Post Job Free

Resume

Sign in

Sap Security United States

Location:
Louisville, KY
Posted:
February 12, 2024

Contact this candidate

Resume:

Stan Snyder III

Home: Louisville, KY

Mobile: 312-***-****

ad3j60@r.postjobfree.com

I am a United States Citizen

Summary: Stan is a talented consultant with 20+ years of SAP Security implementation, conversion/upgrade audit, and GRC expertise. He specializes in the implementation and conversion/upgrade of legacy SAP installations to SAP NetWeaver Scenarios. Stan has designed and managed SAP security, supervising client resources from blueprint through role development, testing, and production. He has led numerous global SAP Security implementations and upgrades where he designed and implemented the security strategy. Stan has successfully managed multiple projects simultaneously while delivering excellence to clients. Most recently, Stan has concentrated in SAP Fioi Security, ABAC security, BI 7.0 and BI Portal Broadcast Security, BI-BOBJ integration security, and a GRC version 10-10.1 EAM (Firefighter), ARA, and ARM projects.

Technology Summary:

Proficient in: SAP R/3 3.1i, 4.0B, 4.6c 47 ECC5.0, 6.0, BW 3.0b BI 3.5, BI 7.0, 7.2, 7.3, BOBJ 3.1, 4.0, GRC 4.0, 5.2,10.0, 10.1 GTS, PLM, EWM, TM, EP 6.0, EP 7.0, eCATT, LSMW, SAPScript, Virsa/GRC 4.0, 5.2, 5.3 Firefighter/SPM/EAM, Compliance Calibrator, GRC AC 10.0, 10.1, NetWeaver 2004s, Portal Admin CUA, WAS, SSO, UME, NextLabs EM, DAM

Experience Summary:

SAP Security Senior Consultant

United States DoD Defense Logistics Agency (DLA)

New Cumberland, PA 09/2021 to 03/2023

Lead SAP resource for international warehouse solution legacy system replacement S/4 HANA implementation : EWM, Fiori, ECC, TM, PI/PO,

Trained Existing staff and interns on SAP Security Role development, best practice for authorization maintenance, SU24, Troubleshooting, CTS process

Migrated NWBC prototype authorizations to Fiori Scenarios, developed custom Catalogs and Groups, and maintained S_SERVICE authorizations for Web Dynpros to ensure end to end functionality

Promoted authorization fields to org levels, maintained derived role concept to authorize multiple DoD warehouse operations

Coordinated system authorization feed for GRC 10.1 SoD remidiation prototype

Supplied trusted system authorizations to BASIS teams accross multi-tenant mall landscape

SAP Security Senior Analyst

US Army Logistics Modernization Program (LMP)

Picatinny Arsenal, NJ 09/2020 to 07/2021

Applied SAP Notes to resolve authorization relevant status for BW Characteristics per SAP BW 7.5 upgrade documentation using Eclipse workspace designer

Performed BW 7.5 Upgrade security tasks, USOBT* table comparisons, SU25 steps, SU24 adjustments to TCodes, Role updates, documentation, transport to Production

Reconfigured and regenerated Business Objects Roles, Folder permissions, Access Levels, User and Composite to redistribute rights to over 75 Army Commands via BOBJ Administration Console

Respond to Splunk alerts on behalf of Security team, perform ECC and BW Defects resolution, Service Now documentation

Modified RFC destinations, Modified BW Workspace security, SAP EP Security

Participated as security resource for HANA Native modeling POC, On-Call rotation

SAP Security Design Lead

Coty, Inc. __New York, NY 08/2019 to 07/2020

SAP PLM Security design architect for Greenfield Recipe Design (RD) formerly Recipe Management SAP HEC hosted solution at Fortune 500 Beauty Company “Project Alchemy”

Designed and built SAP PLM, Fiori, S/4 HANA 1809 security roles for COA, R&D, customer support, end user, SAP HEC, Regulatory

Advised and configured SBX, DEV, QA and PRD systems with security parameters

Leveraged custom catalogs to authorized SAP standard and custom Fiori security tiles

