Post Job Free
Sign in

Manager Security

Location:
Dublin, OH
Posted:
February 02, 2017

Contact this candidate

Resume:

MANOJ K. GANGAL CISA CRISC

****, ****** ****** ****, ****** OH 43016 CELL:614-***-**** EMAIL:*******@*******.***

SUMMARY

Over 15 years of experience as a Project Manager, Information Security Auditor and Risk & Governance Manager, Solutions Architect, ERP Techno-Functional Consultant. Managed projects within triple constraints of budget, scope and time for HR. Financial & Campus Solutions applications. Adept at Risk Evaluation and Mitigation, COBIT 5 processes and COSO framework and Application Controls. Conversant with Risk Management Frameworks, Policies and Systems.

EDUCATION

Certified Info Systems Auditor (CISA) &

Certified in Risk and Info Systems Control (CRISC) from ISACA

Project Management Methodology of PMI conducted by Sarcom

Trained on FAIR Risk Analysis methodology by Risklens

Risk Frameworks used – PCI, NIST, COSO

People Tools 8.5X, PS Training in Security (8.4X tools) and Integration Tools (8.4X)

Training-PeopleTools I & II, SQR, PeopleCode, HR, Benefits, Grants, Essbase & Powerplay

Master’s Degree in Computer Applications (MCA) from Birla Institute of Technology, Mesra, India

Bachelor’s Degree in Commerce (B.Com) from Allahabad University, Allahabad, India

WORK EXPERIENCE

BCS Group – Principal Consultant

Jan ’16 – present, State Govt client, NY Peoplesoft Security Manager

The system was the implementation of Peoplesoft CRM 9.2, HCM 9.2, FIN 9.2 and IH 9.1 on Tools 8.54. As a Functional & Security Architect for Accenture, put the team together, built the application Security (developer & functional) and End User Security with input from the business team. Setup the Oracle LDAP integration and ironed out the security issues with Integration Broker, Web Services, XML Publisher and EIP. Designed an automated functional Dynamic Role Process to provision access to users from Interaction Hub to CRM, HCM & FIN. Managed the off-shore team in Pune, India for functional regression testing operational support to ensure that KPI were adhered to. Co-created a branded version of final IH website. Utilized Unified Navigation for access provisioning. Managed application vulnerability scan using IBM’s AppScan and recommended remediation measures. Trained the client team and operationalized the security processes to mitigate overall System Risk. Put in place a Security Transition Plan to operationalize the multiple security steps and a System Security Plan (SSP) to be in line with NIST 800-53 rev 4 and NIST 800-63 recommendations to be in compliance with IT policies.

Sep ’14 – Jan ‘16, Pharmaceutical Distributor, OH ERP Security & Enterprise Risk Manager

Modernization of the Pharmacy distribution was an implementation of Supply Chain processes (SAP ECC 6.0), the back end Financial systems (SAP ECC 6.0), CRM (Salesforce) and Warehouse management, logistics, transportation management (Manhattan Associates SCOPE - WMoS) along with the Business Intelligence and Analytics (SAP HANA). Had the team assess and identify the IT and Business Risks for PCI, HIPAA and HITECH in multiple landscapes and assigned to the risk owners for mitigation or remediation. Evaluated IT General Security and Application controls according to NIST 800-53r4. SAP GRC 10.1 was used to conduct SOD (Segregation of Duties) analysis and provisioning on SAP, Manhattan and HANA applications using external connectors. Got code scanned to ensure secure coding practices. Ensured that the X12 EDI architecture used secure connections. Worked to with external auditors to ensure future audits would have few issues. Used FAIR model for Risk Analysis and Quantification. Implemented server and application system hardening processes. Organized the internal penetration tests to evaluate system vulnerabilities and methods to mitigate before go live.

