Post Job Free
Sign in

Security Sap

Location:
United States
Posted:
April 30, 2015

Contact this candidate

Resume:

[pic]

Professional Summary

> Over **years experience in Architecting and implementing security within

SAP with strong understanding of security best practices.

> Worked on big SAP Implementation at Abbvie. Primary focal for SAP ECC,

SRM, BI and GTS design, build and implement security controls globally.

> Understand all business application systems & GRC tool for Companies &

Entities as it relates to SAP Role Redesign project

> Complete multiple Full Life Cycle implementations.

( Perform Lead role in all aspects of Go-Live and Post Go-Live

production support.

> Well-versed in SAP ERP Full Life Cycle, Sarbanes-Oxley, GRC, Security

Auditing and Issues Resolution.

> Lead full cycle implementation and support of GRC compliance Solutions

and compliance products. Manage enterprise wide launch of corporate

global portals.

( Comprehensive experience in both Technical and Functional

aspects of SAP Security Consulting, directing enterprise-wide SAP

security strategies and implementations.

( Plan and implement successful security upgrades from R/3 to ECC and

BW to BI architectures.

( Manage and coordinate professional teams to develop security best

practices; design and implement cutting-edge, highly secure business

solutions via SAP modules and processes.

( Skilled in security strategy and implementation, including technology

integration, user management, and process improvements; analyze and

define business requirements.

> Designed and architected both Role Based and Position Based security

models.

> Extensive experience in Requirement gathering, Design, Development, and

Maintenance of SAP applications security.

> Broad experience in maintaining single, composite, and derived roles

using Profile Generator (PFCG).

> Worked with Central User Administration (CUA) to create users, assign

roles, and maintenance.(

> Experienced in the development of Structural Authorization.

> Handled security for various modules: BI / BW, APO, GTS, SRM XI/PI, FI,

CO, FM, MM, SD, HR / HCM, ESS, MSS, CRM, SEM, PI and Enterprise Portal

(EP).

> Exposure to troubleshooting and resolving SAP technical issues and Basis

related tasks.

> Good understanding of different business and control processes.

> Excellent communication, people management, team building, presentation,

facilitation techniques, motivation & leadership skills.

Jan 13 - Present Abbvie, Vernon Hills, IL

SAP Security Analyst/Architect

. Global Designing & Mapping of SAP Security Roles for BI, ECC (all

modules), SRM, PI/XI, SolMan, GRC and GTS applications

. Support internal and external security audits; ensure consistency of

security access across functional areas

. Design, build, implement and support SAP security roles in N and N+1

landscape of all SAP systems.

. Designing overall system and solution architecture, system

integration, and implementation strategy to deliver an integrated

solution

. Participating in the migration and implementation strategy for SAP GRC

5.3 to 10.0

. Identifying existing and potential issues and designing matters in

overall system and solution

. Work closely with functional consultants for evaluation of

requirements, defining, developing and testing the roles

. Responsible for analyzing and approving Change Request process in

SolMan and CHARM systems.

. Providing expertise and guidance on SAP Roles, Configuration and

perform process review

. Responsible to prepare SAP Security Design Documents and end user

training documents

. Working closely with Quality team in preparing security test scripts

in HP Quality Center.

. Support all Cutover, Go-Live, and Hypercare related activities.

. Assist in Defining and implementing required policies and procedures

and standards to set up and maintain a global SAP landscape

. Constantly achieving a high standard of customer satisfaction by

delivering optimal SAP Security Environment and adhering to company's

policy and procedures.

GRC Implementation Project:

. Involved in GRC AC 10.0 implementation project.

. Configured RAR - Risk Analysis & Remediation, RM - Access Role

Management, SPM - Super User Priv. Management, and CUP - Compliant

User Provisioning.

. Involved with the setup of BRFP (PRF Plus), MSMP (Multi Stage Multi

Path) and NWBC configuration

. Directed team meetings with business and security to gather

information required to remediate existing risks from previous SAP

release

.

July 06 - Dec 13 Hollister, Inc., Libertyville, IL

Lead SAP Security Analyst/Architect

. Handle Global security design and configuration to include:

Applications such as, Business Intelligence 7.0 (BI), Enterprise

Portal (EP), ECC 6.0 (all applications), SCM 5.0, Solution Manager 7.0

and CRM 7.0.

. Perform SAP GRC Access Control activities and support.

. In process to upgrade to GRC AC10.

. Collaborate with the business to identify existing internal controls

and legal requirements.

. Successfully designed and implemented new security roles using BI

Analysis Authorization and Profile Generator for viewing BI 7.0

reports via portal.

. Created roles, groups and user assignment in Portal 7.0.

. In-depth knowledge of ITIL process.

. Participated in APO 5.0 upgrade project.

. Successful implementation of SAP R/3 Security global Re-design

project, demonstrating the ability of working with business and

technical professionals, interaction with senior management, and on-

time performance. Adopted enabler based security model with emphasis

on reducing Segregation of Duties (SOD) violations from 1.7 millions

violations to Sixty four thousand violations.

. Lead efforts to define overall SAP security model for existing and

future application implementations.

. Play pivotal role in coaching business process owners in Sarbanes

Oxley compliance process.

. Support and follow up on the implementation of action plans for

control of deficiencies or process improvements.

. Configure and administer Business Web UI Roles using SPRO, PFCG and

CRMD program.

. Handle user Org Model position assignments using PPOMA_CRM.

. Expert in project tools, such as MS Access, MS Project, MS Excel, CATT

scripting, testing tools and help desk support application.

. Demonstrated ability to support a phased roll-out; resolving end users

and project team security issues in a live environment, while

supporting on-going implementation and cut-over activities.

. Communicate to the process owners and SOX management any control

deficiencies and provide recommendations for remediation.

