JAY DHRUV, PMP
** ***** ** ******-********** experience. 10 years in SAP Security, SOX, SAP GRC,
Internal controls & audit support experience.
Focus Areas :-
SAP GRC Integration
Configuration, setup and upgrades
SAP Security
Successfully Led SAP security role redesign Rule design, and testing
efforts at multiple client locations. Firefighter access setup
Monitored the Service Desk ticketing system for User provisioning workflow design and
SAP Security requests and ensures all configuration
requests are promptly and accurately handled
Ensured that appropriate policies and procedures
are followed to support timely and accurate Controls Assessment, Audits & Improvement
provisioning of SAP user access Segregation of duties (SOD) analysis
Monitored requests to ensure appropriate Access violation remediation
resolution per SLAs, recommended and SAP general computing controls configuration
implemented process improvement to SAP application process controls assessments,
improve service response Design and configuration
Coordinated with Functional leads, Business users
& Project Team to ensure proper alignment
between SAP role design and build activities Project Management
Project Management Office (PMO)
and security administration activities; includes
Project planning, coordination and reporting
communication and monitoring of access
Strong understanding of business functions and
issues to SAP Security Analysts to ensure
knowledge of functional roles and associated
proper resolution.
access
Coordinate with the SAP Architects, Developers,
Experience in implementing and supporting
and BASIS Administrators to find technical
security with various industries like High end
security solutions to new business
technology, Life
requirements; ensures that new security
sciences, Oil & Gas, food industry, industrials
requirements are properly incorporated into
Vendor coordination
the access administration process
Technical support
Assisted in the execution and monitoring of action
Quality assurance
plans for remediation of audit and risk issues
Professional Experience
Sept 2006 – Present Contracting at Motorola Inc in Holtsville, NY
Position : SAP Security Lead
Developed and Deployed reports for Audit related activities.
Led a security team of 8 team members in SLA mode
Owned & restructured Security controls for SAP security
CRM, SRM, GTS, SCM, Portal, BI, FI, SD, MM, PS, HR security
Improved security processes, established best practices.
Resolved day to day sap security issues & escalations on critical issues
Reduced the ticket backlog substantially and streamlined the process
Reduced the SAP License cost to the customer
Streamlined the compliance process to reduce internal control failures.
Built 740 new roles to replace 4000+ old legacy roles for 2000 users.
Scripted catt & ecatt for mass role modifications and deletions
Conducted workshop trainings for SAP Security for Business users.
Configured SAP GRC Access Controls products.
Feb 2006 - Sep Contracting at Burger king Inc in Miami, FL
2006 Position : Sr. SAP Security Consultant
Implemented User authorization security system on R/3 system using profile
generator and Authorization Objects.
Managed R/3 security in a support team for 430 users in stringent SLA mode
structured support for Audit related activities.
Provided SOX reports to higher management
Security Ticket management using Remedy
Transported profiles across environments and carried out unit testing
Performed user administration and authorization administration.
Setting up mitigating controls in compliance calibrator
Running daily reports to keep a watch on compliance
Performed monthly & annual reviews of Job Roles and Security access
Oct 2005 - Feb Contracting at American Standard B&K in Piscataway, NJ
2006 Position : SAP Security Lead
Implemented User authorization security system on R/3 system using profile
generator and Authorization Objects.
Manage R/3 security in a support team for 3200 users.
Worked in stringent SLA mode
Authorizations, role and profile management
SOD analysis using SAP GRC tool.
Provide support for Audit related activities.
Provide SOD reports to higher management.
Have a thorough understanding of information security methodologies and
provisioning.
Coordinate with process teams, technical teams, SOX teams, external and internal
audit teams, production support teams and Develop work schedules that ensure
security controls responsibilities are completed within timeframe that meet
requirements.
Security Ticket management using Remedy
Transported profiles across environments and carried out unit testing
Trouble shoot authorization problems using SUIM. SU53, SU24 and ST01.
Performed user administration and authorization administration.
Setting up mitigating controls in compliance calibrator
Running daily reports to keep a watch on compliance
Interface with Clients and Functional Teams to ensure Job Roles are consistent across
lines of business and business processes.
Perform monthly & annual reviews of Job Roles and Security access
handle inquiries from end users and Divisional Coordinators (i.e. Business
Approvers)
Apr 05 - Oct 05 Contracting at Eli Lilly Pharmaceuticals in Indianapolis, IN
SAP Security Lead Valuations & Control (Finance)
Manage R/3 security in a support team for 40,000 users.
Worked in highly stringent SLA mode following all FDA guidelines as preset for a
pharma company.
Authorizations, role and profile management
SOD analysis using VRAT.
Security Ticket management using Remedy
Provide support for Audit related activities
Transported profiles across environments and carried out unit testing
Trouble shoot authorization problems using SUIM. SU53, SU24 and ST01.
Assisting in security policies and documentation.
Helping streamline security process and refining the overall approach using
documentum.
Actively participate in development and documentation of security policies,
standards and guidelines for SAP platforms and systems environments.
Manage and maintain the IT Security Policies and Standards document to reflect
current business requirements.
Feb 04 - Apr 05 Contracting at British Petroleum in Naperville, IL
Position : Security Lead
Sarbanes-Oxley Compliance work: Worked on Virsa’s SOD tool VRAT to find the
segregation of duties risks & issues.