Created strategy for multi instance architecture with Security build to seamlessly supporting planned corporate brand divestiture

Assisted customer testing of all security role testing cycles

Documented role design, access matrix, user creation and audit capability, advised customer on GRC 10.1 integration plan

SAP OTC Security lead, Export Control SME

The Dow Chemical Company Midland, MI 07/2017 to 04/2019

Lead security implementation consultant at Fortune 500 chemical company’s M&A project

Implemented Attribute Based Access Control (ABAC) security supplementing with SAP BW 7.1 role based (RBAC) and SAP Business Objects (BO) CMC security

Established US Export Control EAR and ITAR compliance with in SAP BW and Business Objects applications

Configured NextLabs Dynamic Authorization Management suite (D.A.M – formerly Entitlement Management) to enforce policy based decisions in SAP BW 7.0, Business Objects, PLM, and APO

Restricted export controlled materials via assigned ECCN Number by users attribute data in repository in SAP BW Hana Enterprise Cloud (HEC) and APO on-prem repository

Maintained Export Controlled Classification (ECCN) master tables in SAP HEC BW, on-prem PLM and APO instances

Secured 30+ BW reports by, InfoObject using Combination of BW 7.0 Security roles and NextLabs solution

Secured 20+ APO TCodes with NextLabs tool to restrict Export controlled technology

Provided Integration for Export Control access requests to GRC 10.1 installation

SAP Security Consultant

American Honda Motors Marysville, OH/Torrance CA 01/2017 to 06/2017

Independent SAP Security upgrade consultant to Global 500 Automobile manufacturer undergoing SAP ECC Support Pack remediation exercise

Analyzed SU24 and underlying tables, ran SU25 and provide independent review of SAP upgrade proposals

Delivered recommendations to management as to estimate of effort to remediate roles and proceed with Support Pack implementations

SAP NS2 Security Advisor

US Army GFEBS Alexandria/Arlington, VA 07/2015 to 11/2016

SAP NS2 Security and GRC Lead consultant to the Army GFEBS Program Management Office (PMO)

Strategic advisor to Army leadership on security roadmaps and technologies

Evaluated status of GFEBS-SA implementation

Advised Army leadership of lessons learned and corrective actions, including risk mitigation, implementation strategy, and ABAC authorization concept offerings from SAP and Dynamic Authorization Management (formerly Entitlement Management) solution from NextLabs

Advised Army leadership on effective implementation tools and strategies, including use of SAP standard security authorizations, SAP security customization options, and third party tools

Provided strategic guidance to GFEBS program security including GRC provisioning, program documentation, change control, interface design security, Risk Management Framework objectives, migrating existing security to S/4 HANA, and creating a lab environment to test and validate new technologies.

Performed successful 12 week POC of NextLabs D.A.M. software solution on SAP Standard and Army GFEBS ECC custom transactions on GFEBS system copy

Security Architect

US Government CDC Information Management Service Atlanta, GA 2/2015 to 5/2015

Security Architect on a team of consultants for Federal awarded Healthcare IT project

Performed O&M study aimed at automating awardee and provider interface operations with national vaccine tracking database

Studied middleware solution options from a security perspective, evaluating and score carding available scenarios to deliver functionality between 64 awardee’s systems, multiple providers’ systems and national CDC vaccine database

Considerations included Internet security, PKI encryption, HL-7 messaging standards, SAP ECC/CRM/PI components and database security

SAP Senior Security Consultant

MSA, The Safety Company INC Cranberry PA 8/2014 to 2/2015

Consultant to Global manufacturing client offering role redesign strategy and optimization to support Europe 2.0X project

Performed offline Excel SAP Access analysis, realignment and re-engineering for the client’s European business to standardize on SAP Best Practices

Primary focus in defining new SAP ECC security access involved designing and implementing a role strategy to support implementation of a principal trading company in Switzerland, to optimize taxation and legal entity structure

In ECC system, transitioned existing roles to 5 new company codes and 12 new plants, 1 new Sales company as LRD (limited risk distributor), and 2 new manufacturing entities as toll manufacturers

Restricted current access roles to support configuring group costing, cross company process and toll manufacturing (MM and PP).

