[pic]
Professional Summary
> Over **years experience in Architecting and implementing security within
SAP with strong understanding of security best practices.
> Worked on big SAP Implementation at Abbvie. Primary focal for SAP ECC,
SRM, BI and GTS design, build and implement security controls globally.
> Understand all business application systems & GRC tool for Companies &
Entities as it relates to SAP Role Redesign project
> Complete multiple Full Life Cycle implementations.
( Perform Lead role in all aspects of Go-Live and Post Go-Live
production support.
> Well-versed in SAP ERP Full Life Cycle, Sarbanes-Oxley, GRC, Security
Auditing and Issues Resolution.
> Lead full cycle implementation and support of GRC compliance Solutions
and compliance products. Manage enterprise wide launch of corporate
global portals.
( Comprehensive experience in both Technical and Functional
aspects of SAP Security Consulting, directing enterprise-wide SAP
security strategies and implementations.
( Plan and implement successful security upgrades from R/3 to ECC and
BW to BI architectures.
( Manage and coordinate professional teams to develop security best
practices; design and implement cutting-edge, highly secure business
solutions via SAP modules and processes.
( Skilled in security strategy and implementation, including technology
integration, user management, and process improvements; analyze and
define business requirements.
> Designed and architected both Role Based and Position Based security
models.
> Extensive experience in Requirement gathering, Design, Development, and
Maintenance of SAP applications security.
> Broad experience in maintaining single, composite, and derived roles
using Profile Generator (PFCG).
> Worked with Central User Administration (CUA) to create users, assign
roles, and maintenance.(
> Experienced in the development of Structural Authorization.
> Handled security for various modules: BI / BW, APO, GTS, SRM XI/PI, FI,
CO, FM, MM, SD, HR / HCM, ESS, MSS, CRM, SEM, PI and Enterprise Portal
(EP).
> Exposure to troubleshooting and resolving SAP technical issues and Basis
related tasks.
> Good understanding of different business and control processes.
> Excellent communication, people management, team building, presentation,
facilitation techniques, motivation & leadership skills.
Jan 13 - Present Abbvie, Vernon Hills, IL
SAP Security Analyst/Architect
. Global Designing & Mapping of SAP Security Roles for BI, ECC (all
modules), SRM, PI/XI, SolMan, GRC and GTS applications
. Support internal and external security audits; ensure consistency of
security access across functional areas
. Design, build, implement and support SAP security roles in N and N+1
landscape of all SAP systems.
. Designing overall system and solution architecture, system
integration, and implementation strategy to deliver an integrated
solution
. Participating in the migration and implementation strategy for SAP GRC
5.3 to 10.0
. Identifying existing and potential issues and designing matters in
overall system and solution
. Work closely with functional consultants for evaluation of
requirements, defining, developing and testing the roles
. Responsible for analyzing and approving Change Request process in
SolMan and CHARM systems.
. Providing expertise and guidance on SAP Roles, Configuration and
perform process review
. Responsible to prepare SAP Security Design Documents and end user
training documents
. Working closely with Quality team in preparing security test scripts
in HP Quality Center.
. Support all Cutover, Go-Live, and Hypercare related activities.
. Assist in Defining and implementing required policies and procedures
and standards to set up and maintain a global SAP landscape
. Constantly achieving a high standard of customer satisfaction by
delivering optimal SAP Security Environment and adhering to company's
policy and procedures.
GRC Implementation Project:
. Involved in GRC AC 10.0 implementation project.
. Configured RAR - Risk Analysis & Remediation, RM - Access Role
Management, SPM - Super User Priv. Management, and CUP - Compliant
User Provisioning.
. Involved with the setup of BRFP (PRF Plus), MSMP (Multi Stage Multi
Path) and NWBC configuration
. Directed team meetings with business and security to gather
information required to remediate existing risks from previous SAP
release
.
July 06 - Dec 13 Hollister, Inc., Libertyville, IL
Lead SAP Security Analyst/Architect
. Handle Global security design and configuration to include:
Applications such as, Business Intelligence 7.0 (BI), Enterprise
Portal (EP), ECC 6.0 (all applications), SCM 5.0, Solution Manager 7.0
and CRM 7.0.
. Perform SAP GRC Access Control activities and support.
. In process to upgrade to GRC AC10.
. Collaborate with the business to identify existing internal controls
and legal requirements.
. Successfully designed and implemented new security roles using BI
Analysis Authorization and Profile Generator for viewing BI 7.0
reports via portal.
. Created roles, groups and user assignment in Portal 7.0.
. In-depth knowledge of ITIL process.
. Participated in APO 5.0 upgrade project.
. Successful implementation of SAP R/3 Security global Re-design
project, demonstrating the ability of working with business and
technical professionals, interaction with senior management, and on-
time performance. Adopted enabler based security model with emphasis
on reducing Segregation of Duties (SOD) violations from 1.7 millions
violations to Sixty four thousand violations.
. Lead efforts to define overall SAP security model for existing and
future application implementations.
. Play pivotal role in coaching business process owners in Sarbanes
Oxley compliance process.
. Support and follow up on the implementation of action plans for
control of deficiencies or process improvements.
. Configure and administer Business Web UI Roles using SPRO, PFCG and
CRMD program.
. Handle user Org Model position assignments using PPOMA_CRM.
. Expert in project tools, such as MS Access, MS Project, MS Excel, CATT
scripting, testing tools and help desk support application.
. Demonstrated ability to support a phased roll-out; resolving end users
and project team security issues in a live environment, while
supporting on-going implementation and cut-over activities.
. Communicate to the process owners and SOX management any control
deficiencies and provide recommendations for remediation.