. Assisted technical teams, Interface and Developers, to ensure

consistency with business security policy.

. Provided monthly Virsa / GRC Report to management.

. Demonstrated excellent communication skills throughout several

different projects.

. Recognized as self-motivated, proactive, enthusiastic, and dependable;

a team builder, and team player.

. Experience in documenting processes and performing knowledge

transfer/training to other team members.

Basis Admin Duties

. Involved in troubleshooting and resolving some basic SAP technical

issues.

. Some involvement with client/instance setup and periodic environment

refreshes (sandbox, dev, QA, Training, Production).

. Exposure to Manage STMS and execute transports as required.

. Apply OSS notes as needed.

. Set SAP print services and queues.

Aug 02 - June 06 Allstate Insurance, Inc., Northbrook, IL

SAP Security Consultant

. Helped process experts in preparing the Segregation of Duties (SOD)

matrix.

. Assisted in creation of new systems/processes to support SOD/SOX

implementations in areas such as password change, User id maintenance,

security development, role administration (creation, modification

etc), testing, role transports etc

. Troubleshoot security/authorization related problems using SU53, ST01

and SUIM

. Developed CATT Scripts for performing mass activities such as user

creation, Role deletion, role assignments, assignment of single roles

to composite roles, assigning user groups to users etc. Also used SU10

to perform mass operations.

. Controlled table access creating and using the table authorization

groups.

. Provided assistance with Help Desk problems, particularly problems

related to SAP R/3 security and system administration

. Participated in SAP R/3 upgrade to ECC 5.0.

. Setup batch jobs as per the job requirements

. Created Composite, Derived and Single Roles and Profiles using both

conventional methods and profile generator utilizing all the modules

across the SAP Environment.

. Participated in designing, writing and implementing security related

standard procedures for the user administration, roles and profile

generation.

. Designed Security controls for PI, ISA, WW, MM, PP and SD module for

Allstate marketing department.

. Involved in identifying the RF gun solution for Warehouse.

. Participated in designing Single Sign-on from non SAP portal to SAP

Internet Sales Module.

. Completed analysis on Virsa VRAT to implement at Allstate to detect

conflicts on Segregation of Duties as part of the SOX compliance and

worked on mitigation controls.

Jan 01- Aug 02 Universal Information Systems, Inc.,

DesPlaines, IL

Systems Consultant

Client: Cotton Connection

. Performed NT Admin duties setting up new users, reset passwords and daily

backups on day-to-day functions.

. Managed servers providing Web, Email, and Application Services, as well

as all videoconferencing, wireless devices, modems, switches, firewalls,

storage servers and print and fax servers.

. Worked with the Corporate IT Organization to establish policies and

procedures and insuring adherence to those policies across the site.

. Responsible for purchasing, tracking and auditing all physical assets

in the network.

. Training personnel, establishing and managing vendor relationships, and

customer satisfaction regarding IT department performance.

Jul 98 - Dec 2000 CSC, Chicago, Illinois

Consultant

Client: ABN AMRO

Principle duties and responsibilities were providing business

reengineering, computer network design strategies, as well as

implementation role out planning.

Responsible for installing server based software on Windows Platform and

assisting in all network refinements and upgrades.

3. Implement standardization of all network operating systems, desktop

operating systems, Exchange, email, and computer systems.

4. Worked on a team of consultants upgrading current users to new Windows

operating system and applications. Applications included; Microsoft

Office, cc:Mail, Lotus Organizer, Internet Explorer, WinZip, and

custom applications as needed.

5. Responsible for upgrading Norton Virus scans on Windows Workstation.

Developed a detailed and comprehensive formal training program for all

staff to include lesson plans, continuity package, study guide and

administered quizzing system to validate user training and increase

accountability.

Projects completed:

. Implement Right Fax Server 5.0

. Implemented Net View 5.0 for monitoring the Segments

. Installed SMS mibs information on 1200 nodes

. Installed four new NT servers on Compaq 2500 machines

Aug '97- June '98 Arthur Andersen, Chicago, Illinois

Network Systems Analyst

I performed operational and administrative tasks required for Network

administration including maintaining, supporting, optimizing and enhancing

Arthur Andersen systems.

Install, test, upgrade and document network operating system, application

software and department developed network applications.

Responsible for implementing Norton Virus scan on all Windows 95 and Novell

servers. This included updating the virus database and monitoring the Web

servers for viruses.

Team member form the desktop group for Netware 4 and Win 95 migration

projects.

Second level support for Lotus Notes.

Jan '96- May '97 Arthur Andersen, Chicago, Illinois

Audit Senior

. Planned, coordinated, and completed audit engagements.

. Preparation of review and compiled financial statements for various

entities.

. Clients included manufacturing companies, commercial and investment

banks, and pension funds.

TECHNICAL SKILLS: Programming Languages: Basic, C, C++

Software: Lotus Notes, cc:Mail, Oracle 7, Ghost,

GroupWise, Netscape, AOL, Norton Utilities, McAffe,

WordPerfect, MS Office 4.2/95/97, MS Project, Lotus

123, dBASEIV, Quattro Pro, Paradox, FileMaker Pro,

Meeting MakerXP, Crystal Reports, BrioQuery, Andyn

GQL, Business Objects, Right Fax 5.0

Hardware: Compaq, IBM, Gateway 2000, Power

Macintosh

Systems: Windows NT/XP/2003, UNIX, Macintosh System

7.5.3

ERP: SAP R/3 (4.6D, 4.7, 5.0), BW 3.1

EDUCATION: University of Illinois, - June 1996

Bachelor of Science

Major: Accounting

University of Phoenix, - December 2005

Masters in Computer Information System

Current GPA 3.76/4



Contact this candidate