SUMMARY:

An exceedingly experienced technical SAP Professional with 10+ years of total IT experience and 8+ years in SAP technologies seeking a consulting position in the area of SAP Security and GRC. Specialize in security design, implementation and Administration in wide range of SAP products and modules. Hold great deal of experience in NW2004s and modules and System Audit using products such as GRC, Approva, and MIC to help organization to be in compliance with SOX and ITAR and other standards at law. Hold strong analytical and interpersonal skills. Self motivated and driven; thrives in a fast-paced environment and show strong multi-tasking skills in organized fashion. Team player mentality yet acts independently as needed. Have excellent communication skills.

Technical Skill Summary:

• Experience in implementing SAP Security following ASAP methodology pathway for smooth transition to SAP.
• Design security based on industry IS*.
• Exposure to IS – Retail, Aerospace and Defense, Oil and Gas.
• Full lifecycle end to end implementation experience.
• Exposure to GTS.
• Extensive experience developing security concept, design and implementation in various SAP products including R/3 4.6x, 4.7, ECC5.0, ECC6.0, NW2004, 2004s, BW-BI, SRM, BPC, CRM, APO (SCM), SEM, SRM, EBP, EP, XI, SNC, Solution Manager, CUA.
• Audits systems implementations MIC, GRC, and Approva to maintain compliance with SOX, ITAR, PCI, ISO2700x. HIPAA, FDA, COSO COBIT and other standards.
• Understanding of JAFAN and NISPOM.
• Employee provisioning.
• Administer EDI processing.
• SAP Identity Manager (NWIM) knowledge.
• Coordinated in completing the SAP security Audit requirements checklist.
• Developing SOD (segregation of duties) matrix with cooperation of functional people.
• Designed security roles and authorization for R3 modules FI-CO, HCM(HR), MM, DMS, TDM, PEP, PLM, PS, PM, WHM, QMS, SCM, MRO, PM, SD, ESS, MSS, BC (for ABAP and Basis). cFolder, BO.
• BW upgrade to BI.
• Strategized security for UAT (user acceptance testing) and all other testing cycle environments.
• Implementing and reviewing SAP Authorization Concept.
• SAP UME administration and J2EE roles.
• Handling PFCG (check indicators, SU24, transport & upload roles).
• Build Framework: Security Audit tools & Change Documents (SCDO).
• Global HR security rollout.
• Implemented Structural Authorizations and position based security in HCM (HR).
• Worked with BI / BW authorizations and hierarchy nodes (RSECADMIN).
• Designed Security for BPC using Admin Console.
• BI 7.0 Strategy and Tactics, Analyses Authorization.
• Oversee SAP user licenses (USMM).
• Administer for role transport across the landscape.
• Created and administered CUA for very complex landscape.
• Identity management and LDAP integration.
• Configured GRC GTS tool previously known as Virsa, Approva and MIC.
• Frequently use CATT (SCAT) and eCatt (SECAT) for mass updates.
• LSMW for data loads.
• Administer OSS user accounts and SCCR keys.
• Experience of SSO and SNC.
• Knowledge of ITIL.
• ALE maintenance
• Experience in Solution manager (Solman): CHARM, Incident manager, CUA.
• Basis skills include system copy (refresh), client copy, note implementations, spam updates, system parameters, system monitoring, printer updates.

Technical Proficiencies:

ERP: SAP R/3 4.7 Ext Set 2, mySAP ERP2005, mySAP ERP 2004 , BW 3.5, BI 7.0 , CRM, APO, EBP

Middleware: COM, DCOM, MTS

OS: UNIX (Solaris 8, IBM AIX, HP-UX), WindowsNT/2000 Server, Windows XP.

Databases: Oracle 9i/8i, MS-SQL Server, SQL Server 7.0, MS Access

Languages: ABAP/4, C, C++, Java, Java Script, VB Script, PL/SQL, XML, HTML

Tools: Virsa (Compliance Calibrator, Fire Fighter, Access Enforcer), Aprova, Test Director 8.0, Quick Test Professional, Dream Viewer, FrontPage, Visual Studio. NET, Infopak, Tidal.

Professional Experience:

Confidential, Tulsa OK
Industry: Aerospace and Defense. Clientele: Major airlines, airplane manufacturers and US Army.
Role: SAP Security/GRC Architect
Duration: April 2007- October 2009

• Full lifecycle SAP implementation.
• Designed security for SAP IS* for ‘Aerospace and Defense’ which included products and modules such as FI-CO, MM, SCM, QMS, PP, PM, SD, HCM (HR), MRO, DMS, TDM, PEP, BI-BW, APO.
• Build Framework: Security Audit tools & Change Documents (SCDO).
• Maintain compliance SOX and ITAR.
• Maintain security for BO, cFolder through UME.
• Configured and administered GRC.
• Rule building in Compliance Calibrator, Access Enforcer, CUP
• Remove SOD issues.
• Implementing and reviewing SAP Authorization Concept.
• Handling PFCG (check indicators, SU24, transport & upload roles).
• Global HR security rollout.
• Deployed BW Security design and structure.
• Security upgrade for BW3.5 to BI7.
• Implemented security around BPC (Business, Planning and Consolidation) using Admin Console.
• Designed and Administered security in EP 7.0 (Enterprise Portal) using UME.
• Responsible to manage SAP user licenses (USMM).
• Responsible for role transport across the landscape.
• Created and administered CUA for very complex landscape.

