Sap Security
Resume:
Narciso B. Cruz Jr
Brgy. Daang Bakal, Mandaluyong City, Philippines
Cell: +639********* • Email: adby6z@r.postjobfree.com
Linkedin: linkedin.com/in/narciso-cruz-jr-504917a1/
Skype Name: narcisocruzjr
Summary of Qualifications
10 Year Experience in IT Industry, Mainly in SAP Security Administration, SOD, Audit and GRC
In-depth Knowledge & Experience in SAP Security User & Role Administration (Create/Modify/Delete/Investigate)
In-depth Knowledge in SAP ECC R/3, BO/BOBJ/BI/BW, HANA, HR/HCM, APO, SOLMAN, CRM, Fiori, & Netweaver/Portal Security (EP/PI & PLM)
Strong understanding of Segregation of Duties framework & Working knowledge on sensitive transactions
Experience in Technical Cutovers, Upgrades/Enhancements for Security requirements such as SU24/SU25
Knowledge in SAP Scripts (eCATT) & Script Recording and Playback
Experience in SAP Change Management & Transports (STMS, Realtech TM, Transport Express)
Experience in 4 full life cycle implementations of GRC Access Control 10/10.1 Suite (ARA, EAM, ARM/ARQ & BRM)
Experience in support based projects (AMS) & project implementations
Experience in SAP Audits & Compliance Requirements (CARM, GDPR, SOX)
Experience in project planning & management tracking (Budgets, Management Reports)
Lead & Managed SAP Security Delivery Team on a global scale
Trained SAP Professionals for SAP Basis-Security Tasks
Defined & developed Security control strategies & solutions
Experience in full-scale / end to end implementations (from blueprints, budgeting, go-live to maintenance support)
Professional Experience
SAP Security & GRC Lead Oct 2017 – PRESENT
PCM BPO LLC (Direct Marketing Company) Metro Manila, Philippines (SAP Security, SAP GRC, SAP R/3, Servicenow)
Responsibilities
Responsible for the development & management of user access rights in SAP
Provide thorough Segregation of Duty Analysis for any new user or role amendment request
Evaluate & resolve the SAP security issues within the company by following the standardized procedures
Perform system audits to detect deviations of established procedures, role mapping & unauthorized system activity
Supervise Security monitoring activities including but not limited to Terminations, Inactive user cleanup & SOD Checks
Work with Audit team to provide any reports for Quarterly/Year-end audits
Support end-users with troubleshooting & configurations when required
Introduce & Document new SAP Security Control Strategies & Solution
Perform Exposure Analysis on Active / Accepted risks
Achievements
Designed SAP User Profiles, Roles, Groups & Organizations from Scratch
Established SAP Security Controls, Standards, Policies and Processes
Implemented SAP GRC 10.1 (ARA and EAM)
Involved in creating a custom SAP GRC 10.1 Ruleset
Setup of Catalogs, Groups, Roles in SAP Fiori
Involved in End-User Trainings & Migration from a non-SAP Software
Technology Consultant III - SAP Security & GRC Consultant Jun 2015 –Nov 2017
HP/HPE/DXC Technology (IT Service Provider) Metro Manila, Philippines (SAP Security, SAP GRC, SAP R/3, SAP BW/BI, SAP Netweaver, SAP APO, SAP HR, SAP Solman, Remedy, Irequest)
Responsibilities
[Client #1 : American multinational confectionery, food, & beverage]
Support Irequest application for automated user administration for SAP Accesses (ABAP & Portal Accounts)
Perform Adhoc investigations & Audit reports.
Perform L1 – L3 support for SAP Application Security
Perform SAP role design & modifications for SAP Modules such as (ECC, BW, HR, Solman and Netweaver)
Perform SAP User and Role design on SAP Hana Studio
Involved in technical cutovers for prior & post checks for SAP Security (SU24/SU25, User Locking, Job monitoring)
Perform Risk analysis & report SOD risks to Business Process Owners
Perform GRC Synchronizations for up to date risk analysis
Update Firefighters & GRC Ruleset if a required
Participate in GRC 10.1 upgrade from GRC 5.3
[Client #2 : Largest conglomerates in the country]
Participate in Blueprint, Budgeting, Resource & Timeline creation for GRC Implementation
Implement SAP GRC Access control 10.1 (ARA, EAM, ARM & BRM)
Document GRC Configuration system requirement & perform GRC post-implementation steps
Download & upload ruleset & mitigate to production, review access risk & suggest remediation
Provide consulting on SAP GRC AC design with best-practice implementation
Drive audit queries on user access management via GRC & support auditor’s access in the production environment
Achievements
Received Awards for Excellence and Quality of Work
Involved in 2 GRC 10.1 Implementation Projects
Involved in SAP Security role remediation’s in line with the GRC implementation projects
Recognized as SME for BW/BI Analysis Authorization Issues for the team
Presented Company’s GRC & SAP Security Service to potential clients
Software Engineering Team Lead - SAP Security & GRC Lead Jan 2014 – May 2015
Accenture (IT Service Provider) Taguig, Philippines (SAP Security, SAP GRC, SAP R/3, SAP BW/BI, SAP Netweaver, SAP APO, SAP HR, SAP Solman, Remedy, Servicenow)
Responsibilities
[Client #1: British multinational alcoholic beverages]
Manage a team of technical hands-on Security consultants that build & run SAP Security solutions
Design & implement IT & SAP Security roadmaps for clients, including how to handle Security risks
Work with SAP to understand latest technical solutions & deploy fit for purpose solutions that are scalable & meet performance requirements.
