Matthew Rosales

B.Comm

** ******* ******, ******, **, N1E 0G8

Cell: 647-***-****

ad0ifx@r.postjobfree.com

Profile Matthew brings over 8 years of SAP authorization knowledge and experience to give clients the best solutions in the SAP security space. Building on his experience of completing multiple SAP security projects and implementations at large scale clients,Matthew has gained a strong ability to deliver in a timely and thorough manner, providing great value for the client,while also building strong relationships across organizational units.

Skills ● SAP Security (ECC 6.0 and S/4 HANA)

● SAP CPGRC/SAP GRC Access Control

● Microsoft Excel/Word

Working Experience ● 2015 – Current: Cuberoot Systems Architects Ltd. – Senior SAP Authorization Consultant

● Functioned as a Senior SAP Security Analyst and advisor to the Global Information Security team Senior Manager for one of the largest private multinational consumer goods companies in the United States.

● At the consumer goods client, Matthew worked on a client-wide SAP Role Redesign project with an end user base of ~11,000 users, tasked with completing the redesign, build, test and implementation of the SAP Security Roles in production environments. The project team strived to provide least privilege access to end users, while increasing operational efficiency via role design and naming convention. He worked across the ECC, PLM, BI, S/4, CRM, SCM, Solution Manager and SRM environments, and worked with end users across the NOA, LATAM, EMEA and APAC regions across all SAP modules.

● The majority of the Role Redesign were for SAP ECC 6.0 environments. The goals of the project were to gather any additional security requirements the business users had that could be maintained into the security roles, reduce any additional authorizations that the business users did not need, reduce redundancies in the composite roles available to end users, and to introduce a new naming convention for the security roles that would increase efficiencies for the SAP Security Operations team when creating new roles, maintaining existing roles, and administering roles to end users.

● In this large-scale Role Redesign project, Matthew worked as an SAP Security Analyst, working closely with business SMEs and business users to gather security requirements, design and develop the relative security roles across the multiple SAP environments, create test cases for User Acceptance Testing, and reporting to the SAP Security Team Lead of this project. Due to the worldwide scope of this project, Matthew worked with business users from across all continents, and would adjust his work schedule to accommodate the different time zones of all the business users.

Working Experience

● Matthew worked on 3 SAP S/4HANA Enhancements in the last 3 years. On the last project he worked on at the consumer goods client, he was the SAP Security Lead with 3 SAP security analysts reporting to him. The goal of this project was to migrate EMEA and NOA FICO users (predominantly AR, AP and Treasury end users) from the ECC 6.0 system to the S/4HANA system. He was involved from the project preparation phase, helping identify the scope of users involved in the migration, discovering and meeting the functional team SMEs, along with giving high level estimates of the bandwidth needed to gather security requirements, design and develop the single and composite security roles, adequately test the new security roles with the business and give an estimate of when we could transport the tested roles into production to Go Live with the business user’s SAP security access.

● From a technical standpoint, he was involved in the design, development, and testing of the single and composite security roles. This workload was divided amongst the team of 4 SAP Security analysts, where they would work directly with the SMEs and business users to fulfil the security requirements. Matthew used his troubleshooting expertise and excellent communication skills to help the business users complete the user acceptance testing quickly and concisely, helping ensure a smooth process for all involved.

● Once all security requirements were developed, adequately tested and signed off by the business, Matthew would present the security roles in scope at the Change Advisory Board, who would give the final approval needed to move these changes into production. Once in production, Matthew and his team administered the relative security roles to the end users, and would provide Hypercare support for 4 weeks for the affected users.

● Matthew worked on a project with the Global Internal Audit team and multiple business units at the consumer goods client to ensure the business end users complied with all identified segregation of duties risks. This work involved working closely with the business stakeholders to scope out all SAP security changes(at the user, role and authorization level) needed to remediate any potential SOD risk violations, without disrupting any of the business user’s SAP operations.

● Matthew worked as an SAP Security Analyst on this project, actioning the necessary items to ensure the business users maintained the correct authorizations needed for their operations, while adhering to the upcoming changes to the SOD rulebook GoLive. Matthew would spend a lot of time working one on one with the business SMEs, identifying scenarios where access could be removed from users to resolve SOD violations, or scenarios where new roles would have to be implemented to separate the transactions/authorizations causing SOD violations. Once these scenarios were identified and the business gave their approval of access removal/creating new roles, Matthew would design and develop the needed authorization, and hand off Test IDs to the business users for UAT.

● At the consumer goods company, Matthew completed an implementation of a new SAP Access Request Manager using Bizagi Studio. He was responsible for populating the backend database of the application,drafting the process document on maintaining the backend database,overseeing the test cases with multiple business end users across several organizational units,and providing application technical support through the phased end user Go Lives. Working Experience

● Maintained multiple facets of SAP CPGRC/SAP GRC Access Control,including Emergency Access Management,Segregation of Duties Management,and Business Role Management.

● Helped support the SAP Authorization Operations team at the consumer goods client with SAP Security incidents and service requests. Advised Operations team on efficiencies that could be improved upon to create value within the team.

Education &

Certification

● B.Comm – Bachelor of Commerce – University of Guelph 2011

● SAP Certified – Security and Authorizations

References Available Upon Request

Contact this candidate