Feb ’12 – Aug ‘14, Federal Research facility, Columbus OH Peoplesoft Security & Risk Manager

As a PS Security and Risk Architect conducted review of ERP application setup, (network topology, DB/ App/Web servers) implemented processes to mitigate the identified risks. Recommended system hardening techniques. Worked closely with the external IT Auditors to minimize organizational exposure. Redefined the Narratives, Application Control Objectives and Interfaced with Auditors. Implemented recommendations of the IT auditors. Identified and had my team cleanup for Segregation of Duties issues identified to tie with Governance Risk & Compliance (DCAA) requirements. Redid Project Team security, End User Security for the above modules. Setup involved migration & setup of Trees, User Preferences, Object Level security among other multitude of security topics including Integration Broker, Web Services among others. Used Peoplesoft Test Framework for testing & validating security setup. Resolved issues with XML/BI Publisher templates and reports. Trained the Security Admins and did knowledge transfer to client for organizational retention. Tools used were Peopletools 8.53 on Oracle 11g. Insight was the implementation of Peoplesoft 9.0 (ESA, FIN, CRM, HCM) and Enterprise Portal 9.1.

Aug ’11 – Feb ‘12, HealthCare organization, KY HCM Techno-Functional Consultant

The client had upgraded HCM & FIN from 8.9 to 9.1 with their in-house team. There were a number of issues after the upgrade in HCM (Talent Acquisition Manager, Workforce Admin, Benefits Admin & Training Administration). Identified & categorized the issues(ranging from process to code fixes and application of bundles) and fixed them. Evaluated the security setup for HCM & FIN keeping in mind the Notice of Findings from the IT Audit – PCI, HIPAA. Assisted with re-evaluation of the fit-gaps and the configuration setup to ensure desired results. Before open enrollment reevaluated the configuration of new Benefit Programs, Program Eligibility Rules, Plan options and testing. Assisted with the selection of Phire Architect as a tool to assist with code migration, versioning and backups. Did functional testing with Peoplesoft Test Framework, setup proper nightly Batch schedules to maintain data integrity in the organization. Client has HCM 9.1(HCM, Benefits Payroll & TAM) and FIN 9.1(AP & GL) on Tools 8.50. Laid out the Testing Strategy and put in place Development Standards and procedures.

Jun ’10 – Jul ‘11, OBM, State of Ohio, Columbus Functional Interface Manager

OAKS Project – was the Peoplesoft implementation of HCM 8.9 (HR, Ben, Payroll, eProfile, eBenefits, eCompensation & ePay) FMS 8.8 (AP, PO, GL, AR, BI, Grants, AM) & EPM 8.9 on PeopleTools version 8.46.05 for the State of Ohio which went live in July 2008. There were multiple issues with the FIN interfaces which needed service delivery and quality resolution. As the State FIN Lead was responsible for ensuring that SLA was being fulfilled, KPI were met to evaluate off shore team performance. Identified process improvement opportunities and brought efficiencies to the project. Interfaced with 70 plus Agencies at various levels, identified multiple pain points, prioritized them and implemented Operational Efficiencies for proactive approach and response to problem resolution. Was involved with SSAE 16 audit (previously SAS70) representing the State to furnish the requests from the Auditors. Used App Designer among other tools with Peoplesoft FIN 8.8, Oracle 11g. Evaluated the compare reports for upgrading to HCM 9.1 and FIN 9.1 and the efforts involved.

May ’09 – Jun ‘10, Battelle Memorial Institute, Columbus OH Security and Risk Manager

Delta Project is the implementation of Peoplesoft 9.0 (ESA, FIN, CRM, HCM) and Enterprise Portal 9.1. Engaged as a Security Architect to review the current setup, enforce some the recommendations of the IT auditors and be forward thinking towards PS Application security. Setup Project security, End User Security for the multiple modules and put processes in place with structure to enforce them. Wrote DMS scrips to migrate security among various environment migrated & setup Trees, User Preferences, Object Level security among other multitude of security topics including Integration Broker, Web Services among others. Setup XML Publisher security for report definitions, component, underlying query and report distribution. Trained the Security Admins in enforcement of processes and did knowledge transfer to client for organizational retention. Tools used were Peopletools 8.50.07 on SQL Server 2008.

