Professional Profile

Over 10 years of experience in the Information Technology industry including more then six years of progressive SAP Basis and Security Administrative experience in development, quality and production environments with specialization in SAP Basis - Security & technical aspects of SAP R/3 implementations and integration. Extensive experience on various SAP R/3 systems such as SAP R/3 4.7,NetWeaver 2004/2004s, ECC 5.0/ 6.0, BW 3.5/ BI 7.0 and Solution Manager. With expertise in production support and maintenance of database systems in SAP R/3 environment that includes SAP security activity, user administration, authorizations, background job administration, health checks, and change/ transport system. Well-versed with client administration, Transport Management System, and spool administration, administration troubleshooting, and handling security issues through PFCG on PRD, QAS, and DEV with good knowledge in configuring Workbench Organizer, Correction and Transport Systems and Transport Management System STMS. Adept in system profiles, operation modes, logon load balancing, ABAP dumps and system log of an SAP R/3 application, analyzing Online Service System (OSS) notes and a good knowledge on SAP Routers administration. Very resourceful and innovative self-starter with IT vision, strong work ethic, and proven interpersonal, judgmental, and problem solving attitude with the ability to take lead role on the issues and projects.

Summary

• Security/Authentication/SSO/Role implementation.
• Develop/Document/Monitor Security Policies/Procedures in relation to SAP (internal/external) access control.
• Systems/Security – NetWeaver 2004/2004s
• BI specific authorizations and functionality i.e. custom reporting objects, hierarchy authorizations as well as all aspects of info area, info cube, info set reporting.
• Compliance of security issues is managed in strictest of manner in dealing w/ ABAP, Web AS and Functional areas.
• Examine and monitor processes for compliance of Industry and Government mandated processes and proficiency on SOD tools/analysis SAP GRC VIRSA 5.1/5.2/5.3 Access Control Suite.

Experience and Education

• More then six years of SAP Experience Overall.
• Excellent knowledge of SOX, COBIT and ITIL.
• SAP GRC 5.1/5.2/5.3, Access Control Suite i.e. Compliance Calibrator, Firefighter, Access Enforcer, Role Expert.
• SAP GRC Process Control 2.0 and 2.5
• MDM 5.5/7.1 monitoring and security as well as GDS.
• IDM 7.0/ 7.1 configuration, monitoring including integration with GRC.
• Specializing in Security - Basis on ECC/BW/EP/EBP/HR/GTS/Solution Manager.
• 10 Years of Professional Technical Experience, working to provide solutions and value to various customers.
• Education – BBA
• SAP Education
• ADM100, ADM940, ADM950, ADM960, AC210, SD, FICO
• Ramp-up Knowledge Transfer for SAP Netweaver
• SAP NetWeaver Identity Management 7.1
• SAP Netweaver Enterprise Search 7.0
• SAP Solution Manager 7.0 EhP 1
• Business Configuration Sets

Assignment History

September 2009 – Present Confidential, Milwaukee, WI
SAP Security Consultant

• Provide day-to-day security support to Functional, Development and Help Desk staff.
• Validate Clients existing model, and enhance it for their future needs.
• Optimization of security roles, resulting in drastic reduction of security roles for maintenance, utilizing of customer exits.
• Provide Analysis on various SAP SOD tools.
• Support in establishing and maintaining the security and security procedures for SAP systems.
• Participate in requirements gathering, assessment, design, configuration and testing activities for SAP security.
• Devise the Production Support flow for Security Helpdesk and Business Point of contacts for Production Go live.
• Creation of users for the Java system through User Management Engine (UME).
• Document and maintain the End User Access Database Matrix.

