilities:

• Developed SAP Security strategy, processes, policy, and procedures
• Manage Security tasks and resources according to the implementation Project Plan
• Designed, developed, tested, and implemented ECC 6.0 Security
• Deployed Single Sign On (Kerberos) integrated with AD and SAP (ABAP and Java)
• Implemented CUA and administered users
• Created security process and procedures which will be integrated with a future installation of SAP NetWeaver Identity Management

Confidential, Norwalk, CT

IDM / GRC Consultant / Security Consultant

Responsibilities:

• Developed Identity Management requirements and researched various Identity Management solutions
• Integrated SAP IDM 7.1, GRC Access Control 5.3, HCM and Active Directory
• Researched various Enterprise Single Sign On solutions which met the client’s requirements
• Created IDM and GRC Access Control project plan
• Reviewed and enhanced security business processes to support IDM / GRC implementation
• Developed the data clean up strategy to support the integration of SAP, AD, SAP Portal, and non-SAP Applications
• Design and documented IDM, GRC, HCM, Active Directory, and Access Control landscape
• Configured an IdM test environment to Provision to Portal, HCM, ECC, Active Directory, and Non-SAP Applications

Confidential, Atlanta, GA

IDM / GRC Consultant / Security Consultant

Responsibilities:

• Worked closely with an SAP resource and we Integrated SAP IDM 7.1, GRC Access Control 5.3, and HCM
• Created IDM and GRC Access Control project plan with a team and Manage resources to milestone
• Documented and standardized SAP business processes to assist with developing IDM / GRC requirements
• Designed and documented IDM, GRC Access Control, and SAP Applications landscape
• Reviewed and enhanced security business processes to support IDM / GRC implementation
• Part of a team which configured IDM to Provision to Portal, HCM, BI, SAP ABAP Systems