Jul ’08 – May ‘09 – Atria Senior Living, Louisville, KY FIN & HCM Techno-Functional Analyst

Lead Fit/Gap sessions for end users and user managers covering Human Resources, Base Benefits, Talent Acquisition Manager, eProfile Manager Desktop in 9.0. Configured all workflow approvals and notifications within the PeopleSoft Approval Workflow Engine. Developed and debugged Peoplecode and Application Packages for TAM & Candidate Gateway. Used XML Publisher to create and modify some report definition & data sources. Part of the FIN Upgrade team – evaluated the Upgrade Compare Reports, applied the Customizations and did Testing for the upgrade. Designed and implemented all aspects of the PeopleSoft Security design including Data Security, User Security, Query Security, Role Based Workflow Security, Primary Permission Lists, etc. Developed several application customizations. Worked with users to develop Testing Scripts and managed the users through Unit, System, User Acceptance, and Parallel Testing.

Jul ‘06 – Jul ’08, State of Ohio, Columbus,OH Peoplesoft Deployment Manager

OAKS Project – was the Peoplesoft implementation of HCM 8.9(HR, Ben, Payroll, eProfile, eBenefits, eCompensation & ePay),FMS 8.8 (AP, PO, GL, AR, BI, Grants, AM) & EPM 8.9 on PeopleTools version 8.46.05 for the State of Ohio. As the State Deployment Manager, ensured that all modules work in tandem with OAKS Data RFP Model and cutover from the legacy applications to Peoplesoft HCM 8.9, FMS 8.8 & EPM 8.9 was as eventless as possible. Involved with the EPM data modeling (HCM & FIN) sessions. Responsible for development & testing, deployment cutover task scheduling and Change Management and training, Infrastructure Team co-ordination (ensuring instances uptime and scheduling downtimes, working with the PS Admin’s & DBA’s), Agency & Vendor Preparedness (FTPS, VPN, Interfaces) and Interacting with Agencies & Vendors contacts to resolve issues. On the Technical side, Involved with the review of deliverables from Accenture, Technical Detailed Design, Interface Architecture finalization, PS Admin work, App Engines, App Messaging, Component Interfaces, SQR, Integration Broker & Security while staying client focused.

As the PS Security Lead for the implementation of Financials 8.9, eBenefits, Time & Labor and updates to EPM 8.8; in addition to production support for CRM, ELM and HCM 8.9 for OAKS. Provided technical direction during the course of the security design, development and implementation/updates to Financials, Human Resources, Time & Labor and EPM applications.

Analyzed the client’s requirements based upon current business practices.

Ensured Security processes were in Compliance with SAS70 (now SSAE 16) requirements.

Apr ’06 – Oct ’06 - State of New Mexico, Santa Fe PS Technical Lead

The SHARE project was a big bang implementation of HCM 8.9(HR, Ben, NA Payroll), FMS 8.8(AP, AR, BI, GL) and EPM 8.8. Was the EPM Technical lead for the implementation of Financials 8.9, EPM 8.8 and HCM 8.9 of the State of New Mexico - SHARE implementation team. Provided technical direction during the security design, development and implementation of Financials, Human Resources, Time & Labor and EPM applications. This implementation was for the first two Agencies within SHARE project. Peopletools version 8.46 with Oracle 10g as DB on IBM AIX. Used Cognos 8 (Framework Manager for data modelling, Cognos Analysis Studio and Report Studio for more complex reports)

Analyzed the client’s requirements based upon current business practices. Designed, built, tested and implemented Financials, HCM and EPM security for two of forty plus agencies.

Built a security matrix containing the mapping for newly implemented security and for quick reference of security set up post go live.

