KHAJA.M. NAYABMOHAMMED

469-***-**** ad1ml9@r.postjobfree.com

SUMMARY

•ITIL® and COBIT® certified, SAP Security Administrator with 16+ years of leading experience in designing, implementing, and maintaining compliance methodologies like GxP, FDA, and SOX in varied industries viz- a-viz Manufacturing, Pharmaceuticals, Construction, Chemicals, Financial, Research Education, Utilities, Oil/Gas, F&B, Retail, Publishing, and Industrial sciences.

•Involvement in requirement gathering, design of roles and creating / maintaining single, composite, master and derived roles to ensure that security roles, Authorizations concepts, activity levels are meet with Client requirements.

•Experience on ticketing tools to resolve authorization issues across SAP modules and landscapes.

•Adhere the process of transporting roles from Development to Quality and after testing same would be moved to production.

•Uploading of roles into GRC with new owners post role design.

•Extensively worked on Authorization objects, fields, authorizations, authorization Profiles.

•Experienced in using SU24 for maintenance of authorization objects and keys.

•Responsible for Role design methodology including naming convention for roles.

•Responsible for requests related to security administration like role creation, transport of role, user and authorization related issues.

•Experience on several change requests and SU53 errors.

•Communicating with client for analyzing user issues or security compliance/SOX issues and providing a solution.

•Preliminary knowledge in SAP Fiori (Catalogs, Groups, Tiles and Pages).

SAP Security & GRC Expertise:

•Experience on SAP Security profile generator (PFCG) in creating roles, profiles, composite roles, composite profiles, derived roles, and global roles.

•Creating new roles as well as deriving and extending existing roles.

•Providing support to the security team members, wherever required.

•Responsible of requests related to security administration like role creation, transport of role, user and authorization related issues.

•Worked on several change requests and SU53 error.

•Responsible for complete lifecycle, from designing, unit testing, integration testing, user mapping, go-live and postproduction support.

•Role Maintenance, User Administration and Security Monitoring & Reporting.

•User Trace using ST01 and analysis and find out missing Authorizations using SU53 report from the user.

•Updating transactions via SU24 (managing authorization objects).

•Designing and building roles, managing mass transport with PFCG and STMS, SE01, SE09 and SE10.

•Creation of monthly audit reporter (SUIM).

•Troubleshooting (SU53 and ST01).

•Developed Custom Authorization Objects for queries developed by the users.

•Experienced in using SU24 for maintenance of authorization objects and keys in transaction base

•Worked with SAP on GRC Integrations in SPOC capacity.

WORK EXPERIENCE

Role: Sr SAP Security & GRC Consultant Jun’2021-Sep’2023

Client: Penguinrandomhouse

Responsibilities:

•Primary resource to troubleshoot authorization issues and resolve incidents and Service Requests

•Handling Service Now tickets that includes new user creations, emergency access, leavers, and access assignments post approvals

•Generation of SM20 logs post Firefighter sessions and get approvals for audit ready.

•Handling SAP BTP security by creating users and roles assignment for P2P functionality.

•EHP8 upgrade activities - Support and hyper care

•Analyzing licenses and advised on the implementation of SAP GRC with EAM module, reducing the flow of manual tasks in support.

Role: Sr SAP Security & GRC Consultant Jun’2021-Sep’2023

Client: Pall Inc.

Responsibilities:

•Supporting the business needs and issue resolution using Cherwell ticketing system

•Part of the testing team for reviewing and validating the new GRC 12 0 functionalities for implementation group

•Managing small projects for designing new security roles and authorizations for business/functional users

•Liaison with the service desk for quicker and better resolutions within the SLA’s

•One of the primary resources to implement the modern design in the role’s structures

•Responsible for all SAP Security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all Production, Test, Development Systems of all SAP landscapes.

•Analyzed the effects of system upgrades on the Security Access.

•Led Role Redesign Project to reduce number of Composite roles assigned to users to one composite and redesigned single role’s in composites to eliminate redundant authorizations assignments.

•Worked with the business in creating new roles – single roles and composite roles per requirements

Role: Sr SAP Security/Fiori Consultant Jun’ 2020 - Feb’ 2022

Client: Flexsteel Inc

Responsibilities:

•Involved closely with internal teams to help streamline all security-related changes.

•Focused approach to translate functional requirements into technical designs for security roles.

•Actively participated in project cut over and other roll outs as desired by project timelines.

•Managed the security/authorizations for new SAP HEC 1809 cut over activities.

