Phone: 972-***-****; Email: qngjed@r.postjobfree.com

SUMMARY:

Five years of extensive consulting experience in Big 5 Consulting Firms as an SAP R/3 Security Administrator and GRC Lead working through 8 Go Lives in public and privates sectors with in-depth knowledge of designing and implementing SAP Security solutions, data security, authorization, user provisioning, and SOD concepts.

SAP R/3 Security Summary:

• Experienced in project management, staffing, risks/issues management and scheduling.

• Experienced in SAP R/3, ECC 6.0, Portals, SCM, BW and BI.

• Proficient in working with Profile Generator (PFCG): creating and authorizing profiles, and generating roles: single, composite and, derived roles, and user administration.

• Extensive use of SUIM, SE93 to secure Tables and Programs by creating custom Transaction codes, and SU53 to troubleshoot.

• Proficient in maintaining missing authorizations manually, from templates and profiles

• Experienced in migrating existing users to Central system, and working with a Central User Administration (CUA) environment

• Expert in transporting the generated roles and profiles using SAP Transport Management System.

• Good understanding of key security concepts including Sarbanes-Oxley compliance, Segregation of Duties (SOD) within SAP implementation, GRC Risk Analysis and Remediation (RAR, previously Virsa Compliance Calibrator).

• Running system trace (ST01) to record authorization checks for the user sessions and tracing the missed authorization.

• Used CATT scripts and LSMW for creating and maintaining users, roles, profiles and authorizations.

GRC Summary:

• Led full lifecycle implementation of GRC Access Controls 5.3 which included CUP, RAR and SPM modules.

• Proficient in configuring and maintaining all Access Controls modules.

• Proficient in working with the SAP Enterprise Portal and integrating SSO and LDAP with Access Controls.

• Managed the design, build, test and deployment of a custom tool which allowed bulk provisioning of users through GRC.

• Managed the design, build, test and deployment of a custom reporting solution in BW to meet the client’s metrics and reporting needs.

TECHNICAL SKILLS

• ERP : SAP R/3 Enterprise 4.6c, BW 3.X, 7.0, ECC6.0

• SAP Modules: BW, FI, CO,

• Databases: Oracle 9i, SQL Server, and MS Access.

• Programming Languages: Java, C#, ColdFusion MX

• Hardware : HP-UX 9000, Windows NT/2000

• Operating Systems: MS-DOS, Windows 98/NT/XP/2000, UNIX.

PROFESSIONAL EXPERIENCE

Client: U.S. Army, Washington D.C. April 2009 – Present

Employer: Accenture

Role: GRC Lead

Environment: SAP ECC 6.0, BI 7.0, BW, GRC Access Controls 5.3.

Responsibilities:

• Managed and supervised the first full lifecycle implementation of SAP GRC AC 5.3 (CUP, RAR, and SPM) at the Army with a team of 4-5 members.

• Worked closely with the client and SAP to discuss the tool’s capabilities and make recommendations based on the security architecture and provisioning process of the project.

• Held workshops with Deployment, Technical, Training, and User Assignment teams to redefine the previously manual user provisioning process and gain concurrence on a new automated, workflow-driven process in GRC.

• Tracked the entire project using MS Project, provided status, and reported risks/issues to supervisors and the client on a weekly basis.

• Worked with the technical SME to help define, build and test the initiators, stages, paths and workflows in CUP based on the approved design.

• Worked closely with new consulting analysts to mentor and train them on GRC.

• Worked closely with the training instructor to help develop and deliver training material to end users.

• Worked closely with the portal team to integrate CUP with SAP EP and LDAP to automate provisioning and de-provisioning in the portal systems.

• Supervised and assisted with the design, build, test and deployment of a custom interface between CUP and the Army’s training systems.

• Supervised and assisted with the design, build, test and deployment of a custom reporting solution in both Crystal Reports and BW to extract and format data from the CUP databases.