Provided a thorough transfer of knowledge for the new security application to the SHARE employee

Jan’05 – Apr ‘06, Wendy’s International, Dublin, OH HCM Integration Functional Lead

Assisted the client with a crucial part of their Store Automation initiative. Integrated the custom front end to the backend ERP – Peoplesoft HRMS 8.3 with WebMethods 6.1 as the integration layer. Used WebMethods 6.1 (Developer, Integration Server & Broker)) as the EAI (Enterprise Application Integration layer) and PS Component Interfaces (CI) for the backend integration. Backend was Peoplesoft HRMS 8.3 with DB2 7.1.1 on OS/390. Completed some other development requests during downtime which involved running the SQR with JCL on the OS/390. Wrote a custom leave accrual process. Ensured that Proper documentation and Knowledge transfer done. Assisted the client with Peoplesoft customizations and Interfaces for Benefits & Time & Labor modules.

Aug ’04 – Dec ‘04, MassBay Community College, Boston, MA FIN Techno-Functional Analyst

Project was a cleanup from an upgrade effort for Peoplesoft Fin from 7.51 to 8.4SP1 & from SA 7.6 to 8 SP1. The modules used were Fin 8.4 (PO, AP, GL,KK, AR, BI) and SA 8SP1 (Stud Fin, Advising, Financial Aid, Records & Admissions). Evaluated the current setup, infrastructure and suggest solutions to resolve the unstable environment. Issues resolved were – provide a stable environment. Documentaed and put processes in place, evaluated security, locked the back doors and encouraged complying with business processes. Have a formal bundle & patch application process to comply with Peoplesoft’s recommended approach. Among the customizations done, added an interface for the College to be able to participate in the Degree Verify program with National Student Clearinghouse. DB used SQL Server 2000.

Jan ’04 – Jul ’04, State of North Dakota FIN Techno-Functional Analyst

ConnectND is the ambitious initiative of the State of North Dakota to bring the State and Universities under one system - Peoplesoft. The systems being implemented are HRMS 8.3, Financials 8.4, Student Admin 8 SP1 and EPM 8.8 and Enterprise Portal 8.8 on SQL Server 2000 in a clustered environment. Engaged as a Functional Analyst, to assist with the Grants, Projects, Contract, Accounts Receivable, Billing & General Ledger modules in customizing the Peoplesoft systems. Resolved issues related to Security Administration, Application Migrations, DB tuning, Integration tools (Component Interfaces, App Engine & App Messaging), Data mover scripts among various others. Worked in eProcurement as the need arose to assist in Integration & Data Conversion issues with Component Interfaces, Application Engine among others. Re-did the Effort Reporting module to meet the Federal reporting mandates. Data was fed into HRMS from Fin for reports generation. Used STAT 5.01 for migrations.

Aug ’03 – Jan ’04, OSU, Columbus, OH FIN Techno-Functional Analyst

Ohio State upgraded Peosplesoft Financials from 7.02 to 8.4. Assisted the client in the AP, PO, IN, AM and Grants modules with the customizations to fit the Financials 8.4 system using Tools 8.43. Customized the Grants module to better fit the clients identified gaps. Designed and developed customized work units in SQR, Crystal, PeopleCode (using App Designer) and App Engine. Database used is Oracle 9i.

Jan ‘01 – Aug ‘03, Greif Inc. – Employee PS Admin, Security Administrator & Tech Lead

Implemented HR, Ben, Payroll, ePay, eRecruit, eProfile and eBenefits - Peoplesoft 8.8 with Tools 8.42. Lead for the project and responsible for development, conversion and security setup. Setup the Security - User Profiles, Roles, customized Permission Lists and redid HR Portal setup. Interfaced the Time Collection devices interface of Time and Labor module in concert with HR & North American Payroll. Developed interfaces in SQR & Application Engine for Benefits provider, GL Interface and the Merit upload among others. Helped setup processes via Autosys for alert notification via pager, event dependencies between processes.