Configured roles to support inventory in the ownership of a newly established European principal operating concern based in ECC system

Configured roles to support VAT reporting and plants abroad functionality. Managed SAP Org element updates, role assignment and transport of over 9,000 derived and composite security roles using SymSoft Control Panel and eCATT

SAP GRC Principal Consultant

Krypt INC San Jose, CA 6/2014 to 9/2014

Consultant to Premier SAP partner offering high value solutions in SAP GRC; GTS, AC, PC, RM and SCM, APO, TM, and EWM

Responsible for RFP/project scoping, presales, and consulting in the GRC 10.x space in GRC 10 and 10.1 AC, PC and RM

SAP Security Upgrade consultant

PepsiCo International Chicago, IL 4/2014-6/2014

Strategy consultant to global customer with 150+ SAP instances worldwide, measuring effort required for the upgrade of ECC, BI, CRM, XI systems

Provide independent review of SAP upgrade proposals and coordinate impacted security objects, affected roles, SU24 maintenance and affected Tcodes

Verified pre and post upgrade status with shadow system copies

Report findings and estimates to management, assist in creating staffing estimate for role adjustment and testing within current project year timeline

SAP Security GRC Lead

Head & Engquist Equipment Services INC Baton Rouge, LA__ __4/2012-3/2014

Independent consultant, Project Lead of GRC 10 Implementation for EAM, ARA, ARM, BRM, GRC automated provisioning, Password Self Service.

Installed and configured NWBC client front end for GRC reports/Access risk analysis administration functions

Review of current security roles, policies and procedures across ECC 6.0 landscape, APO, PI

Lead customer workshops to determine rule set validation and risk level classification, usage history based role redesign from GRC action usage collector, risk remediation strategy

Rule set customization for custom/composite transactions, SAP bolt on functions

Create Technical roles to meet audit specifications for IS (Basis, Security, Development), Internal Audit Credit, AR, AP, Accounting, Unit Sales, Tax, Compliance and Financial Reporting, addressing all SOD risks in GRC rule set with the exception of previously addressed Basis and HCM risks

Remediation of 6M+ SOD conflicts in collaboration with customer’s Security, Compliance and Process teams

Converted customer to position based security model (indirect provisioning) from direct SU01 user assignment

Implemented EAM with workflow automated notification and EAM session review

Lead workshops with HR, Helpdesk, Security, and compliance teams, to drive automated provisioning strategy and design.

Co-developed BRF+ rules for GRC provisioning workflows with client resources

Captured HR hire, change and termination events, included in BRF+ decision table

Adapted BRF+ rule changes to meet the needs of onboarding/termination scenarios for HR OM/PA event and non event-driven provisioning workflows

Updated security roles across the landscape with P_PERNR, P_ORGIN values, InfoTypes 0105, 0001, 0002, 0006

Co-developed MSMP workflows for: HCM Trigger based provisioning workflows, Non HR event-driven provisioning, HR event and non event-driven termination with client resources

Documentation development and knowledge transfer with customer to configuration, standard administration procedures and exception based processes

SAP Security Design Lead

Bristol-Meyers Squibb INC North Brunswick, NJ 11/2011-3/2012

Independent consultant, SAP Security Design Lead for global pharmaceutical manufacturing company

Designed security for Visibility to Profitability (V2P) Project for BI 7.3, BOBJ 4.0 reports for GM, IR, ICP, PRC installation, including sensitive consolidated cost (CC) data

Developed Analysis Authorizations to secure by custom Authorization object tied to profit center hierarchy

Provided best practices recommendations to complement existing BI security model

Furnished and communicated design to client’s dedicated SAP consulting partner team, validated the build

Support testing through FUT, SIT, and UAT

Create and Provide updates to traceability matrices for project issues and security gaps, ensure adherence to design strategy and compliance with documentation, traceability, transparency requirements for internal audit