•Validation of user master record migration from SAP HEC 1610 to SAP HEC 1809

•Providing FF access to functional team for master data validation checks in SAP HEC 1809

•Security background jobs activation

•OSS Message activities

Role: Sr SAP Security/Fiori Consultant April 2019 - June 2021

Client: TASNEE

Responsibilities :

•Coordination with various SAP developers, report writers and system analysts to assist in a variety of projects and widespread support security tasks.

•Planning and execution of business engagements focusing on SAP GRC 10 0, SAP security, and audits of SAP environments

•Evaluate the design and effectiveness of SAP controls throughout the business cycle.

•Work with business to identify opportunities for improvement in the areas of SAP GRC 10 0, SAP security, and SAP controls.

•Supervise Associates on engagements and train team members to grow the SAP knowledge base of the team on SAP audit, SAP security design/re-design

•Implementation of SAP Fiori security roles and authorizations

Role: Sr SAP Security (Fiori, Ariba) Administrator Nov 2019 - May 2020

Client : McCormick Inc

Responsibilities:

•Responsible for the e client project flow from the recording of requirements and feasibility analysis to implementation and specialist support

•Tailored to the requirements of business, supported the development of new, innovative and S / 4 HANA-based solutions.

•Managed and maintain users and authorizations in SAP ERP, SAP S / 4 HANA including FIORI apps

•Determined the requirements about the optimization or introduction of functions in SAP authorizations and user administration.

•Managed and developed the authorization concept in SAP ERP, SAP S / 4 HANA including FIORI apps and SAP Ariba system.

•supported the worldwide S / 4 HANA transition by actively shaping future solutions in SAP authorizations

•Designed SAP Ariba security, for the back end Ariba roles along with Ariba groups with their relevant permission.

Role : Sr SAP Security/Authorizations Administrator

Client: Cristal/Tronox November 2016 - March 2019

Responsibilities:

•Responsible for configuration, defining business processes securely, user support, production issues, system testing, training, and documentation across the entire suite of SAP Systems

•Commitment to upholding corporate security guidelines including Segregation of Duties (SoD)

•Design and assess SAP Access Control, including user provisioning, segregation of duty management, emergency access, and role management.

•Collaborate with team members on authoring processes, standards, and policies related to the implementation and use of SAP.

•Part of the integration consulting team, to help synchronize the 2 landscapes, in M&A setup.

•Firsthand with 2 ticketing tools simultaneously supporting both the users in a global setup.

•Managed multiple roll outs for newer locations in Europe and Australia in M&A setup.

•Recommended to decommission the ticketing tools by leveraging the existing solution manager for support desk functionalities.

•Implemented security for MDG, Ariba, FI-CA collection management, VAT, Barcode scanner, PM Data Assessment, EHSM

Role : SAP Security/Authorizations Auditor

Client : PwC Middle East January 2016 - April 2016

Responsibilities:

•Part of PwC IT Advisory service related to SAP, including but not limited to SAP Authorization review and configuration, business process reviews and improvement to align with SAP function.

•Achieved the audit readiness using ACE* tool and facilitated the Privileged Access Review, Segregation of Duties Review, and Configuration Review analysis in SAP

•Ensure that procedures are defined and executed according to Information Security process and policy requirements.

•Respond to incidents and problems related to Request and Access Management

•Provide adequate training for the SAP / ERP service desk and SAP / ERP support, ensuring staff have access to the appropriate tools to enable them to perform the required tasks.

•Ensure timely and accurate client communications during an incident relating to access management.

•Owns and manages the SAP / ERP service request catalogue.

Role: Senior SAP Security/Authorizations Administrator

Client:KAUST (King Abdullah University of Science and Technology) June 2012 - July 2015

Responsibilities:

•Provided a single point of contact and end-to end responsibility to ensure submitted service and access requests have been processed.

•Aided with initial triage of service and access requests to determine which IT resources should be engaged for fulfillment and provisioning.

•Communicating service requests to other IT resources that will be involved in fulfilling them.

•Escalating service requests in line with established service level targets, ensuring appropriate escalation procedures are followed as required.

•Collaborated with IT teams to integrate SAP IDM with other enterprise systems, such as SAP HCM and Active Directory

•Led cross-functional teams of developers, business analysts, and project managers to deliver complex IDM projects on time and within budget.

•Provisioning or revoking access to key systems or resources in alignment with request and access policies and Standard Operating Procedures (SOPs)

•Entering service request and access request details in the service management tool in a timely manner with accurate information

•Request Management: Ensured correct interfaces to incident, access, and problem management, and to change management process where a change is required to fulfill or provision a request.