Worked in PeopleSoft HRMS 7.51 and People Tools 7.58. The Oracle 8.1.6 database ran on HP/UX servers. Used Citrix/Metaframe for Thin Client processing.

Assisted the Team in business process design and improvement.

Tracked & applied Tools and Fixes / PS Patches / Tax Updates. Upgraded PS Tools from 7.53 to 7.58. Performed Application Server Administration and extensive Database tuning

Lead the Data Conversion from Legacy systems to PeopleSoft using Convoy/DM 3.5 and SQR. Setup the jobs to run on the server and the user could do the future cleaning of the data via Interfaces.

Lead the End User Report deployment initiative in SQR & Crystal for HRMS and Benefits module.

Rolled out Reports & Query to the end users in a phased manner with different Security setup.

Setup and maintained the Security for the users of the system via Security Administrator.

Assisted in setting up Cognos/Powerplay to be used for the Workforce Analytics. Created multiple cubes using Cognos Powerplay.

Mastech Corporation, Senior Consultant

Sep ‘00 – Dec ‘00, Internal Project, Pittsburgh, PA FIN Sr. Peoplesoft Consultant

Assisted iGate Mastech in their eProcurement implementation after they went live on Financials 8 (AP, PO, AM. GL). The eProcurement project centralized the indirect spending companywide resulting in substantial savings. Helped in the customization of various requisition templates, procurement of goods and services via catalog ordering, P-Card. Involved extensive end-user interaction. Customized SQR, Peoplecode, Application Engine in Peopletools 8.1 with Oracle as the DB.

Dec ’99 – Sep ‘00, University of Pittsburgh, Pittsburgh, PA Sr. Peoplesoft Consultant

At the University of Pittsburgh helped the client to manage complete student services and business operations with PS Student Admin 7.5. Customized the delivered SQR’s, developed interfaces and reports in Crystal and SQR in PS 7.56 . Supported student life cycle including Recruitment, Admissions, Financial Aid, Program of Study, Progress and Student Records like graduation & fund raising(Financial Grants). Built some queries to report on the Commitment Control built in to the PS General Ledger used there.

Sep ’98 – Nov ’99 Borden Foods Corporation Sr. Peoplesoft Consultant

Consultant to Borden Foods Corporation and Deloitte & Touche Consulting (Columbus, OH). Worked in PeopleSoft 7.51. The back end consisted of DEC Alpha servers with Oracle 8.05 as the database.

Designed and developed inbound/outbound EDI Interfaces to the existing PS processes in AR and GL. Ensuring that they confirmed to EDIFACT standards. Worked with various commercial credit rating agencies and banks. Designed the Payroll & GL interfaces for the US & Canadian employees. Used Convoy, a data mapping and conversion utility.

Designed and developed End User Reports and interfaces for Inventory, Billing, Order Mgmt & Manufacturing module.

Converted data from Legacy systems to PeopleSoft using the Convoy rel. 2.2.0.18.

Developed Technical Standards and Migration Processes to migrate projects between various instances.

Jul ’97 – Sep ’98 American Electric Power Peoplesoft Consultant

As a consultant to American Electric Power Company (Columbus, OH) worked on PeopleSoft 7.01 and enhanced the General Ledger and Projects module.

Lead the team in the design & development of Feeder System to generate various journal entries for GL module. Designed and developed End User Reports in SQR & nVision.

Worked as an Application Migration Co-Coordinator bridging the gap between the Functional and Technical teams. Lead the efforts in the development/customization phase. Upgraded the developed work units to various instances.

For the GL team setup some of the Autosys tasks to test dependencies, fail email notifications

Set up the development standards and outlined the process for Migrating to various instances.