SAP BI Security Project Lead

Kindred Healthcare INC Louisville, KY 5/2011- 11/2011

Independent consultant, lead BI Security resource in a $1B acquisition to Fortune 500 healthcare company

Integrated 2500 acquired facilities into existing BI 7.0 environment from COGNOS legacy environment Created BI Security roles, Portal repositories and authorizations for reports distributed via BEx Broadcasting

Created 2500 BI 70 RSECADMIN authorizations with SAP RSEC_MIGRATION tool

Automated creation and population of new BI 7.0 security Roles with RSECADMIN authorizations, assignment to users via eCATT scripts

Troubleshooting BI 7.0 authorization issues with RSUDO trace logging functionality

BI 7.0 Security and operational procedure knowledge transfer to existing staff

SAP Security Lead

New York Power Authority White Plains, NY 6/2010 – 2/2011

Independent consultant to Public Sector IS-Utilities customer in hydroelectric power generation and transmission industry

Designed and created Security roles for BI 70 with New Analysis Authorization security concept,

Secured all reporting on MM cubes, published reports to BEx, Business Objects XI (WEBI, Crystal, and Xcelsius)

Created BI Report restrictions following HR Position based security model

Designed report level security with SAP Authentication to reports through Business Objects Central

Management Console (CMC)

Additional reports warehoused outside of SAP BW secured by Microsoft Active Directory (AD)

Designed and created Security roles and user accounts for FI Budgeting Forecasting application - SAP BPC

Lead Security Role Redesign initiative for IS-U, FI, PS, CO, and HR roles with structural authorizations

Assisted client in SOD issues, SAP_ALL removal from technical users in non- productive environments

Removed TCode duplicate assignment in Production roles

Additional cleanup of Manual and severed Org value relationships in all roles

Performed ESS/MSS access validation and issue troubleshooting

Migrated customers security strategy from single to derived role concept leveraging multiple org values

SAP Security Lead

SAP AMERICA INC

Client: BOB’s Discount Furniture Hartford, CT 4/2010- 6/2010

Security Consultant, Security design lead for SAP America led IS-Retail project, covering FI, SD, MM, and BI

Created Store, Warehouse, and Management template security strategy

Created test accounts, users, and roles with eCATT

Secured Custom WebDynpro portal solution, restricted end users to store level authorizations Processed integration testing scripts defect resolutions throughout the landscape in a timely manner to make Go-Live target

SAP Security Lead Business Objects, BW Consultant

RPF Consulting Atlanta, GA 3/2010 to 4/2010

Independent SAP Security consultant, assisted SAP Business Objects Value Added Reseller at several presales clients with setup of SAP Business Objects suite in existing SAP BI implementations

Assist personnel with creating SAP Roles and authorizations to create a new Universe, refresh existing BI queries into Business Objects reports

Setup user and service accounts in SAP to configure Business Objects proof of concept to leverage customer's existing BI 7.0 reporting Analysis authorizations

SAP Security Consultant

Lockheed Martin Aeronautics Arlington, TX 4/2009 to 3/2010

Remote Support for initial Go-live for A&D Customer with ECC, SNC, BI and EP 7.0

Performed Role/Defect Updates in development during Realization phase

Validated ECC/BI critical Objects and transaction pre Go-Live

Assisted developing GRC 5.3 ruleset for above modules with Functional and Controls teams

GRC 5.3 AE, CC configuration setup and validation

Configured new GRC 5.3 client installation

Perform SOD checks for all SAP BI production users with Compliance Calibrator 4.0/5.3 toolset

Created SAP BI roles for GRC Firefighter users in Compliance Calibrator for process teams

Setup Users, Controllers and Owners of SAP BI GRC Firefighter ID's and provisioned accounts, setup logging and ruleset

Created SAP BI Training system users and roles, assisted in data loads and client copies following training refreshes

Created eCATT scripts for SAP BI Go-Live user load and role assignment and maintenance