November 2008 – May 2009 Confidential, Middleton, WI 

SAP System Analyst

• Manage requirements gathering and effective design for security roles.
• Work with the existing Security team staff on SAP best practices.
• Guide functional/technical team(s) in securing access to their Business processes in line with SAP Best Practices.
• Explain/Enlighten SAP security authorization concepts to Internal Audit staff.
• Provide pros and cons on various SAP related Segregation of Duties analysis tool.
• Knowledge Transfer of New Analysis Authorization Concept.
• Validate Clients existing model, and enhance it for their future needs.
• Optimization of security roles, resulting in drastic reduction of security roles for maintenance, utilizing of customer exits.
• Assess the current design and provide recommendations to enhance and secure the SAP landscape and the application layer.
• Facilitate clear, effective and regular communications among team members, other I/S personnel and Business partners.
• Translate concepts and/or requirements into actionable activities or items.
• Ensure cost-effective design and implementation SAP security in support of business objectives and requirements.
• Create/Maintain the security project plan for development, testing, QA, and Go live.
• Worked on SPAM/ SAINT and kernel upgrade, and applied application, Basis, ABAP support packs to maintain the system up-to-date.
• Worked on Transport Management wherein configured TMS and carried out transports using STMS.
• Created, managed and released change requests for transports and resolved TMS problems.
• Worked on SAP security management, resolved security issues using PFCG, and user management creating roles that included base roles, derived roles, and composite roles on SAP R/3.
• Configured operation modes and managed instance profile/ logon groups for load balancing.
• Implemented early watch recommendation.
• Configured SAPCONNECT (SCOT).

June 2004 – October 2008 Confidential. Waukesha, WI 

Technical Support

• Assess the current design and provide recommendations to enhance and secure the SAP landscape and the application layer.
• Analysis the CUA landscape to provide better-automated and effective controls and audit trails.
• Facilitate clear, effective and regular communications among team members, other I/S personnel and Business partners.
• Design SAP security access using best practices and standards.
• Provide Analysis on various SAP SOD tools.
• Document and maintain the End User Access Database Matrix (User Vs Job Role Matrix)
• Knowledge Transfer of New Analysis Authorization Concept.
• Troubleshoot design of Queries/workbooks/templates for security related issues.
• Support in establishing and maintaining the security and security procedures for SAP systems.
• Participate in requirements gathering, assessment, design, configuration and testing activities for SAP security.
• Working with the process teams to test and refine security.
• Work with the security/basis team in setting up proper usage of PFCG/authorizations/transports.
• Carried out client maintenance tasks such as client creation, client deletion, local client copy, and remote client copy.
• Carried out database monitoring using DB01, DB02, ST04 and DB24.
• Carried out installation and configuration of SAP Web AS640 ABAP, Java Stack.
• Worked on CCMS monitoring, short dumps, system logs, DB Alerts, SQL Traces and lock entries.
• Scheduled and monitored background jobs.
• Worked on performance tuning for the production and development server.
• Worked on spool administration and Printer management.
• Participated in the project preparation of the upgrade procedures and worked on SAP R/3 upgrade from SAP ECC 5.0 to ECC 6.0

September 1998 – June 2004 Confidential. Pewaukee, WI 

Technical Consultant

• Developed functional and technical specifications documents.
• Provided Level II/III Support for 300+ users.
• Develop Security Assessment Package with good practices and areas for improvement.
• Secure all SAP environments from Internal/External factors.
• Educate Business and IT on ERP control points.
• Ensure that management and execution of all areas of development in ERP security are optimized.
• Compliance of security issues is managed in strictest of manner in dealing technical and Functional areas.
• Revamped entire security for ERP implementation ranging from security to execution to monitoring, as well as adherence to strong and flexible naming schema.
• Setup Hierarchical authorizations for Cost Center as it related to payroll.
• Co Developed Security Charter for the IT security dept.
• Supply good security practices to Security team and knowledge transfer.
• Manage requirements gathering and effective design for security roles.
• Work with the existing Security team staff on ERP best practices.

February 1998 – August 1998 Confidential, Madison, WI 

Technical Consultant

• Developed enhanced training documents and delivered training to end-users.
• Validate Master Data in Training Environment for End users training.
• Handled data loads from the legacy system to new ERP for customer master.
• Provided test coordination.
• Participated in performance tuning of production server.
• Design Local Area Networks and Install LAN-WAN interface.
• Implement, Monitor Network Security, Develop and implement network system and user security requirements.
• Backups are secured off-site in accordance with company specifications. Remote access is properly verified in accordance with company procedures. Security for user accounts is maintained across all systems. Security policies are documented and available to all company employees. Security requirements are monitored, implemented and enforced in accordance with company procedures.
• Establish and maintain network accounts.
• Traffic to and from network devices are monitored for security violations.
• Remote access is properly controlled through permissions and virtual private networks.