Mar ’97 – Jun ’97 J P Morgan, NY Peoplesoft Consultant

As a Consultant to J P Morgan, (Manhattan, NY) and Anderson Consulting (now Accenture) enhanced the GL module of PeopleSoft Financials 6.0. Reviewed and redesigned the Requirement Specifications documents for the following General Ledger Enhancement Issues:

Local/Corporate Accounts, Daily Net Income close, Revaluation to Another Accounts, Separate Dr/Cr Indicator on Journal Entry Screen

Jan ‘97 – Feb ’97 Mastech Corporation Peoplesoft Consultant

Trained in People Tools by Peoplesoft after Mastech became implementation partner.

Performed Fit/Gap Analysis of Purchasing module in Peoplesoft 6.0 at Ohio State University (Columbus,OH) according to the process flow in the desired Purchasing System.

Applied the PS bug fixes and patches using Data Mover and Application Upgrader. Re-tested the flow of the purchasing system and trained the IT personnel to perform their own upgrades.

Jul ‘95 – Jan ’97 Enron Programmer/Analyst

Programmer/Analyst for Enron Corporation Maintained, enhanced and re-engineered third party Invoicing Systems for new markets where the natural gas market were deregulated. Development done in UNIX based UNIFY 4.0 RDBMS with ACCELL 4GL, SQL, RPT, and Shell programming. Upgraded the server and ported the application from Unify to Oracle.

Jul ‘94 – Jul ’95 Sprint North Supply Programmer/Analyst

Worked on the NorthStar 2000 Project for Sprint North Supply (Kansas City, KS). Re-engineered applications from Unisys MAPPER to a client/server application with Informix On-Line 6.0 as the back-end database and Informix 4GL as the application development front-end.

Wrote the specifications for the Order Processing and Purchasing module

Converted the data from Unisys platform to Informix format

Developed the module for Focus Forecasting to be used for the Purchasing module. Wrote some of the programs as stored procedures and triggers.

Jan ‘94 – Jun ’94 TRIAD Systems Corporation Programmer / Analyst

Consultant to TRIAD Systems Corporation (Livermore, CA) in the development of the reporting sub-modules for Purchasing and Invoicing Modules for PRISM-B product that is used by Automotive Spare Parts Dealers. Developed in ACCELL 4GL for the Unify 2000 database in SCO Unix. Structured re-usable code was written to enhance the development process and ease maintenance

Jun ‘93 – Dec ’93 Unify Corporation Programmer/ Analyst

Worked as a Consulting Customer Support Engineer to Unify Corporation, (Sacramento, CA).

Answered customer queries regarding installation, development, tuning of production system.

Simulated client's problems locally or dialed-in to ascertain bugs or fixed them.

Statistically analyzed problems encountered by the clients worldwide. Streamlined the existing procedures and norms for resolving the problems encountered. Developed tools and/or applications in a team to resolve client issues better and faster.

Environment consisted of Sun, Sequent, HP, IBM, ICL, DEC, ACCELL 4GL, ACCELL-SQL, UNIFY 2000, SYBASE, ORACLE, INFORMIX.

Mar ’90 – May ’93 ITC Limited Calcutta, India Systems Analyst

Provided technical support in the marketing of two in-house OLTP systems – FDIS and SHARP as commercial products in the Indian market.

Developed, tested and implemented Bonus module of Share Accounting and Registration Processing (SHARP) System. It automates activities relating to share registration maintaining tight security for access and retrieval. Outlined the guidelines and standards for technical documentation across the organization. Developed using ACCELL-SQL and EMBEDDED SQL as a front-end tool on UNIFY 2000 RDBMS on the AT&T UNIX platform. Ported on IBM's RS-6000 (AIX).

Assistant Systems Analyst

Designed & developed Fixed Deposit Information System (FDIS) using Turbo Analyst CASE tool. It automates all activities related to cumulative and non-cumulative deposits for leasing financial services companies. Implemented and maintained the system at the client's site, successfully.



Contact this candidate