Development and preparation of detailed security policies and procedures
Developed Overall Security approach for Release 4 project for 700 users of British
Petroleum
Developed Unit and UV testing approach
Executed SOD Simulations for users for identifying and communicating the SOD
issues.
Developed the Mitigation templates, Role Elimination templates for Audit
Compliance.
Worked with business teams to analyse SOD issues and remove the Sods from roles
in R/3 Enterprise environment by removing conflicting t-codes from roles.
Developing the Test plan for Unit testing and User Verification
Developed the CATT Scripts for User build and Role updates, Coordinated User
Build and support
Fulfilled security needs for users at various stages of the project.
Successfully understood clients' security and control readiness and provide
appropriate security assistance
Understanding segregation of duty concerns with respect to application security
implementations
Issue reports that address: level of business risks, effectiveness
of controls, and consultative business solutions.
worked with project tools, such as MS Access, MS Project, CATT scripting, and
testing tools and help desk support applications
Prepared the overall security approach, Test plans.
Trouble shoot authorization problems using SUIM. SU53, SU24 and ST01.
Provided the security estimates in the overall project plan estimate for budgeting
purpose.
Mar 03 - Feb 04 Contracting at Thomas Cook in Mumbai, India
Position : Basis & Security Lead
SAP Instance installation of 4.6C,
Roles designing for 130 users of Thomas cook
Developing Project security standards, guidelines, policies, and procedures.
Ongoing user support and administration
Homogeneous copy of client
Transport management
Defining Backup strategy and coordinating execution.
Implementing security solutions that facilitate business operations
Performed client landscape setup, client copy, client refresh, client delete.
Responsible for daily system monitoring and troubleshooting
Applied R/3 Support, HR, Basis, ABAP and kernel patches and OSS notes
Configured STMS.
Performed Database backups and recovery.
Security Ticket management using Remedy
Transported profiles across environments and carried out unit testing
Trouble shoot authorization problems using SUIM. SU53, SU24 and ST01.
Performed user administration and authorization administration.
Troubleshooting printer issues
Interface with Clients and Functional Teams to ensure Job Roles are consistent across
lines of business and business processes.
Performed SAP related database and OS tasks on different flavors of Windows.
Tablespace administration for oracle databases
DB Reorganization on need basis
Jan 01 - Mar 03 Vice President – Technology at Synise Technologies in Pune, India
Position : Technical Head for SCM for Team Size of 70 People
Planning and driving the projects.
Involved in the complete development cycle of a product - all the way from
envisioning a product until it is released
Review important deliveries like functional requirement specifications
Additional responsibilities include cross-group communication and collaboration,
and effective project management within your product development team
Creation of mass-produced, packaged product, or - in other words Enterprise solution
that are well thought out, well documented, upgradeable, localizable, etc
Review the Design.
Triaging what bugs should, and shouldnt be fixed for the product.
Scoping, and identifying what work should be done or what needs to be phased.
Writing presentations/whitepapers about the feature
Giving presentations about the feature area
Reviewing documentation for the feature
Answering customer questions about the Product Participate in Presales etc
The SRM Framework consists of
Reverse / Procurement Auction
Collaborative RFP / RFQ sourcing process
Catalog Buy
Supply Management
Request for Information
Purchasing Intelligence
The work also involved integration of SRM solution with SAP.
SCM (Custom Development with interface to SAP)
Technical Head for SCM for Team Size of 70 People
Planning and driving the projects.
Involved in the complete development cycle of a product - all the way from
envisioning a product until it is released
Review important deliveries like functional requirement specifications
Additional responsibilities include cross-group communication and collaboration,
and effective project management within your product development team
Creation of mass-produced, packaged product, or - in other words Enterprise solution
that are well thought out, well documented, upgradeable, localizable, etc
Review the Design.
Triaging what bugs should, and shouldnt be fixed for the product.
Scoping, and identifying what work should be done or what needs to be phased.
Writing presentations/whitepapers about the feature
Giving presentations about the feature area
Reviewing documentation for the feature
Answering customer questions about the Product Participate in Presales etc.
Feb 00 - Jan 01 Chief Technology Officer at Kalyani Net Ventures in Pune, India
Manage Company’s Network & Servers
Proxy server, Domain server, mail servers
Manage Firewall
Liason with Vendors for hardware and software
Manage web based projects
Oversee kalyani portal development for B2C
Project Experience
Oct 99 - Dec 99 SAP Basis Consultant at General Motors India Ltd
Participated in General Motors Y2K Compliance program
Participated in General Motors Server Up-gradation Program
Participated in Web-enabling of SAP-Server Program
Education
MBA in Systems & Operations, Symbiosis, Pune, India
BE (Mechanical) Gujarat, India
Employer Details
Sept 2006 till Date = Patni Computer systems Inc
Feb 2006 to Sept 2006 = Mindtree Consulting Inc
March 2003 to Feb 2006 = Tata Consultancy services
March 2000 to March 2003 = Synise Technology and Kalyani Net Ventures
Technical Certifications & Training
ERP: SAP Basis Training CIIL
Project Management : PMP
Microsoft Certified Systems Engineer (NT4.0)
MCP+I: Microsoft Certified Professional plus Internet certification
OS: Sun Microsystems System Certification SA1 Solaris 7.0, Unix
Database: Oracle 8i Database Administration & Management
Remote management : Citrix
OS: RedHat Linux 6.0
Networking Fundamentals
Certified PMP
Certified SAP GRC Cell : 631-***-****