Responsible for War Room support, issue remediation post Go-live with critical resolution times Documentation of lessons learned and coaching opportunities for successive delivery launches Designed retrofit of BI 3.x roles to BI 7 authorization concept using Analysis authorizations

Configured UME access with Delegated SAP BI team Security administration by company

SAP Security Lead Consultant

Central Michigan University Midland, MI 3/2009 to 4/2009

Independent consultant, created BI 7.0 and EP 7.0 Security Model post installation for new BI reporting requirement for Public Sector CM/SLCM customer

Created System Administrator, Security, and developer roles in BI 7.0 and EP 7.0

Troubleshot EP 7.0 and BI reporting issues including setup and landscape connectivity, BI-EP 7.0 integration

Knowledge transfer to existing staff for BI and EP Security methodology

Developed testing and case scenarios for future development and future portal integration

Documented Role design and reporting strategy across Info providers and business users with BI 7.0

Analysis Authorizations using RSECADMIN security tool

Provide production support and development to BI 7.0 module of SAP for the Campus Management/SLCM (CM/SLCM) implementation

Maintain high level of support by meeting with clients to discuss and determine system issues or areas for improvement

Develop and implement custom security and enhancements to SAP reporting with no interruption to the business Present recommendations to client management concerning systems upgrades and development opportunities

Train users on new systems, upgrades, and enhancements to existing systems

Research problems, determination of problem origins and corrective actions needed; implementation and testing of solutions; development and testing of new programs; training customers technical team

SAP Security Lead Consultant

Kindred Healthcare INC Louisville, KY 3/2008 to 02/2009

Independent SAP Security Consultant to Fortune 500 healthcare company’s SAP security team

BI Security Lead present from initial planning and design phase through go-live for BI 3.5 to 7.0 Upgrade

BI 7.0 Upgrade for custom objects securing 1300 profit center nodes restricted via hierarchy

Migrated 1200+ SU02 profiles to BI 7.0 RSECADMIN authorizations with SAP RSEC_MIGRATION tool

Automated creation and population of new security Roles with BI70 RSECADMIN authorizations

Rolled out new BI security to 5,000+ users via eCATT scripts

Troubleshooting Authorization issues with RSUDO trace logging functionality

Designed and created broadcast folders and links in NetWeaver 7.0 Portal for reports to 5400 users Secured BI Broadcasts by Role assignment, limited by authorizations rollup for 1200 nodes in the profit center hierarchy

Created XML document and uploaded to 2004s Portal to update Broadcast link permissions for the above

Lead work group to define security production processes and provided support post go-live

Assisted with documentation and knowledge transfer to existing staff in above areas

Developed and maintained crosswalk mapping of ABAP authorizations to BI Web templates to rollout new iView structure, utilizing merged worksets under Business navigational tabs

Created XML Documents that automated Portal role assignment by setting up portal role to ABAP group assignment to satisfy end user's portal BI Web template presentation needs

Researched and Setup Kerberos Authentication upgrade from NTLM to NetWeaver 7.0 Portal to accommodate new BI 7.0 SSO functionality

Maintained NW 2004s Portal Security Zone assignments and PCD authorization settings

Co-presenter, ASUG 2009

Developed and delivered SAP BI Broadcasting functionality presentation at ASUG conference in session “Using

NetWeaver Knowledge Management for efficient and secure information distribution"

Setup and maintenance of users and personnel records on HR Structural authorizations on ECC 6.0

Table Maintenance for User authorizations, updates to HRP1000, HEP1001, PA0008, and PA0105

Restricted access to data working with InfoTypes and Authorization objects P_ORGINCON, P_PERNR, PLOG, P_ABAP, P_APPL in HR

Created info type 105 and subtypes 0001, 9010 for the new hires and adding the PD profiles using PO13

Modified personnel records/structural authorizations, PA20

Structural Authorization assignment maintenance, RHPROFL0, OOAC, OOAP, HRAUTH, PO13, PO10