. Assisted technical teams, Interface and Developers, to ensure
consistency with business security policy.
. Provided monthly Virsa / GRC Report to management.
. Demonstrated excellent communication skills throughout several
different projects.
. Recognized as self-motivated, proactive, enthusiastic, and dependable;
a team builder, and team player.
. Experience in documenting processes and performing knowledge
transfer/training to other team members.
Basis Admin Duties
. Involved in troubleshooting and resolving some basic SAP technical
issues.
. Some involvement with client/instance setup and periodic environment
refreshes (sandbox, dev, QA, Training, Production).
. Exposure to Manage STMS and execute transports as required.
. Apply OSS notes as needed.
. Set SAP print services and queues.
Aug 02 - June 06 Allstate Insurance, Inc., Northbrook, IL
SAP Security Consultant
. Helped process experts in preparing the Segregation of Duties (SOD)
matrix.
. Assisted in creation of new systems/processes to support SOD/SOX
implementations in areas such as password change, User id maintenance,
security development, role administration (creation, modification
etc), testing, role transports etc
. Troubleshoot security/authorization related problems using SU53, ST01
and SUIM
. Developed CATT Scripts for performing mass activities such as user
creation, Role deletion, role assignments, assignment of single roles
to composite roles, assigning user groups to users etc. Also used SU10
to perform mass operations.
. Controlled table access creating and using the table authorization
groups.
. Provided assistance with Help Desk problems, particularly problems
related to SAP R/3 security and system administration
. Participated in SAP R/3 upgrade to ECC 5.0.
. Setup batch jobs as per the job requirements
. Created Composite, Derived and Single Roles and Profiles using both
conventional methods and profile generator utilizing all the modules
across the SAP Environment.
. Participated in designing, writing and implementing security related
standard procedures for the user administration, roles and profile
generation.
. Designed Security controls for PI, ISA, WW, MM, PP and SD module for
Allstate marketing department.
. Involved in identifying the RF gun solution for Warehouse.
. Participated in designing Single Sign-on from non SAP portal to SAP
Internet Sales Module.
. Completed analysis on Virsa VRAT to implement at Allstate to detect
conflicts on Segregation of Duties as part of the SOX compliance and
worked on mitigation controls.
Jan 01- Aug 02 Universal Information Systems, Inc.,
DesPlaines, IL
Systems Consultant
Client: Cotton Connection
. Performed NT Admin duties setting up new users, reset passwords and daily
backups on day-to-day functions.
. Managed servers providing Web, Email, and Application Services, as well
as all videoconferencing, wireless devices, modems, switches, firewalls,
storage servers and print and fax servers.
. Worked with the Corporate IT Organization to establish policies and
procedures and insuring adherence to those policies across the site.
. Responsible for purchasing, tracking and auditing all physical assets
in the network.
. Training personnel, establishing and managing vendor relationships, and
customer satisfaction regarding IT department performance.
Jul 98 - Dec 2000 CSC, Chicago, Illinois
Consultant
Client: ABN AMRO
Principle duties and responsibilities were providing business
reengineering, computer network design strategies, as well as
implementation role out planning.
Responsible for installing server based software on Windows Platform and
assisting in all network refinements and upgrades.
3. Implement standardization of all network operating systems, desktop
operating systems, Exchange, email, and computer systems.
4. Worked on a team of consultants upgrading current users to new Windows
operating system and applications. Applications included; Microsoft
Office, cc:Mail, Lotus Organizer, Internet Explorer, WinZip, and
custom applications as needed.
5. Responsible for upgrading Norton Virus scans on Windows Workstation.
Developed a detailed and comprehensive formal training program for all
staff to include lesson plans, continuity package, study guide and
administered quizzing system to validate user training and increase
accountability.
Projects completed:
. Implement Right Fax Server 5.0
. Implemented Net View 5.0 for monitoring the Segments
. Installed SMS mibs information on 1200 nodes
. Installed four new NT servers on Compaq 2500 machines
Aug '97- June '98 Arthur Andersen, Chicago, Illinois
Network Systems Analyst
I performed operational and administrative tasks required for Network
administration including maintaining, supporting, optimizing and enhancing
Arthur Andersen systems.
Install, test, upgrade and document network operating system, application
software and department developed network applications.
Responsible for implementing Norton Virus scan on all Windows 95 and Novell
servers. This included updating the virus database and monitoring the Web
servers for viruses.
Team member form the desktop group for Netware 4 and Win 95 migration
projects.
Second level support for Lotus Notes.
Jan '96- May '97 Arthur Andersen, Chicago, Illinois
Audit Senior
. Planned, coordinated, and completed audit engagements.
. Preparation of review and compiled financial statements for various
entities.
. Clients included manufacturing companies, commercial and investment
banks, and pension funds.
TECHNICAL SKILLS: Programming Languages: Basic, C, C++
Software: Lotus Notes, cc:Mail, Oracle 7, Ghost,
GroupWise, Netscape, AOL, Norton Utilities, McAffe,
WordPerfect, MS Office 4.2/95/97, MS Project, Lotus
123, dBASEIV, Quattro Pro, Paradox, FileMaker Pro,
Meeting MakerXP, Crystal Reports, BrioQuery, Andyn
GQL, Business Objects, Right Fax 5.0
Hardware: Compaq, IBM, Gateway 2000, Power
Macintosh
Systems: Windows NT/XP/2003, UNIX, Macintosh System
7.5.3
ERP: SAP R/3 (4.6D, 4.7, 5.0), BW 3.1
EDUCATION: University of Illinois, - June 1996
Bachelor of Science
Major: Accounting
University of Phoenix, - December 2005
Masters in Computer Information System
Current GPA 3.76/4