Responsible for maintaining general documents & descriptions
Defines processes & templates, KPIs in cooperation with Management
Identifies relevant standards & regulations for IT
SME level knowledge in GRC AC modules EAM, ARA, & User Access Review flows
SME level knowledge on all SAP Security Modules/Landscapes such as (ECC/R3, BI/BW, HR/HCM, APO, CRM, PLM and Portal/Netweaver)
Prepare the team on prior and post SAP Security Tasks for Technical Cutovers and Upgrades.
Ensures Continuous Improvement, documents lessons learned, takes corrective & preventive action
Leads & supports Security Projects
Provides Security reporting
Ensures appropriate documentation Reports
Manage to agreed budgets, driving value out of software & services contracts
Deliver to agreed scope. Ensure scope is controlled through effective Programme governance. Partners with Solution Architects to promote standard, out of box solutions to be adopted.
[Client#2: Major Brewery in South Africa]
Assist in configuring SAP GRC Access control 10.0 (Access Risk Analysis & Emergency Access Management)
Document GRC Configuration system requirement & perform GRC post-implementation steps
Assess workload of SAP Security & GRC Tasks for transfer of support from different 3rd party support
Achievements:
Was sent to South Africa for a GRC 10 Implementation Project
Promoted 3 times in a span of 3.5 years (from lvl 12 Associate Software Engineer to lvl 9 Team Lead)
Worked with developers to automate repetitive tasks
Lowered Team’s Workloads from 16 FTE down to 11
Senior Software Engineer – SAP Security & GRC Analyst May 2010 – Dec 2013
Accenture (IT Service Provider) Taguig, Philippines (SAP Security, SAP GRC, SAP R/3, SAP BW/BI, SAP Netweaver, SAP APO, SAP HR, SAP Solman, Remedy, Servicenow)
Responsibilities
[Client: British multinational alcoholic beverages]
Provide User Administration & Access Support in the Global SAP Instance
Perform L1 – L3 support for SAP Application Security
Responsible for Technical Design, Development, Testing, Implementation & Support of SAP Security Roles, across all SAP landscapes (ECC/R3, BI/BW, HR/HCM, APO, CRM, PLM and Portal/Netweaver)
Responsible for SAP Transports using Transport Manager by Realtech & Transport Express by Basis Technologies
Deliver SOX/CARM User Reports & perform Ad hoc investigations
Perform regular system audits to detect deviations of established procedures, role mapping, unauthorized system activity, & report findings
Perform prior and post technical SAP security tasks for technical cutovers and upgrades.
Execute quality initiatives & tasks such as metrics collection & reporting
Supervise & coach less experienced team members
Achievements:
Lead Coordinator for Technical Cutovers and Enhancement Pack Upgrades for the whole Project
Created SAP Security documents for faster Roll-In/Roll-off Process for the whole Project
Project’s ISMS Coordinator for Company Certification
Trained Resources for SAP Basis-Security related Tasks
Project’s Asset and Technical Coordinator
Reviewed Projects ISP Contracts, Software Contracts and Various non-SAP License and Agreements that lead to project saving a huge budget allocation
Associate Software Engineer - SAP Authorizations Analyst Feb 2010 – Apr 2010
Accenture (IT Service Provider) Taguig, Philippines (SAP Security, SAP R/3, SAP HR, Remedy)
[Client: American multinational medical devices, pharmaceutical & consumer packaged goods manufacturing company]
Responsible to assign proper Security access & password to users in the SAP system
Responsible for the development & management of SAP user access
Evaluate & resolve the SAP Security issues within SAP by following the standardized procedures & processes
Build SAP Security roles & authorization
Ensure the compliance with the Security policies, processes & procedures pertaining to the SAP application
Achievements:
Learned Basic Principles of SAP Security
Learned Standard Operating Procedures for SAP User Creation and Role Management
Education
Bachelor of Science in Electronics & Communications Engineering 2004 - 2009
Polytechnic University of the Philippines
Character References
Full Name Position Company Contact Number
1. Rory Zaks Country Manager PCM BPO LLC +639*********
2. Jessica Ong Project Manager PCM BPO LLC +639*********
3. John Hofileña Project Manager DXC Technology +639*********
4. Carl Napo Supervisor DXC Technology +639*********
5. Ruby Deyto Project Manager Accenture +639*********
6. Alfred Manaog Supervisor Accenture +639*********
Contact this candidate