SAP Security Lead Consultant

Steel Technologies INC Louisville, KY 10/2008 to 1/2009

Security Lead for BI 7.0 Implementation to secure queries in Integrated Planning, CO/PA, Sales

Forecasting

Create Functional and, Basis, Security Developer, Technical Team roles in BI system

Create Analysis Authorizations to restrict queries on characteristics and navigational attributes with RSECADMIN

Testing and resolution of query functionality in 7.0 BEx Analyzer

Troubleshooting Authorization issues with RSUDO trace logging

Provide staff training and documentation to the customer’s internal security and development teams

Serve as customers’ quality advocate with the external SAP integration partner’s final product Provide best practice advice in BI 70 Security and BI Query design using 7.0 Query Designer

SAP GRC Lead Consultant

PharMerica INC Louisville, KY 11/2007 to 3/2008

Performed GRC compliance Calibrator 5.2 Installation and configuration, for existing Virsa 4.0 Customer

Loaded Global ruleset and configured reporting and alerts

Audited and documented existing SOD conflicts within roles and assigned to users Created and ran eCATT scripts to update security roles with re mediated access Assisted with documentation and knowledge transfer to existing staff in above areas

Performed BI 7.0 and ECC 6.0 Authorization updates for profit center Hierarchy consolidation project

SAP Security Consultant

Jim Beam Global Spirits Bardstown, KY 10/2007-11/2007

Independent SAP Security consultant in SAP R/3 4.7, BW 3.5 Global Implementation

Assisted customers’ transition of Security management from project team to support team

Validated and granted new user access requests, maintained SOD matrix with Business process Owner approval

Created and tracked requests and approvals for access deltas in customers’ internal repository Prepared team for ECC 6.0 Upgrade, Documented roles and Access Matrix using Excel Assisted with knowledge transfer to existing staff

Sap Security Design Lead

SAP America INC

Client: PepsiCo International Brands Chicago, IL 2/2007 to 10/2007

Design Lead in a Global implementation from project preparation phase through 2 go-lives in China, Egypt, Netherlands, and Mexico

Delivered Blueprint Security Design from PepsiCo domestic implementation and adapted to international project for FI, MM, PP, CO, AM, PS

Represented SAP America Presence for Security team in establishing PepsiCo Center of Excellence (COE) with PepsiCo Team lead and integration partner

Promoted best practice, leveraging domestic implementation documentation and procedures Developed strategy and supported multiple cycle Integration and User Acceptance testing Staffed post go-live support with customer’s personnel

Sap Security Senior Consultant

SAP America INC Newtown Square, PA

Client: PepsiCo INC Chicago, IL 12/2004 to 2/2007

SAP America Security Consultant on Global implementation project at a Fortune 500 Food and Beverage Company, 3,000 initial and 65,000 named users

SAP Security SME staffed from Project preparation through 7 phased go-lives

Designed and created Security in BW 3.5, BI 7.0 ECC 5.0, Solution Manager 3.2, CRM 4.0, 5.0 XI, MDM, SCM/APO 4.1, SRM 4.0, NetWeaver 2004s and Supplier Self Service (SUS) Portals

Performed Security Upgrade of roles and authorizations ECC 5.0 to ECC 6.0 and, BW 3.5 to BI 7.0 NetWeaver 2004s

Created Security roles using Profile Generator (PFCG) in an SAP NW 2004s environment

Designed and Tested role assignments in NW2004s Portal for WebGUI/ WinGUI

Created CRM Security design mapping internal and external customers to Business Partners

Configured Security in CRM ACE tool by Business Partner (BP) Pilot program for SAP Enterprise Portal PCUI project for bottlers

Automated CUA Security Tasks by creating SAP eCATT scripts and LSMW batch input sessions including: user mass creation, role assignment, and Organizational Hierarchy assignment

Created users and assigned roles manually and in mass through upload in NW2004s Portal

Setup and Maintained users in CUA system, setup connection and synchronized to customer’s Sun IDM LDAP through SAP delivered function Module RS_LDAPSYNC

Developed Job role matrix for access request/provisioning through IDM

Ran Custom batch script regularly to replicate new CUA/IDM users to NW2004s Portal