•Access Management: Ensured correct inputs to incident, request, problem, change, request, demand, information security and service level management processes.

•Maintained governance around request and access management, for example, ensure requests are opened, escalated, updated, and closed accordingly.

•Established regular communication with IT management and the business regarding the status of service request and access request tickets and adherence to the corresponding processes.

Role : SAP Security Team Lead

Client : AIG Inc. June 2011 - June 2012

Responsibilities:

•Primary resource to collect complete business and functional requirements from SME’s

•Leading the work on tickets to meet SLAs for SAP Landscape (R/3, BW, and BPC) by provisioning/de- provisioning user access and authorizations.

•Supported Site sustainment and business teams to provision users with appropriate SAP Security and Authorizations roles across ECC, portal, BW and BPC

•Managed AMG CUA landscape to troubleshoot errors and fix Idoc issues using SCUL SCUA and SCUM

•Collaborated with onsite team to provision, development, and QA test users by working on functional and role modification, Job Role provisioning Data Level Roles and workflow processes.

•Leading the Security and Authorizations tasks required for completing refresh and restore activities when production systems are copied to test systems

•Provided Security and Authorizations support for landscape refresh and restore using SE16, SCUA, SU01, PFCG, SM30, SM37, WE20, BD64 and custom programs.

•Analyzed the BI authorization objects mapped to data level roles.

•Monitoring the creation and assignment of user master records in non-production environments

•Involving the team in Audit Process & follow-up on Audit requests every quarter

•Quarterly application checks to ensure compliance with audit and corporate guidelines.

•Work with internal audit and Compliance Manager to evaluate Segregation of Duties conflicts and consult with business units in reducing the SOD conflicts.

•Participate in SAP audit discussions, questions and help resolve the SOD issues Contribute to developing remediation strategies to SAP security-related audit exceptions or SOD issues.

•Contribute to Segregation of Duties risk violation remediation effort with Compliance manager, internal audit, business process owners, et al

Role: SAP Security Analyst

Client: W R Grace Inc.June 2009 - June 2011

Responsibilities:

•Managed multiple SAP systems in a complex global environment to maintain consistency.

•Most of the maintenance of the systems was during the month end process.

•Managed the user access problems in GRC Access Enforcer by processing them in an automatic workflow process.

•Uploaded roles and profiles in the GRC Access Enforcer system and segregated them into critical and non-critical profiles based on the business requirement and frequency of the use.

•Worked on GTS systems and created multiple users and roles and profiles based on the foreign trade values.

•Oversaw multiple mini projects to implement a new company code or a new warehouse.

•Analyzed and worked around to understand the interaction of the SAP system with different non-SAP systems

•Worked on the Mobisys barcode scanner systems that are used on the production floor during the logistical stage in the warehouse

•Working knowledge of Information Security policies and procedures

•Strong experience in a production/operational environment

•Strong working knowledge of IT operations and support organizations

•Helped set up the barcode printers and instruments with SAP systems.

Role : Sr.SAP Security Administrator

Cephalon Inc. May 2008 - June 2009

Responsibilities:

•Worked as an SAP Security and Authorizations analyst to streamline and maintain the new SAP implementation.

•Got trained on the new ticketing tool and change management procedure.

•Helped the Security and Authorizations design to be in line with the audit recommendation and reduced the SOX dependencies and SOD conflicts.

•Ran the critical reports and critical transactions and reduced the usage by including them into Firefighter access.

•Helped maintain the user access and the roles and profiles by minimizing the maintenance activities.

•Helped design the background jobs to automatic determine the password expiration and the validity expiration of the users.

•Prepared extensive documentation to adhere FDA and SOX compliance.

Role : SAP Security Administrator

Harley-Davidson Motor Company Inc. September 2007 - March 2008

Responsibilities :

•Helped to increase the speed in which comprehensive SAP solutions are delivered for a holistic User Experience solution.

•Worked on integrating SAP role design by integrating SAP with IBM Tivoli Identity Manager (ITIM)

•Set up OSS user ids and Developer keys for inexperienced users.

•Drove the overall cost down by including all elements of Security and Authorizations (SOX, Audit Compliance, Automated Provisioning, etc.) that aligns with the overall strategic direction of Corporate Information Security and Authorizations

•Maintain and Expand the SAP Role Design/Administration and Access Management Security and Authorizations environment at HDI

•Part of the SAP Security and Authorizations team working on SAP licensing project and internal audit project.

CERTIFICATIONS

•COBIT®5

•APMG International • 2014

•ITIL® Foundation Certificate

•EXIN • 2014

Contact this candidate