Confidential,OK
HCM (HR) Security Consultant Oct 2006 – March 2007

• Role definition depends on HR positions
• Analyze existing role HR role design, identify gaps and recommend solutions according industry best practices.
• Removed indirect access to HR data.
• Created reports without compromising sensitive HR data.
• Implemented Structural authorization concept.
• Installed security around custom objects.
• Integrated HR security in BW.
• Imported HR structure from R3 to BW.
• Comprehensive knowledge exchange and documentation of Security and HR functions, including use of PPOMW, Expert functions (PO10, PO13, etc)
• Suggested scrambling HR sensitive data in Q/A environment for robust testing.

Confidential,IL
SAP NW04s Security Consultant Feb 2005 – Oct 2006

• Designed and created SAP Security strategy and documentation.
• Created Role Template from functional specs provided by functional team.
• Created guidelines for deploying, changes and transporting all roles.
• Created Project team roles for functional team members (ABAP, consultants, Analysts, Basis and Security).
• Converted several Auth-objects to Org-Field to reduce number of derived role and administrative effort.
• Documented and trained (knowledge transfer) for creating roles, utilize authorization groups for confidential vendors GL accounts.
• Recommended with respect to the utilization of CUA.
• Designed Transport Strategy.

Confidential,IL
SAP Security/Audit Consultant June 2001-Feb 2005

• Worked on many projects specific to area of security in different SAP IS* solutions.
• Played key role in full lifecycle implementation.
• Lead in various projects.
• Clients ranged
• Delux Corporation
• International Paper
• Dow Agro Sciences
• Vivato Networks, Inc.
• Review existing security roles and redesign with ever changing business needs.
• Identifying Security’s Key Role in Maintaining Sarbanes-Oxley Compliance.
• Designing Security for BW module
• Design BW info object security and Info level Security for various functional groups to access report and data in BW.
• Discuss with Module owners to create new roles and fix authorization issues
• Created roles and generated authorizations using Profile Generators (PFCG)
• Perform Client copy using SPCL
• Building the Roles using the transaction codes and implementing these Roles for the client organizational levels creating derived Roles and authorization profiles for the various plants located at different geographical locations in Development system
• Authorizations for Middleware Developer, Administrator, Consultants in CRM.
• Customization of CRM Middleware Roles.
• In CRM security generated authorizations for RFC connections.
• Configured Security settings for RFC and DCOM connections in CRM.
• Setting up the CCMS: Import and maintain Profiles, Define Operation modes, maintain instance definitions, schedule operation modes
• Configured Three-tier system landscape for Development, Testing and Production systems
• Defining, scheduling, monitoring background jobs for database and offline redo log file backups
• Tested and implemented security recommendations given by SAP audit team
• Spool administration: Defining Output devices for local, remote and front end printing, define and make use of logical spool servers, manage spool and output requests
• Created and Maintained Users.
• Providing support for workbook access hierarchies and node level access, Comprehensive knowledge exchange and documentation of security including Profile Generator, Day to day technical support and resolution of security issues
• Maintenance of HR-Organizational structures, assignments (positions, roles)
• Created User, Groups, generates authorization profiles.
• As a Security Consultant study the current security system, include the new requirements, re-designing, defining and implementing task groups and Functional rolls for different Business Processes areas
• Set up Profile Generator, activity groups/authorizations/profiles.
• Redesign of SAP Security roles, identifying SOD’s and creating all new SAP Security Roles
• Worked on Single Sign-On Solution for SAP Internet Transaction Server
• Configured the workplace and created roles in workplace and R/3 to support Employee Self Service implementation.
• Initial provisioning, from establishing user accounts to role assignments.
• Maintaining the Security Audit logs and setting the Audit log Parameters.
• Assisted the basis team in Going Live checks during the implementation of the APO and BW systems.
• Used Audit Information System to perform the audit. Ran reports for critical transactions and objects.
• Ran reports to check the change log passwords for users SAP* and DDIC.
• Configure system parameters
• Written CATT scripts for creating, deleting mass user ids, creating and generating the roles.
• Worked with development team and 3rd parties to setup See beyond Middleware and connections (FTP, RFC, Telnet, etc) between SAP and their systems.
• Created Roles in Universal Development R/3 System and Transported to development System.
• Created roles, derived roles for the MM, PP, SD, EDI, WM, FI, CO modules.
• User Creations for all Modules and support users in all Systems.
• Mass transport of Roles from Development System to Production System. Worked on Central User Administration for single point of control to user master and profiles which involves setting ALE environment for CUA.
• Worked on Authorization objects, Activities/values/authorization groups, Roles, Role derivations, Activity groups, Composite Activity groups and User id assignments.
• Assigning PD objects to activity groups and assigning users to the activity groups, which can be based on work center, Job, Organization Unit, Person or position
• Created derived base roles based on the plant level security, and the roles with only the display authorization and others with create and change authorizations.
• Profile generator activation, loading the SAP default tables in Customer Table, Transporting activity groups between the clients, transporting the user master records and the profiles across to the production.
• Implemented User authorization security system on R/3 system using profile generator and Authorization Objects.
• Configured and used Transport Management System (TMS) to move change requests throughout the system.
• Configured parameter settings in the instance profile, configured background jobs, created new users, and used developer trace files and ABAP short dumps for troubleshooting problems.
• Worked on the Composite activity groups, Derived Base roles for better and easier way for managing authorizations and assigning PD objects to the Activity groups.

Confidential,Skokie, IL
System Administrator August, 1998 - January, 2000
Responsibilities as System Administrator:

• NT Domain Administrator
• Migration of users from Novell to NT
• Create desktop images for end user mass deployment
• Provided end user support for Windows 98se, NT4.0, Win2k, Windows XP, MS Office