Scheduled common Security jobs in SM37 with SCOT email output reporting to PepsiCo SAP Security Team

Initially created Developer, Configurator, Tools, Basis, Security and functional roles from IMG menu

Maintained SRM Org Hierarchy through PPOMA_BBP

Adjusted SU24 Table updates found in unit and system testing and transported throughout the landscape

Worked with Basis team to develop Solution manager roles for project team Administrators, Configurators, Change Managers, and Support Desk

Performed initial system security inspection and setup of newly created CUA clients Maintained dual development landscape security supporting client’s multiple release strategy

Created and maintained OSS user accounts to enter the customer system for analysis and correction

Setup CUA distribution landscape and attached newly built clients to CUA system, assigned Parameters

Created and Applied security for interfacing applications Tibco, Control-M Performed ST01\RSECADMIN Trace for Authorization error analysis Created and maintained RFC user accounts to PepsiCo standards

Created and assigned tables to Custom table authorization groups

Created Documentation of all procedures for PepsiCo security Team members

SAP Security Consultant

SAP America INC Newtown Square, PA

Client: Avaya INC Basking Ridge, NJ 10/2004 to 12/2004

SAP America Security Consultant at a Fortune 500 communications vendor’s SAP Security redesign project to bring authorizations within Sarbanes-Oxley compliance

Team member in a group of 4 consultants that designed, implemented, and tested solution to internal audit finding of 66,000 SOD conflicts identified by Internal Audit partners

Performed 3.1h profile and 4.6c role cleanup to mitigate Segregation of Duties conflicts in preparation for external audit and Sarbanes-Oxley for Q4 2004 compliance and SEC reporting requirements

Created SAP Test User Accounts and modified roles using SAP CATT, performed unit testing and validation

Staffed post Go-live support with existing SAP Security team

SAP Security/VIRSA consultant

Virsa Systems Freemont, CA

Client: Brown-Forman INC Louisville, KY 8/2004 to 10/2004

SAP Security Consultant and Virsa SME on SAP Sarbanes-Oxley redesign project for a major US based spirits distiller and consumer goods manufacturer

Utilize Virsa Systems’ VRAT and VRMT tools (Currently GRC Access Controls Suite) to identify, track and eliminate Segregation of Duties (SOD) conflicts within FI, PP, MM, SD, WM, and QM modules

Built and maintained user history Microsoft Access database from SAP RBE tool, imported user execution history, proposed role mappings, Virsa VRAT SOD rule set, and SOD Deltas throughout the testing phases

Mapped 650 production users’ TCode execution history, SOD Execution History, and Proposed role assignments, identified SOD’s through Access queries

Created Microsoft Access Report signoff documents for user SOD mitigation

Assisted Internal Audit with Key and Compensating Control development

Created 300 new roles using Virsa Systems’ VRMT tool, analyzed SOD’s and documented secured objects

Setup and mapping of 650 users in Test bed environment using SAP CATT scripts

SAP Security Consultant

PricewaterhouseCoopers LLP Tampa, Florida 2/2004 to 8/2004

Independent SAP Security Consultant at a global consulting firm’s new SAP 4.7e internal implementation

New/Refresh Client setup and Security Administration and Authorization assignment in CUA system

Creation and assignment of Configurator, Developer, end user and security roles

Created roles for ALE, Background Job, and custom TCode access

SAP Security role and authorization changes in DEV and QA instances using the Profile Generator

Transport of roles throughout four SAP instances using SE09, STMS, SCC1

Created SAP Roles, and users in standalone training environment for 19,000 named user base covering R/3, BW, CFM, and EBP

Monitoring CUA logs daily using SCUL, monitoring and reprocessing failed IDOCs

Performed routine maintenance and mass creation following system refresh using CATT scripts

Defect resolution from testing team using Mercury Interactive Test Director 80

SAP Security Consultant

Nike, INC Portland, Oregon 11/2003 to 2/2004

SAP Security



Contact this candidate