• Built the end user Portal UME roles for GRC using pre-defined actions to restrict access to the tool.

• Used the BMC Remedy tool to help resolve trouble tickets related to GRC initiated by end users.

• Assisted with the effort to create a custom SOD rule set specific to the Army to ensure compliance with the government auditing agencies’ requirements.

• Worked with the SOD compliance team to enable custom and critical transactions for risk analysis and monitoring.

• Identified the critical SOD(s) and advised on applicable mitigating controls.

• Integrated existing Firefighter 5.2 implementation with the new 5.3 version to allow better reporting and workflow-driven provisioning process for elevated privileges in production.

• Worked closely with the Communications team to send out timely communications regarding upcoming cutovers, access enablement, system down-time due to maintenance, etc.

• Assisted with help sessions for end users regarding issues related to CUP or the provisioning process in general.

• Held brown bags and day-in-the-life simulations to train administrators and end users.

• Educated client and created assessment for GRC10 upgrade.

Client: U.S. Army, Washington D.C. Jan 2008 – April 2009

Employer: Accenture

Role: SAP Security Lead/Administrator

Environment: SAP ECC 6.0, BI 7.0, Portal.

Responsibilities:

• Involved in full cycle implementation of SAP Version ECC 6.0.

• Creation of new roles (single and composite) and customizing the old roles as required by business and system.

• Review of critical & sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.

• Designed and led Unit Testing of the roles & resolve issues arising from testing using system traces & short dumps.

• Securing Tables and Programs by creating custom Transaction codes and manual addition of Objects, both standard and custom to standard T-Codes.

• Using CATT scripts for various user and role administration, and created hundreds users at one time using ECATT.

• Migrating existing users to Central system without compromising the existing users.

• Working with the Functional team to troubleshoot errors during break-fix activities using ST01 and SU53.

• Transported the generated roles and profiles using SAP transport management system (STMS).

• Providing post go-live support in SAP R/3 production in all areas of security with modules like FI, SD, PS, PP, BW, BI.

• Working with Government auditing agencies to support SAP System Audit and document/fix any security loopholes and audit concerns.

• Working with respective functional heads for SOD & security changes based on security violations at T-code level & Object level.

• Working on Custom T-codes to bring in required authorization objects from SU24 to ensure compliance with future GRC implementation.

• Configured and maintained Firefighter as an administrator for emergency access to functional team members. Updated Firefighter policies and advised the client based on industry best practices.

• Used T-code RSD1 in BI to make Info Objects auth relevant based on client’s needs. Disabled unused Info Objects for optimization purposes.

• Created new analysis authorizations using RSECADMIN to restrict the reporting access at Info Provider level in BI.

• Used PFCG to create parent-child relationships for derived roles to reduce maintenance of roles.

Client: Holly Corp, Dallas, TX Jun 2006 – Oct 2007

Employer: Capgemini (previously Ernst & Young)

Role: SAP Security Analyst

Environment: SAP ECC 6.0, Portal.

Responsibilities:

• Involved in full cycle implementation of SAP Version ECC 6.0 for an oil and gas client.

• Used PFCG to build roles restricted by company code, plant, etc.

• Used SU01 to create users, maintain the user master and provision end users into Dev, QA, and Production systems.

• Assisted in transports, mass transports, and deletion transports of roles.

• Effectively analyzed security trace files and tracked missing authorization objects and values for user access issues. Updated role authorizations based on findings.

• Monitoring inactive users in the system and initiating the expiration/locking of users per client’s requirements.

• Documented security role design and build to reflect industry best practices and audit readiness for the client.

• Registered developers and objects to get access keys for modifications in SAP. Created OSS IDs for project team members.

EDUCATION

BS in Computer Science

University of Texas at Austin

LANGUAGES

Fluent in English, Hindi and Gujarati.

Proficient in Spanish.

WORK PERMIT STATUS

U.S. Citizen with valid work permit.

Currently hold a Secret Clearance.

Contact this candidate