Sap Security
Resume:
Anthony Cleveland, CISSP
**** ******** **. *****, **. 33637
(H) 813-***-**** (M) 813-***-****
***********@*******.***
Summary
Highly skilled System Security Architect with over 15 years of Information Technology experience, 10 of those years
consisting of SAP Application Security experience. Excellent problem solver with strong analytical, oral and written
communication skills, and possess a combination of strong business and technical acumen.
Key Accomplishments
• Served as lead security architect on the successful completion of SAP-
ERP project – upgrade HR/PY module to ECC 6.0, implemented FICO,
SC, S&D, BOBJ, BW, SRM, CLM, and web based-portals (external and
internal) to ECC 6.0. With the successful implementation of ERP we were
able to retire 26 legacy systems.
• Served as lead security architect on the integration of LDAP authentication
for ESS/MSS, CLM, and SRM portals, BOBJ (CMC & BI Launchpad), and
BPC; thereby, saving the organization time and money on help desk calls
related to password resets and account lockouts
• Served as lead security architect on the successful completion of
database migration of SAP data from Oracle 10G to SQL Server 2008
platform.
• Designed and architected Microsoft Forefront Unified Access Gateway
(UAG) to provide secure external connectivity for Suppliers and
Employees to access internal SAP NetWeaver Portals
• Configured network load balancing for Microsoft Forefront Unified Access
Gateway to provide continuous availability during scheduled server
maintenance
• Designed secure transmission for HR, Payroll, and Finance data to
authorized third-party vendors using multiple encryption schemes
•
Technical Skills
• Proficient in SAP modules (HR, Finance, Supply Chain, SRM, BOBJ, BW)
• Proficient in SAP Structural Authorization concepts
• Proficient in SAP role based methodology (composite, master, derived,
and single)
• Proficient in SAP’s security best practices
• Proficient in Active Directory and LDAP integration into various
applications and platforms
• Proficient in Windows Server 2008 and 2003
• Advanced knowledge of networking, routing, network security, and firewall
technology
• Advanced knowledge of encryption schemes (SSL, SFTP, HTTPS, PGP,
etc.)
• Advanced knowledge of SQL Server 2005 & 2008 and Oracle 10G & 11G
database technology
Work Experience
TECO Energy – Tampa, Florida 1992 - 2013
SAP Security Analyst (2005 – 2013)
• Lead SAP Security Analyst for our organization on the following modules
(HR/Payroll, FI, SC, BOBJ, BW, SRM, GRC, and CLM). Responsible for
technical design, development, testing, implementation, and support of
SAP landscape
• Developed eCATT scripts to create security roles used to provide access
across the SAP landscape
• Developed LSMW scripts to load security roles to end-users, and other mass updates to user master records
• Designed and implemented the SAP NetWeaver Portal landscape for SRM, CLM, ESS, and MSS
• Configured Microsoft Forefront Unified Access Gateway product with TMG technology to provide secure external connectivity
to Internet facing SAP portals (SRM, CLM, and ESS/MSS)
• Designed and implemented role based security for Human Resources,
Finance, Supply Chain, Payroll, Supplier Relationship Management, and
Business Objects modules
• Configured Central User Administration (CUA) across all non-production
clients to expedite the creation of test accounts and role assignments
• Mentor, coach, and provide knowledge transfer to level 1 and 2 support personnel on the SAP modules to make
sure they become proficient in the areas they support. This included developing a curriculum plan and providing
training material for level 1 and 2 personnel
• Worked with internal and external auditors to facilitate auditing of SAP landscape, and mitigated or resolved any
SOD concerns related to SOX compliance
• Experienced with SAP’s Governance, Risk, Compliance (GRC) v.10
platform, implemented modules Emergency Access Management ( EAM -
firefighter access), and Analysis Risk & Assessment (ARA)
• Worked with Basis administration to validate the Windows 2008 server landscape was operating at peak
performance, and the Windows file structure was securely harden
• Configured licensing information on end-users, and generated USMM reports for management, which were
delivered to SAP for auditing of license agreement
• Served as lead security architect on the integration of work management
and time management applications in to SAP
• Worked with management of all levels to gather business requirements
and developed, delivered, and implemented a viable solution for the SAP
module that pertained to their area of responsibility
• Systems Security Analyst (1999 – 2005)
• Supported complex applications and projects that require the integration of
multiple security technologies (network, operating system, encryption,
application, etc.)
• Perform investigations of a sensitive nature related to the inappropriate
activity within the corporation as requested by Corporate Security, Legal
Services, etc.
• Evaluated, implemented, and integrated authentication and encryption
technology to support corporate infrastructure technology as required for
business processes and applications, utilizing the Internet or other non-
private networks
• Provided expert level technical security support at the network level to
ensure the integrity of the company’s business applications and data while
providing internal access to the Internet and business partner networks
and external access to internal information resources (SAP NetWeaver
Portals, Credit & Collections web-based app, Smart Signal VPN tunnel)
Education and Professional Training
Associates of Arts Saint Leo University Dade City, Florida
CISSP – Certified Information Systems Security Professional
Information Technology Infrastructure Library (ITIL) v.3
Professional Associations
Tampa Chapter of SAP User Group
Tampa Chapter of InfraGard
SAP Certifications
• ADM 940 – Authorization Concepts AS ABAP
• EP200 –SAP NetWeaver Portal –System Administration
• HR940 – Authorizations in HCM
• GRC100 - SAP Business Objects Governance, Risk, and Compliance (GRC) 10.0 Principles and Harmonization
• BOE310 - BI Platform 4.0: Administration and Security
• BOE320 - BI Platform 4.0: Administration and Servers
Contact this candidate